Systems Engineering practices and Improved Security Models are Imperative in Enterprises

Govind Rammurthy, MD & CEO, eScan

Microsoft’s Blog and Twitter accounts Hacked’
‘Skype’s Social Networking accounts Compromised’
‘Yahoo email account passwords stolen’

These are just a few examples from the recent past wherein Social Networking accounts of enterprises were hacked, messages were posted and sites were defaced. One can never expect how a large corporation, which has all the available resources and also the financial strength to deploy the best infrastructure and defenses, can be hacked. None the less, much beyond the expectations of everyone, these were hacked. One may wonder, when an organization has deployed the best of Firewalls, Intrusion Detection Systems and Intrusion Prevention Systems, how this could have happened? Unexpectedly, hackers deployed simple but intelligent techniques to execute these full-fledged attacks. Apparently, the hackers relied on the age old trick of spear phishing. Phishing emails were sent to selected individuals who for some reason or the other ended up sharing the account passwords with these hackers.

Network Security is not just limited to firewalls, IPS and IDS, but is very largely also dependent on the employees who manage them and those who use these resources. Even the best organizations can be brought down on its knees by an ignorant employee and the same was seen with the RSA hack, where just a handful of employees received the malicious email and just a couple of them dared to open it up, after which it was game over for all of the security deployed at RSA.
However, ignorance is not always the culprit. As seen in the recent South Korean Credit Card heist, the Credit Card details of almost 40 percent of the entire South Korean population was stolen and sold by a contractor working for Korea Credit Bureau. Over here, this was an insider threat perpetrated by an individual who had access to the stored information. Furthermore, APT-Advanced Persistent Threats are another set of attacks which rely on circumventing the security mechanisms and provide a persistent access to the hackers.

Most of the attacks mentioned over here have been carried out by organizations where Network Security has been of paramount importance, however, does this mean that just by deploying network security devices and educating the employees is more than enough? Efficient Network Security can be achieved by proactively monitoring networks, maintaining and upgrading the existing software/devices with their requisite patches and managing mobile devices and laptops. Moreover, to ensure maximum protection and safeguard crucial business data, improved security policies need to be designed and deployed; audits need to be carried out at regular intervals to ensure reliability and stability of the organizations’ IT Security.

Would it be correct to deploy security solutions and not configure them according to your business needs or compromise with the quality of solutions that are available in market? The answer is NO. Always rely on the best security solution for your business needs, consistently maintain security practices and evaluate security improvements. Present IT security scenario may be bleak as cyber-attacks have become very intelligent and sophisticated. To gain and maintain consumer confidence, Systems Engineering practices and adoption of improved security models is a must.