For more than 20 years, enterprises have clung to the idea of securing operating systems, networks, storage, communication channels and all the hardware they run on.
These investments protected the computing equipment, which is now relatively cheap and easily replaced. The theory went that, by securing the equipment and entry points within the enterprise, the information residing therein was safe and secure.
Speaking at the ITWeb Security Summit, South African Breweries information security analyst Allen Baranov pointed out that today's global business enterprises demand a framework that ensures their IT systems' information security addresses the current realities of enterprise, network and information sharing and access.
“In the past, the wall was everything, but there's no insider/outsider threat difference these days. The threat is inside, even if it isn't physically inside,” he said. “Information is leaving the organisation via Trojans, on cellphones and memory sticks, and with third parties.”
He suggests that, aside from preventing outsiders from accessing sensitive data or promoting security best practices, companies should also protect individual chunks of information that move through various nodes of the enterprise.
"You need a risk-based approach that addresses data at rest and in motion. You need to know what sensitive information you have, how it is stored, and how it is used. You need to set rules for archiving and encryption, and those policies must be aligned across the business."
He said companies should make sure only information they need is on their networks. Calling for improvements in intelligent archiving and content-aware security systems that can distinguish sensitive data and apply distinct policies for its storage and protection, Baranov noted data must be self-describing and defending.
“Policies and controls must account for the business context,” he added. “Information must be protected as it moves from structured to unstructured, in and out of applications, and in the changing business context.”
The solution, Baranov feels, is for security professionals to be working towards achieving these goals by keeping in constant contact with business.
“The most dangerous place for a security professional to spend the day is behind their desk. If you do that, how will you know what's actually happening? How can you decide what's important? How do you know what needs to be done?”
Share