Johannesburg, 11 Apr 2007
Organisations worldwide are fast realising the importance of network security considering the ever-growing number of incidences where confidential company or customer information is leaked to competitors.
According to Gartner, worldwide security software revenue will increase to about $12 billion in 2010.
J2 Software managing director John McLoughlin says it is the duty of each organisation to protect their information. "This includes company trade secrets, personal customer information, sales data and channel strategies.
"It seems that everyday we hear of one or other corporate conspiracy and there are ever-growing numbers of stories of companies losing sensitive corporate information because of their trusted users; no longer only through external criminals."
Statistics show that 70% - 80% of theft relating to sensitive data and information originates from within organisations. Moreover, it also shows that 80% of all pornography and other inappropriate material is downloaded between office hours.
Employees are now regarded as a greater danger to workplace cyber security than the gangs of hackers and virus writers launching targeted attacks from outside the firewall. This has led to company directors and CEOs being held personally responsible for losses of intellectual property and customer information. The directors of organisations have a duty to protect their information assets; a duty towards their staff, customers and shareholders.
With e-mail and instant messaging proving increasingly popular, and devices such as laptop computers, mobile phones and USB storage devices more commonplace in the office, the opportunities for workplace crime are growing. But in spite of the threat, companies still allocate more of their security budgets to external threats.
While past attacks were designed to destroy data, today's attacks are increasingly designed to silently steal data for profit without doing noticeable damage that would alert a user to its presence.
"It is clear that today there is a growing need to protect company information and to know what is really transpiring on the corporate network. It is nearly impossible to monitor all the data activity via pure human supervision. There is therefore an absolute need for automated data management solutions considering that there are such massive volumes of data now being stored and transmitted. Without the right tools, it is impossible to get an accurate overview," says Mc Loughlin.
Mc Loughlin points to the security threats that the Internet has brought about. "Intellectual property and customer information, gained through many years of hard work and normally at a huge cost, can now easily be taken out of the organisation by means of e-mail without anyone knowing that data theft has taken place."
He says the current business environment relies extensively on the storage and access of electronic information for efficiency and increased productivity. "The advantages are partially offset by the ease with which sensitive information that is stored electronically can easily be leaked and misused through either sale for profit or for competitive advantage. The advent of the Internet has made various technologies focus on the need to keep intruders out and to prevent access to sensitive information by outsiders."
In order for an organisation to retain its competitive edge and restrict the leakage of sensitive data and information, organisations need to consider implementing a state-of-the-art information leakage detection and prevention solution like SystemSkan. Information leakage detection and prevention is an umbrella term coined by IDC to encompass emerging solutions for mitigating the risks of unauthorised delivery of sensitive information.
SystemSkan has been developed to protect enterprises from "the enemy within", by allowing organisations to monitor, restrict and control the activities of individuals or groups of users, thereby enforcing company security policies across the enterprise.
SystemSkan provides the ability to view, record and restrict activities, including Internet, e-mail, instant messaging and application-specific activities. Unlike basic monitoring products that only provide a report reactively once a security breach has occurred, SystemSkan also provides proactive security features.
"This proactive functionality prevents policy breaches before they occur by continually and automatically screening all user activity, and it can be configured to prevent inappropriate activities or lock users' PCs when the company's policy has been broken," he adds.
SystemSkan provides a new and practical approach to solving this business dilemma, one which minimises the effort involved in securing and monitoring the access, usage and activity concerning the information on the network. The easily configurable and silent solution provides the organisation the ability to not only effectively enforce its security policies, but also use the logs and data collected by SystemSkan to periodically update the security policy to cater to the advances in technology.
"The SystemSkan solution also sets itself apart by offering a really simple-to-use reporting tool. This reporting tool can be used by everybody that has the rights to access it, not only the very technical IT staff at the organisation. Finally, the SystemSkan solution is primarily focused on enhanced productivity, loss containment, revenue enhancements and operational efficiencies that are in line with the objectives of all modern organisations. The solution provides many obvious benefits with easy to realise returns," he concludes.
Share