,Let’s talk about security. We in the IT business have always been security conscious, but never more than at this point in history. We have massive amounts of data, which is readily available to anyone with a web browser. We also have deeply confidential data online as well, such as customer data, financial data, medical record, social media, etc. We need to be able to secure this data for our customers to protect their privacy and financial security.
Typically, this is done in a number of ways, both at the perimeter (the big wall approach) and internally, with web and spam filters, and many other components that are available in between. So, how are the hackers still getting in? It’s been said if you build a 10-foot wall, someone builds an 11-foot ladder, but even still it’s hard for ne’er-do-wells to get in due to other pieces of security inside. Yet we still see breaches. Let’s look a classic historical example for one possible answer; the Great Wall of China. One of the 7 Wonders of the World, it spans over 13,000 miles. I’ve stood on this wall and let me tell you first hand; great is an understatement when referring to its sheer mass.
During a six-decade campaign to invade China, the Mongols penetrated the Great Wall and besieged the capital of Yanjing (now Beijing) in 1215. Mongols were able to regularly find ways of going around sections or through the walls—often by bribing officials and guards.
Genghis Khan was alleged to have said, ‘The strength of a wall depends on the courage of those who defend it.”
So, if Genghis Khan is correct, we need to bolster the courage (and wisdom) of those who defend it. Human weaknesses are the biggest threat whether greed, vengeance, or a simple lack of common sense. Some people actually click on those strange links from foreign princes or from theme park offering free tickets. How do you defend against this? What can be done? First, you need to educate your users to be able to identify potential scams or phishing. This is usually done by setting the policies for Internet and email use, and putting proper penalties in place for misuse. So what about those who are willfully doing harm to you from the inside? Where is your potential "Bad Actor?"
Regan has started a partnership with a company called Dark Trace. This is a small (1U) appliance that monitors network traffic and, through an algorithm, determines what is “normal” behavior for your network. Then, it constantly looks for deviation from that normal. For instance:
We also work with another security partner, Sovereign Intelligence, who helps our customer determine if they’ve already been hacked and where that data might now reside. This is a powerful one-two punch that supplements your current security measures. Building a wall to protect your data isn’t a bad idea; it’s just not enough.
~Stephen Clark, Director of Sales