Home | hacker invade | crack analyzes | hacker course | Exploit | encryption decipher | network management | System crack | the virus to be related | invades the examination | firewall
You are here: hacking technology > hacker course > Content
Hot Articles
SmoothWall Introduces Lo
Travel of the JSP+Oracle
Hacker skill: Gains Webs
Breaks through the Inter
MYSQL database injection
The Tomcat backstage tak
Breaks through the Inter
The hacker teaches you a
WinHex pursues the code
How does the hacker dest
How teaches you to take
The SQL injection revise
mssql SA jurisdiction ne
Microsoft SQL Server SA
The bored Css cross stat
Recommend Articles
The SQL injection revise
How does the hacker dest
The new military recruit
Union inquires the small
MYSQL database injection
Invades under new skill
How does the website scr
Smells searches works as
How in does the net seep
Microsoft SQL Server SA
A simple invasion, does
The mainstream raises th
The bored Css cross stat
The random combined comm
The hacker teaches you a
New Articles
Check Point offers compa
The malware spreads Cali
Full Disk Encryption pro
Cardholders should take
U.S. still more spam tha
Strong encryption L?solu
ConvexSoft DJ Audio Mixe
Few companies k?can be i
IT professionals can kee
k the media?can not by s
k the media?can not by s
Google Custom Search Eng
Users of the iPhone and
Gateshead College offers
Manchester obtained pass
Why Perimeter Security Alone is not Enough
  Add date: 07/29/2009   Publishing date: 07/29/2009   Hits: 14
Total 2 pages, Current page:1, Jump to page:
 
The focus for many IT Directors over the past few years has been combating the cyber-security threats reported by the media on an almost daily basis. Horror stories of hackers and virus writers have had organisations in a spin, and IT Departments across the globe have been researching and implementing e-security solutions in a bid to retain their reputation and protect their intellectual property.

To date, the majority of companies have focused on what we call ‘perimeter security’ – security solutions that protect against external threats. Security solutions in this area include firewalls, authentication services, intrusion detection systems, and antivirus scanners. As companies continue to embrace web–based communications, these security measures are as relevant as they have ever been. The issue today is that too many organisations are in denial about the type of security threats that are posed from within the network, and this has resulted in some of the biggest security breaches we have seen over the past 12 months.

For most organisations, their most valuable assets are within the internal network, yet only a small proportion of IT investment is spent on securing these assets. We have found that typically only 10-20 per cent of organisations with relatively sophisticated security programmes have addressed internal security to a meaningful extent.

The growth of internal security issues to date is a result of the way organisations communicate today. Remote working and the need to be ‘always on’ have changed the face of company networks, and technologies such as VPNs and wireless LANs are now commonplace. These enabling solutions can also make an organisation more vulnerable to internal electronic threats. Laptops and PDAs travel into and out of a network daily, making it possible for legitimate users to infect the network or unwittingly grant attackers access to the network via a Trojan horse.

A single, infected device can quickly put the entire network at risk. If all security measures are placed on the perimeter of the network, threats from an internal source can spread like wild fire. In fact, fast spreading ‘flash’ or ‘blitz’ worms can spread across a global organization within minutes.

To combat the security uncertainties that these devices can bring, the IT function needs to look at an effective internal security gateway that blocks the spread of worms and attacks inside the network and provides network zone segmentation. This means monitoring internal traffic to identify and block unauthorized or malicious behaviour and specific attacks, preventing unauthorized access between network zones, and quarantining computers generating suspicious activity.

The proliferation of remote devices and network accesses has made the traditional network ‘perimeter’ more of a hazy line – where does internal security begin and external end? Organisations need to get a grip on their infrastructure, and develop an e-security policy that addresses the threats and vulnerabilities that the network could be exposed to.

 
Other pages: : 1 * 2 * Next>>
Prev:Employees create business risks by ignoring Internet use policies Next:SmoothWall Introduces Low Cost Alternative to SSL VPN

Comment:

Category: Home > hacker course
Home