Mistakes, Misconceptions, Myths

  • By Steve Duncan
  • Jul 01, 2008

As technology evolves, more and more enterprises become targets of highly sophisticated criminal organizations. Their purpose is to illegally obtain valuable data to commit any number of crimes against your organization or customers.

But which companies are easy targets? Which organizations have gaps in enterprise security that leave sensitive information, customer data and intellectual property unprotected? Is your organization at risk?

Common Vulnerabilities
Learn the following common mistakes that could leave your information, brand and customers vulnerable, and what proactive steps can be made to ensure your company is properly secured—and out of the headlines.

Relying on the unreliable. No offense to enterprise end users—who are typically educated, savvy people—but relying on them to unequivocally follow proper procedures isn’t practical or fair.

Your work force shouldn’t be required to understand or execute enterprise security. They have many roles and responsibilities, but manually encrypting e-mail, requesting user certificates or managing permissions for dynamic workgroups are certainly not some of them.

Enterprise security should be completely transparent and automatic to end users. Assuming they are upholding their end of the secure infrastructure only places your organization’s brand, intellectual property and customers at risk.

Too much confidence in boundary security. The security of your network is extremely important. But as the sophistication of online criminal organizat ions evolves, what happens if external threats bypass your boundary safeguards and gain access to your network, not to mention its valuable intellectual property, sensitive information and customer data?

It’s important to instill a sense of confidence in both external and internal security measures. If your external security solutions are bypassed, internal content needs to be encrypted as an automatic countermeasure. Without it, external parties could access sensitive data should they circumvent boundary security defenses.

Each year, dozens of trusted brands fall prey to these types of security breaches. Regardless of enterprise scope or vertical, any organization can fall victim to the sophistication of today’s online criminal tactics. It’s the proactive steps your organization takes before this occurs that count toward leaving your customers’ trust intact and your brand unscathed.

Network security does not equal data security. Your network is secure from outside threats. That means your sensitive data is protected, right? Absolutely incorrect. It’s one of the most widespread misconceptions of enterprise security. Your network may be extremely wellsecured, but that doesn’t have any bearing on how or if your data is protected.

The external risks may have been addressed, but what about threats from internal parties? Even if an organization’s network is so-called “hacker-proof,” anyone within the enterprise could access, copy, print or transfer sensitive unencrypted data. The only safe course of action is to encrypt this valuable information.

According to a survey at the Infosecurity Exhibition Europe in 2007, one third of IT staff admitted to accessing confidential information through legitimate access privileges. This means your authorized IT personnel could be taking advantage of their complete access to view, copy or send sales data, customer information and corporate salaries. So, like most organizations, if you rely on IT to protect sensitive data, there’s a good chance they’re also looking at it.

In addition, relying on access control lists to prevent users from accessing information they aren’t authorized to see is a major security risk. ACLs are only effective if the operating system security is not bypassed. This feat can be achieved by just about anyone.

Minimize these internal threats by automatically and transparently encrypting files and folders stored on your network. Maintain seamless control over who has authorization to access which files, folders, directories or workgroups.

Full-disk encryption is safe enough, protects everything. While extremely important, full-disk encryption often provides a false sense of security. It’s a great strategy for preventing data on lost devices from being accessed. What it doesn’t do, however, is safeguard that data when it needs to be shared or collaborated.

Full-disk encryption doesn’t secure our shared network files or folders, which are used for group collaboration. And it can’t protect your organization from sensitive files being copied, e-mailed or moved. It’s a solid point solution and has an important role in a layered security strategy, but it falls short of protecting the enterprise data if relied upon alone.

Leave no co-worker behind. Well, at least don’t leave the authorization behind. One of the most blatant miscues in enterprise security occurs when access for former employees remains even after they have left the organization.

Employees often copy groups of files to take with them when they leave—an innocent practice in most cases. But while you may have disconnected them from the network so they can’t access updated data, their older files still contain large amounts of sensitive information, customer data and intellectual property.

If those files are encrypted with persistence, you remain protected regardless of what they do with the files and folders. Because the encryption remains with the files or folders, once their authorization is revoked, their access to the information is eliminated.

Many Concerns, One Solution
So now you’ve figured out you’re making one of these mistakes, or maybe all five. What are the next steps? Entrust Entelligence Group Share can help solve each of these challenges.

A key component of a layered security strategy, Entrust Entelligence Group Share provides organizations with transparent, automatic and persistent encryption of sensitive enterprise files and folders. Invaluable information remains encrypted even if it is copied, saved, moved or sent outside the enterprise’s boundary. An easyto- manage solution, it promotes the sharing of ideas and information without the typical burden of security technology in a dynamic organization.

Featured

  • From Surveillance to Intelligence

    Years ago, it would have been significantly more expensive to run an analytic like that — requiring a custom-built solution with burdensome infrastructure demands — but modern edge devices have made it accessible to everyone. It also saves time, which is a critical factor if a missing child is involved. Video compression technology has played a critical role as well. Over the years, significant advancements have been made in video coding standards — including H.263, MPEG formats, and H.264—alongside compression optimization technologies developed by IP video manufacturers to improve efficiency without sacrificing quality. The open-source AV1 codec developed by the Alliance for Open Media—a consortium including Google, Netflix, Microsoft, Amazon and others — is already the preferred decoder for cloud-based applications, and is quickly becoming the standard for video compression of all types. Read Now

  • Cost: Reactive vs. Proactive Security

    Security breaches often happen despite the availability of tools to prevent them. To combat this problem, the industry is shifting from reactive correction to proactive protection. This article will examine why so many security leaders have realized they must “lead before the breach” – not after. Read Now

  • Achieving Clear Audio

    In today’s ever-changing world of security and risk management, effective communication via an intercom and door entry communication system is a critical communication tool to keep a facility’s staff, visitors and vendors safe. Read Now

  • Beyond Apps: Access Control for Today’s Residents

    The modern resident lives in an app-saturated world. From banking to grocery delivery, fitness tracking to ridesharing, nearly every service demands another download. But when it comes to accessing the place you live, most people do not want to clutter their phone with yet another app, especially if its only purpose is to open a door. Read Now

  • Survey: 48 Percent of Worshippers Feel Less Safe Attending In-Person Services

    Almost half (48%) of those who attend religious services say they feel less safe attending in-person due to rising acts of violence at places of worship. In fact, 39% report these safety concerns have led them to change how often they attend in-person services, according to new research from Verkada conducted online by The Harris Poll among 1,123 U.S. adults who attend a religious service or event at least once a month. Read Now

Most   Popular

New Products

  • A8V MIND

    A8V MIND

    Hexagon’s Geosystems presents a portable version of its Accur8vision detection system. A rugged all-in-one solution, the A8V MIND (Mobile Intrusion Detection) is designed to provide flexible protection of critical outdoor infrastructure and objects. Hexagon’s Accur8vision is a volumetric detection system that employs LiDAR technology to safeguard entire areas. Whenever it detects movement in a specified zone, it automatically differentiates a threat from a nonthreat, and immediately notifies security staff if necessary. Person detection is carried out within a radius of 80 meters from this device. Connected remotely via a portable computer device, it enables remote surveillance and does not depend on security staff patrolling the area.

  • ResponderLink

    ResponderLink

    Shooter Detection Systems (SDS), an Alarm.com company and a global leader in gunshot detection solutions, has introduced ResponderLink, a groundbreaking new 911 notification service for gunshot events. ResponderLink completes the circle from detection to 911 notification to first responder awareness, giving law enforcement enhanced situational intelligence they urgently need to save lives. Integrating SDS’s proven gunshot detection system with Noonlight’s SendPolice platform, ResponderLink is the first solution to automatically deliver real-time gunshot detection data to 911 call centers and first responders. When shots are detected, the 911 dispatching center, also known as the Public Safety Answering Point or PSAP, is contacted based on the gunfire location, enabling faster initiation of life-saving emergency protocols.

  • AC Nio

    AC Nio

    Aiphone, a leading international manufacturer of intercom, access control, and emergency communication products, has introduced the AC Nio, its access control management software, an important addition to its new line of access control solutions.