Staff is not network security’s biggest threat

Companies find it convenient to single out employees as the main threat to internal network security so they can put a face on the problem. But unwanted intruders, not employees, pose the greatest risk to organizations.

An intruder can be a malicious hacker, former employee or one of the thousands of third-party connections organizations have opened to help further business goals.

Solutions exist to protect against employee abuse. The most common is access control — locking down file servers, desktops and applications. Recently, vendors have tried to protect content on the networks. This approach only fortifies against the casual employee who is bored or looking to get a head start with the sales list before heading to the next job. These solutions cannot protect against sophisticated intruders who employ state-of-the-art tools and technologies to cause damage to companies.

Today, hackers circumvent network security by disguising themselves as legitimate users. With one legitimate access account, the intruders can infiltrate systems — not breaking down gates, but accessing each system with legitimate credentials they gather along the way. They steal these credentials in a variety of ways: compromising a home user’s computer, tricking employees into divulging passwords or user names, or sniffing an ISP.

Scarier still, most companies don’t have a way to detect these compromises. Compromises are usually discovered while operating or rebuilding a server or, more likely, when a CEO wakes up to find his proprietary data publicly available.

Criminals use an arsenal of techniques to access valuable data: reverse HTTP tunnels, Internet Control Messaging Protocol backdoors, sniffers, Trojans, even steganography — embedding data in images. And with the proliferation of sources to download these tools on the Web, users need less sophistication than they did even six months ago. That’s why companies should worry about sophisticated hackers and not employees who blindly access networks.

A new technology — compromise detection — exists to combat the risk malicious hackers pose. Unlike both access controls and content filters, compromise detection was built specifically to defend against the stealthy and sophisticated attacks that intruders will use now and in the future.

Compromise detection exposes hackers as they enter and move through the network. This approach independently audits and tracks internal traffic, looking for specific telltale signs pointing to the footprints intruders leave behind. To identify these covert actions on internal networks, a product must have a deep understanding of how internal networks fundamentally behave.

The fact is, companies assume risk for a compromise anytime they grant access to their networks. Employees happen to be the easiest risk factor to guard against. It is imperative for organizations to realize employees are not the main problem. Thinking so leaves networks consistently and dangerously exposed.

Bingham is president and co-founder of Intrusic Inc., a security software vendor. He can be reached at [email protected].

Would you recommend this article?


Thanks for taking the time to let us know what you think of this article!
We'd love to hear your opinion about this or any other story you read in our publication.

Jim Love, Chief Content Officer, IT World Canada

Featured Download

Featured Articles

Empowering the hybrid workforce: how technology can build a better employee experience

Across the country, employees from organizations of all sizes expect flexibility...

What’s behind the best customer experience: How to make it real for your business

The best customer experience – the kind that builds businesses and...

Overcoming the obstacles to optimized operations

Network-driven optimization is a top priority for many Canadian business leaders...

Thriving amid Canada’s tech talent shortage

With today’s tight labour market, rising customer demands, fast-evolving cyber threats...

Staying protected and compliant in an evolving IT landscape

Canadian businesses have changed remarkably and quickly over the last few...

Related Tech News

Tech Jobs

Our experienced team of journalists and bloggers bring you engaging in-depth interviews, videos and content targeted to IT professionals and line-of-business executives.

Tech Companies Hiring Right Now