Latest Entries »

Insider threat shall rise again?

Filed under: Gyaan aka KnowledgeLeave a comment
August 8, 2011

Just going through the Verizon Data Breach Reports of 2008, 2009 & 2010, I notice an increase in the data leaks caused by insiders (18%, 20% & 40% respectively).

Just looking at the present financial crisis in the market and the job cuts being announced, I think we have a ticking bomb here. Nothing is more dangerous than a disgruntled employee. And as fas as I have seen, organizations are pretty lax at the approach towards de-provisioning employees in a fashion that it minimizes the risk.

The focus lately has been a lot on the external threats, thanks largely to Anonymous and Lulzsec, that I fear that this very clear and present threat shall slide by under the radar.

Comment

Data Leakage Prevention? Really?? (Part 2)

Filed under: RantsLeave a comment
July 12, 2011

[I know, this part 2 is coming after so much delay. Even I have forgotten what I really wanted to put here!]

After that encounter with the customer, DLP went off my radar for some time. It was while working in a start up, that I kind of rediscovered it while thinking about ideas for a new line of security services. This time around, I had some expert help at hand. Lengthy discussions and brainstorming was done, as I was asked to sell it as a service internally first. Putting a service twist on what apparently looks like a product was a challenge.

But some research actually made it clear. It IS a service, and not a out of the box product, as most people believed.

It’s been a few years since then, but sadly that’s the the perception is still largely. Though there is a shift, yet a lot more needs to happen. I have spent countless hours educating customers on DLP, and have made some headway. But like I said in the beginning, the term DLP itself is extremely misleading.

It does not magically stops/prevent data from leaking from your organization. If configured and implemented correctly, what it is really good at is preventing accidental leaks (like sending an internal price list to a customer by mistake).

A person who is motivated enough will find a way around the DLP. That’s where you need more controls and practices in place on top of the DLP to ensure the overall security of the organizations’ assets.

DLP + other logical/physcial/administrative controls = reasonable assurance against leakage.

Keep in mind. A DLP product isn’t the silver bullet.

Tags: ,
Comment

Physics and Security

Filed under: Rants2 Comments
January 19, 2011

I have always been a physics enthusiast.  Theoretical physics to be precise. Mathematics has never been my strong point.

Last night I was watching  a program on the cosmos which documented the our understanding of the universe and it’s fundamental particles. I couldn’t help but draw some parallels between the way these two totally disconnected domain.

In my mind, the internet is pretty much like the universe. It grows and evolves and some parts of it fade away. On the internet information flows, so does in the universe (if could expand on this point but that would deviate me from the point). The sun is the central server with the planets as hosts (okay I admit, it’s a bit silly, but hang in there).

The parallel came into my head with respect to our understanding the nature of security, what is needed and how much. Every time the scientist discover some new particle/principle about the universe, it answers a few questions, but raises a lot more.

Similarly, whatever little experience I’ve had, security questions have only grown over the years. And I think they will continue to grow. We introduce a technology that addresses an issue, a lot more crop up (it takes us some time before we actually find that out or we live in denial about it – the chip & pin issue for example).

I do not see days getting easier for the security professionals (in a sadistic way that’s good). But just like in cosmology, there is an opinion that another Einstein is needed to relook at the present understanding of cosmology, I think a newer, bolder, radically different approach to security. I am not imaginative enough to come up with one, but I have this belief, that it is sorely needed.

Comment

Data Leakage Prevention? Really?? (Part 1)

Filed under: Rants1 Comment
June 21, 2010
I think the name of the technology itself, Data Leakage Prevention (DLP), is misleading. Whatever scope of being misled is left, is usually done away by our brave technology sales people (no offence intended, it their job!). I remember clearly when I first encountered DLP as a technology. It was more than 5 years ago. No one is APAC (or at least in India knew what DLP was). While working as a freelancer, the VP of a big manufacturing company wasdiscussing with me the issues he was having with the data in their network. Mobile data cards had just been launched and the VP was worried about his executives carrying around sensitive information on laptops. Though they has controls on the intranet level, once the node was out of the corporate network, it reigned free (I know this is nothing new, but I am telling this story to make a point, kindly bear :D ). View full article »
Tags: ,
Read More & Comment
Follow

Get every new post delivered to your Inbox.