WITH so many businesses depending on their technology infrastructure to support core activities, anything which threatens network security and availability can impact everybody from the financial director to the sales rep.
Yet there remains an overly simplistic view of such threats, with many businesses clutching on to the notion, frequently promoted by suppliers, that their security provisions are infallible.
It is far more helpful to think of the network as we wo
uld the human body - accept that you will get ill, but recognise there are steps you can take to ensure this happens less frequently, minimise the severity and improve your recovery time.
Over the years, each new computer worm, virus or exploit has swiftly been countered by a patch or anti-virus product, providing a "vaccine" and preventing infection before it can occur. However, the crucial difference between computers and ourselves is the speed at which new threats emerge.
Imagine a world in which unknown human viruses arrived at a rate of over 100 every year, with a large percentage of the world’s population typically exposed within minutes. This is the race in which the IT security industry is currently engaged with ever-more ingenious criminals.
Just as human diseases evolve to resist certain antibiotics, time and time again the technology experts’ best efforts are circumvented by increasingly sophisticated attacks.
For example, the Wireless Encryption Protocol, designed to guard wireless data transmissions, was broken within half an hour of its launch.
The technical challenges of out-pacing criminals have also been compounded by the changing realities of modern business.
As the nine-to-five office culture of the past has given way to virtualisation, mobile working and round-the-clock connectivity with clients and partners, the corporate network has become more functional and flexible. Yet, the increasing sophistication of IT systems has also opened up new areas of vulnerability.
To manage such complexity, a little common sense is required.
A human with aching limbs might have slept awkwardly - if they also exhibit sneezing and fatigue, there’s a good chance they have flu. While many organisations run several, powerful, layered security solutions, a lack of integration makes it very difficult to make this kind of distinction.
Security event management aggregates the reports from multiple systems into a single point, identifying patterns in seemingly unconnected alerts and creating a whole which is more powerful than the sum of its parts.
Another concern is the failure of business to address threats from within the organisation, which constituted 80 per cent of all security breaches in 2003.
While there are a number of solutions specifically designed to address these threats, they are most often deployed reactively.
Unwanted behaviour by internal users is one of the few environmental variables over which managers can and must exert a high degree of control.
Such behaviour could include the use of webmail from office PCs. While the user’s intentions may be benign, they may unintentionally open a devastating backdoor to the network.
This emphasis on preventing, rather than detecting, network intrusion has driven the development of solutions which focus on potentially threatening behaviour, not just the electronic signatures of inbound threats.
While technology plays a vital role in security strategy, user training is the most simple, yet often least employed, measure organisations can take. To look at it another way, what use is a cabinet full of medicines, when there is no education in healthy living?
For the third of UK businesses with no board-level security representation, this cultural challenge will continue to undermine the IT department’s best efforts until network wellbeing becomes everybody’s responsibility.
• Colin Bradley is business development director for security with Dimension Data