Data Loss is Key Security Concern, as well as Risk from Outgoing Employees

A recent enterprise security survey determined that data leakage is the main concern of most IT professionals. Another new survey demonstrated the ongoing security risk posed by employees leaving the company. In other news, new attack vectors are emerging that pose new challenges to enterprise security staff.

Focal Points:

• A recent security survey conducted by organizers of the Infosecurity Europe Conference found that 69 percent of IT security workers say that their main day-to-day security concern is the loss of data. These results come after a recent report of a computer sold on eBay that contained personal details of over a million banking customers. A week earlier, officials from the United Kingdom disclosed that information on every prisoner in England and Wales was on an unencrypted memory stick that had been lost by a private contractor. Other concerns of the conference attendees included remote worker security and ensuring worker compliance with security regulations. Attendees also expressed concern that much work still needs to be done in communication between IT staff and business managers.
• A recent survey conducted by Cyber-Ark Software Ltd. showed that IT-savvy employees are likely to steal company data before they leave. Cyber-Ark's annual survey of 300 IT professionals found that 88 percent of IT administrators said they would probably take valuable and sensitive company information with them when they left. Some of the information they said they would likely take included CEO passwords, the entire customer database, research and development plans, financial reports, merger and acquisition plans, and the company's privileged password list. Findings also revealed that 35 percent of those surveyed admitted to already spying on confidential information including salary information and personal e-mails, while approximately 33 percent of individuals have kept login details on notepads. Only 12 percent of the respondents said they would not take any information when they left. One third of the companies polled believe industrial espionage and data theft is pandemic, with much of the lost information going to their competitors. Company directors approached with these findings were unaware of the security hazards posed by the sweeping access to sensitive information provided to administrators, and stated that processes regarding regular permissions updates or access removal upon termination are lax and in need of repair.
• A recent published report found that several new varieties of security attacks are finding their way into the enterprise. While most of the new attack types are either theoretical or very niche, Experton Group believes it is only a matter of time before they become more widespread. Virtualization is bringing a new breed of threats, where the host operating system becomes compromised, which makes the entire machine subject to man-in-the-middle attacks. A virtual system compromised would also expose any remote system authentication that is not using two-factor authentication. Another new attack, labeled "cold boot", takes advantage of information in RAM that is normally lost when power off. However, RAM memory actually keeps information for seconds to minutes, which can be enough time to take chips out of one system and read them on another.

Experton Group believes new attack vectors will be developed faster than the security community or the enterprise can react to them. Virtualization remains the biggest area of security concern, as the technology will continue to be developed, creating constant new exposures hackers will certainly exploit as companies pursue data center consolidation and new service-oriented architectures.  IT executives should work with security staff and develop a data-centric approach to enterprise security.