Thursday, July 24, 2014

Security – comForte ensures our valuables are safely out of reach!

A new opinion paper is now available from comForte and it’s all about our need for a deep defense – when it comes to keeping out the bad guys, we do need to take action!

It was the hallmark of the Roman Empire that is still visible two millennium later. I am talking about roads – the arterial highways that allowed the Roman Empire to prosper. Bridges and gateways remain visible in many parts of Europe and they helped Rome defend its empire – Roman legionnaires could quickly traverse vast distances to help defend against intruders. Hadrian’s Wall is still a reminder today of what it took to keep enemies at bay.

However, in the twilight of the Roman Empire these roads also facilitated others, with less honorable intentions, and it became easy to take off with the wealth of a nobleman or even of a whole village. The roads that bound the Roman Empire were a blessing and a scourge, so much so that by the middle ages massive fortresses were built to ensure valuables could be safely locked up. Today, we are experiencing much the same problem once again.

According to a special report on Cyber-Security in the July 12, 2014, issue of the magazine, The Economist, it’s no longer about roads that connected ancient Rome but about the networks that connect the world. “Cyberspace has become shorthand for the computing devices, networks, fiber-optic cables, wireless links and other infrastructure that bring the internet to billions of people around the world,” suggests the writers of the report.

“The myriad connections forged by these technologies have brought tremendous benefits to everyone who uses the web to tap into humanity’s collective store of knowledge every day. But there is a darker side to this extraordinary invention,” the report observes. “Securing Cyberspace is hard because the architecture of the internet was designed to promote connectivity, not security. Its founders focused on getting it to work and did no worry much about threats because the network was affiliated with America’s military.”

However, the very channel we all surf so regularly contains unimaginable terrors that perhaps have their  origins with the Military that has generated imagery that we all can comprehend. Indeed, in a conference call on its latest Big Data Analytics initiative, HAVEn, HP CEO, Meg Whitman, compared enterprises battles keeping out intruders as an arms race, where despite the best efforts of all involved, with each lifting of the bar, new ways to climb over were soon found by those intent on penetrating an enterprises defenses.

“The biggest day-to-day threats faced by companies and government agencies come from crooks and spooks hoping to steal financial data and trade secrets,” notes the report in The Economist. “Smarter, better organized hackers are making life tougher for the cyber-defenders.” However, it wasn’t too long before those who built the castles in the middle ages determined that often the best defenses included multiple deterrents.

Depth of defenses involving moats, drawbridges with high gate towers, along with massive stone walls, all contributed to making the task of conquest a lot more difficult. Relying on multiple precautionary defenses in time proved to be a great deterrence to the bandits exploiting the benefits of ancient roadways. The benefits from pursuing a multi-pronged defense was highlighted by the Australian Signals Directorate, The Economist went on to note.

This government department noted that “85% of targeted breaches (that) it sees could be prevented by just four measures: whitelisting software applications; regularly patching widely used software such as PDF viewers, web browsers and MS Office; doing the same for operating systems and restricting administrator privileges to those who really need them to do their job.”

In other words, ensuring only “approved” application code (and the data they depend upon) could be run, known bugs and security “holes” were regularly patched (in applications as well as the OS and middleware), and really tightening up who can do what and under what conditions, could help enterprises limit possible unwarranted incursions into their IT departments. The flip-side to approved application code (and data) is making sure anything not approved doesn’t get to run and this includes making it hard to see and indeed access, your most valuable treasures.

The prospect of beefing up the depth of our defenses is the main focus area of my latest opinion paper on security, Secure the Fort – Your Data has become the new Gold that can be downloaded from the comForte web site. Follow the link above, register, and read the commentary provided. The key contribution comForte is making to any viable depth of defense is encryption – hiding the valuables behind an “impenetrable wall” to ensure “crooks and spooks” cannot make off with what is sacred to the enterprise.

In my latest opinion paper I quote comForte CTO, Thomas Burg, a number of times. “Many hackers go for the easier options such as unprotected log files containing ‘virtual gold” such as credit card numbers together with expiration dates,” Burg told me. “It will likely be internal agencies within a company that encourage and indeed fund more systemic approaches to security and we are seeing such changes already.”

Looking at castles from the middle ages that have survived, it’s hard to miss the complexity involved. However, oftentimes, with the complexity, came exposure and more than one castle fell because a “secret passage” had been discovered. Comparing this to what we rely on today inside the data center, Burg added how “Complex systems are inherently harder to secure, but again, I don’t see systems becoming less complex. Just as in other areas, there is no silver bullet. People need to realize it is an ongoing task (to secure code and data) and stop underfunding and under-prioritizing it.”

My latest opinion paper on security was subtitled, “Lock the gates! Flood the moat and pull up the draw bridge! comForte now providing the depth of defense our castles need!” Yes, it’s all about hiding what’s valuable to the enterprise and with the encryption approaches adopted by comForte and now available to all members of the NonStop community, this depth of defense so prized by enterprises has just become a whole lot deeper!  

No comments:

Post a Comment