Joining the Dots: Joining the dots

  • Authors:

  • Richard Walters

  • Affiliations:

  • Overtis Systems

  • Venue:
  • Network Security
  • Year:
  • 2009

Quantified Score

Hi-index 0.00

Visualization

Abstract

Data loss is a growing embarrassment for the security industry. Data leakage vectors are increasing due to insider ingenuity, the proliferation of applications and peripherals, and financially motivated theft. So perhaps we need a new approach? Richard Walters of Overtis explores the concept of security convergence, whereby the disparate security systems and software at the organisations' disposal are integrated to provide a holistic security solution. Combining IDS, access control, CCTV, RFID, biometric authentication and others, it's possible to control the logical and the physical worlds to prevent data leakage. But security convergence still has obstacles to overcome. Let's not overlook the need to segment sensitive systems, use the endpoint rather than the network as our starting point and the need for industry standard APIs, he concludes. Data loss continues to grab the headlines. For those of us in the information security industry, these stories are testament to the fact that we are failing. Data is being removed intentionally, and disseminated unintentionally, from UK organisations on an unprecedented scale. Examples we've seen range from gaining physical access to restricted areas (through access card theft, lack of anti-passback on turnstiles, and plain simple tailgating), to data theft over instant messenger using file transfer, and social networking sites (uploading a file from the corporate network during office hours, and downloading it to another location later).