Dealing with the dissemination of security threats (page 1 of 6)

According to the statistics collected by CSI / FBI, financial fraud and theft of proprietary information lead to greater financial loss than computer viruses or hacking attacks.

Nevertheless, many organisations still place more emphasis on the 'wolf at the door' than those in sheep's clothing.

Much has been made of the threat of the external hacker and, while this is a real problem, insiders are responsible for the majority of security breaches.

As well as malice, mistakes made by employees are also an important reason for loss of vital services. For example, the most common reason for application downtime is unauthorised changes, often made by well-intentioned administrators. Whatever the cause, the effect can be a loss of revenue or even worse a loss of reputation.

This guide aims to explore the changing nature and scope of these threats, and suggest how to spot and counter them.

Threat: Mis-managing Identities

Issue:
Managing users' identities and access rights is one of the biggest challenges an organisation faces.

This process, which involves adding users to systems and applications when they join, maintaining their access rights as they change role and removing them when they leave, is referred to as 'user provisioning'.

Problem is, as they change roles, rights need changing too - and when they leave those rights need deleting quickly and effectively. A common problem is that over time users acquire new access rights that are never removed.

This is usually to avoid employees getting frustrated at not being able to do their job properly due to a lack of access to critical work systems. A more extreme problem is that the door may be left open to them and others when they leave the organisation.

CA research has found that any one user will be defined in a minimum of 17 places in your IT infrastructure. However, when that person leaves, it can take between two and four months to remove all the user rights - and even then, on average, six will be left on the system. The risk of abuse that this poses is all too clear.

Solutions:
• Ensure that you have a process in place to provision users quickly and efficiently when they join your organisation based on their job function or role. This can include making sure they have the right IT resources and access, as well as ensuring they have a desk, phone, car etc. A full inventory should also be taken so that effective asset management can be undertaken.

• Make sure you have an accurate record of the user accesses and rights that each individual has, so these can be audited and changed or removed quickly and easily when a user changes role or leaves.

• Assign access rights according to the job function or 'role'. This is to ensure that access rights are consistent across the organisation and that when a user changes job function it is easy to see which rights can be removed as well as those that need to be added.

• Invest in software that can manage user rights for you, avoiding the need for manual records and activities. As well as removing the capacity for human error, this will also free up your IT staff for more critical IT activities by allowing non-IT (e.g. HR) staff to provision users to resources.

Threat: Inappropriate Access

Issue:
Under EU privacy legislation organisations are required to ensure that certain kinds of data is kept private and only used for the purposes that it was initially collected.