Information security in corporates in the age of wikileaks

We are living in an age, where no organization is beyond reach of information leak agents. Wikileaks did not spare American government, military and diplomatic offices. Julian Assange got 341K documents, which his team mined to show inconvenient truth.

Change of approach

The security system of the corporates must switch from system-centric approach to information-centric.

System Centric Information Centric
Perimeter based security People are the new perimeter
Transaction applications Collaborative applications and social media
Structured data Unstructured data
Centralized information Distributed information
On-premise infrastructure Virtual infrastructure and cloud

Practical scenario – If you take a quick poll of corporate employee, if they use an open share without ACL (access control list)for easy access, a lot of them would say yes.

Strategy

Security thefts have become more sophisticated, as the time has passed. So, the strategy has to use 3-pronged attack to prevent any data comprosmise.

Data at the core of the security controls

Users should be equipped with OTP (one-time password), certificates to authenticate correct user. Data must use all possibles methods of DLP (Data Leak Prevention).

Identity and information protection strategy

As a first step, the system administrator along with the domain guy needs to discover sensitive information flow and accesses. Then, put safeguard in place.

DLP

Storage endpoint needs to be put in DMZ (demiliterized zone).

Data Loss Policy

It is important to sensitize people about data theft at various places. E.g. an inadvertent user sends out email, the attachment can be checked and an alert can thrown. It might automatically encrypt the attachment. There should not be any productivity loss, because DLP is all about people.

Continuous Risk Reduction

  • Visibility
  • Remediation
  • Notification
  • Prevention

Encryption

Encrypting key files is an important step, but key management is an issue. If file still lands at wrong hands, we can make use of poison pill to destroy the file. There can be a timer for continued use of the file.

Advertisements

About prasoonk

Prasoon Kumar grew up in the Bokaro Steel City of south Bihar, now Jharkhand. He studied Computer Science and Engineering in IIT Kanpur. For job he moved to the land of opportunity United States. He was there in the bay area through the internet revolution of mid to late nineties. He spent time admiring the beautiful coastline of California among other things. He moved east coast to the New York after the turn of the millennium working in a brokerage startup. Afterwards, he is back to India for the past few years. He has been working in the internet startup, enjoying the city life. He has a beautiful wife, a young 5 years old daughter and 11 years old son.

Posted on September 10, 2012, in Technology and tagged . Bookmark the permalink. Leave a comment.

Comments - bouquets, brickbats?

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s