IT-Security

Securing Security against the “Triple Threat”

Utilizing a Layered IT Security Approach to Combat Internal and External Threats

15.01.2010 - Even the best IT security technologies are useless if someone possesses the "triple threat" - the will, the means and the access to compromise sensitive company data. And, as stati...

Even the best IT security technologies are useless if someone possesses the "triple threat" - the will, the means and the access to compromise sensitive company data. And, as statistics unfortunately bear out, all too often that triple threat holder is currently on your payroll. Enterprise IT professionals spend vast amounts of time, money and energy on firewalls, anti-virus software and myriad other technologies to keep people out, and far less time focusing on ensuring that those on the inside comply to an equally robust set of security policies. Internal security breaches account for a significant amount of data theft and data manipulation today, and often result in the enormous financial losses.

Under the banner of increasing productivity, corporate and government employees around the world - and sometimes across vast global supply chain networks - are increasingly being given "inside" access to highly sensitive data through the Internet and a host of new, wireless IP-based devices. And, everyone within these extended business IT environments are capable of creating security breaches, whether intentionally or unintentionally. This means that traditional security fortifications like firewalls, intrusion detection systems and antivirus technologies are virtually useless if a potential breach is about to happen from the inside out.

For many organizations today, conducting business without an effective, manageable end-to-end data security platform is virtually impossible. This includes an approach where security is clearly defined in all areas, is easy to deploy and manage, and protects all aspects of the business IT environment against attacks - regardless of where the attacks originate.

The End-to-End, Layered IT Security Approach


A layered IT security approach takes into account all possible ways in which sensitive company, financial or customer data could be hacked, stolen, or otherwise manipulated. This encompasses external security that covers all access to company systems from outside interests, as well as the increasing number of employee digital access points.

The key principles of this layered approach include the following elements:

  • Foundational security: Every node in the network, be it IBM Mainframe, Unix, Linux, Windows Server, PC, point-of-sale system, smart-card, or smart-phone should incorporate security as a foundational design consideration. Also, while the power of today's networked systems are increasing dramatically, IT network designers must take into account security performance considerations early on in the planning process.
  • Encryption: It is important to encrypt all data and file transmissions between and across today's large, multi-site, diverse platform networks. This requires a new class of nimble, yet powerful technologies to accommodate the broad range of system platforms, as well as new and rapidly evolving applications.
  • End-to-end communications security: This includes securing and encrypting all files and data transmissions from the source to the destination, not just within the perimeter or from firewall to firewall. This approach, called "end-to-end communications security," secures all data from application server-to-user, or any combination of two secure endpoints exchanging information throughout the enterprise's internal network, and through encrypted transit through the Internet between systems at different physical sites.
  • Robust authentication: Even if all network data were encrypted, it does little to ensure security if an employee with authorized access can disrupt or tamper with it. Therefore, new and better types of authentication technologies, coupling passwords with active certificate-based or physical tools and devices, are required to close this potentially dangerous loophole. In addition, service providers, banks, retailers, and other organizations interfacing with consumers should implement authentication solutions that provide a flexible, dimensional architecture to manage security behind the scenes, while offering employees and customers user-friendly features that automatically comply with needed security measures.
  • Session/file transfer monitoring: In today's IT environments, the possibility of accidental security breaches, or worse, malicious activity by internal sources, are very real threats to corporate data integrity. And, increasingly it's the IT security managers, system administrators and other individuals with unfettered access and limited oversight that are the biggest threat. As such, IT security safeguards are a must. For example, real-time session and file transfer monitoring technologies, such as SSH Tectia Guardian, provide an easy-to-deploy, layered approach to establishing, maintaining and monitoring the security of sensitive corporate data in transit, while keeping system administrators and IT security managers in check.
  • Security management capabilities: With the increased frequency and sophistication of security attacks - both internally and externally - it can be extremely tedious and time consuming for IT managers to manage their enterprise security solutions. An easy-to-use, automated security management platform is needed to enable IT managers to efficiently deploy security products and upgrades, enforce security policy, and monitor technical issues from a central location. Also, an automated management solution can lower overhead costs, while simultaneously reducing human errors.
  • Regulatory compliance: IT security managers must also make sure that their systems are in compliance with the relevant government regulations and industry standards. Designed to help enterprises protect against security threats, measures like the Payment Card Industry (PCI) Data Security Standard (DSS), the Gramm-Leach-Bliley Act (GLBA), Sarbanes-Oxley (SOX), and Federal Information Security Management Act (FISMA) add a valuable framework for protection and oversight to the IT security process.

Tools of the Trade

When dealing with sensitive company data, you can never be too safe. All devices that store or transmit sensitive data must adhere to the highest data security standards.
And, equally important is providing safeguards against data theft or manipulation - either accidentally or intentionally - by company employees, contractors or anyone else with security clearance and privileged access. This is particularly critical in today's difficult economic times, where drastic budget cuts and widespread layoffs provide a fertile ground for a new crop of disgruntled employees.
Almost 15 years ago, data security pioneer Tatu Ylönen understood the importance of securing critical corporate data to prevent damaging security breaches. After developing the original Secure Shell protocol - now used by millions of individuals and businesses worldwide - he founded SSH Communications Security to continue developing robust, flexible security solutions to protect organizations' sensitive data while keeping up with the ever-changing demands of the IT security industry. The SSH Tectia solution is one such security solution to address today's enterprise IT security needs. It enables enterprises and government agencies to effectively secure all data across the enterprise from end-to-end, enables secure remote access, secure file transfers and secure data-in-transit, and allows centralized deployment, maintenance, monitoring, and auditing capabilities. And, the new SSH Tectia Guardian solution can be used to deliver a layer of unparalleled visibility and auditing capabilities to easily monitor all activities of internal or external file transfers and remote access. Given the size and complexity of today's enterprise IT networks, SSH Tectia supports all popular enterprise computing systems, including Unix, Linux, Windows, and IBM mainframe, allowing IT managers to deploy and administer robust security throughout the enterprise. SSH Tectia also helps companies to meet key compliance regulations requirements, including PCI DSS, GLBA and SOX, to protect critical consumer and corporate information.

Security at the Forefront


Data security has come a long way over the years as a result of technological advances, increasing threats and the changing corporate IT environments. However, if history teaches us anything it's that certain aspects of human nature - both good and bad - are unlikely to change. The "bad guys" will continue to do their best to find new ways to wreak havoc on corporate computing systems from every possible vantage point. The good news is that technologies continue to adapt to the changing enterprise security landscape. By incorporating a layered IT security approach, organizations can effectively protect their IT environments against both internal and external attacks.