SecurityProNews Directory: A Directory For All Things Security

Information Integrity: Keeping Your Business Up, Running, and Growing

Information is the fuel of your business. Everything about your company – product development, sales, customer relationship management, marketing, competitive analysis, investor relations, policy compliance, finances, human resources – exists in and is managed through your information system. In a very real sense, your information is your company.

At the same time, it’s fair to say that how you protect, manage, and put information to work is the key to your business success. That’s why Symantec has developed a new approach to IT management that is designed to simultaneously provide for the security and the availability of network resources. The resulting benefit is called information integrity.

You can’t make your information 100 percent available and 100 percent secure. Instead, you need to develop a business-driven position on acceptable risk. You define and maintain an appropriate balance. Symantec believes a balanced approach to information availability and security is one in which information is kept safe, yet is accessible wherever, whenever, and to whomever the business needs dictate. That’s when information has integrity.

A look at the current threat landscape, followed by an overview of the “pressure points” felt by most CIOs and IT departments, will help explain why information integrity is going to be vital to today’s enterprises.

Threats are on the rise

Symantec’s Internet Security Threat Report provides a six-month update of Internet threat activity. It includes analysis of network-based attacks, a review of known vulnerabilities, and highlights of malicious code. The most recent edition of the Threat Report, covering the first six months of 2004, offers a definitive guide to current trends and impending threats. Among the findings:

· The time to patch systems is short. The time between the announcement of vulnerability and the release of associated exploit code is now extremely short. Symantec data indicates that, over the past six months, the average vulnerability-to-exploit window was just 5.8 days. (The Witty worm in March was discovered only two days after the vulnerability it exploited was made public.) Once an exploit has been released, the vulnerability is often widely scanned for and quickly exploited. This short window leaves organizations with less than a week to patch vulnerable systems.

· Bot networks are on the rise. Bots (short for “robots”) are programs that are covertly installed on a targeted system. They allow an unauthorized user to remotely control the compromised computer for a wide variety of malicious purposes. Attackers often coordinate large groups of bot-controlled systems known as bot networks. These networks can be used to perform distributed attacks, including DoS attacks, against organizations’ systems. Over the first six months of 2004, the number of monitored bots rose from less than 2,000 computers to more than 30,000.

· Severe, easy-to-exploit vulnerabilities are increasing. Symantec documented more than 1,237 new vulnerabilities in the latest reporting period, an average of 48 new vulnerabilities per week. Seventy percent of these vulnerabilities were considered easy to exploit, and 96% were considered moderately or highly severe. All in all, organizations must contend with an average of more than seven new vulnerabilities per day.

· Phishing is on the rise. Symantec has identified phishing as one of the top threats to watch for in the coming months. Phishing uses email, pop-ups, and fraudulent Web sites to dupe recipients into disclosing personal financial data such as bank account numbers, PINs, and passwords. Over the past year alone, it is estimated that phishing cost U.S. banks and credit card issuers nearly $1.2 billion in damages. It is further estimated that over 1.78 million people have fallen victim to online fraud as a result of phishing.

· Don’t forget spam. It is estimated that unsolicited email will cost U.S. companies alone more than $10 billion in lost productivity and resources this year.

Such, then, is the cyber environment in which your enterprise must contend. And let’s not underestimate this disturbing development: security researchers have uncovered a sharp increase in organized virus- and worm-writing activity that is powering an underground economy specializing in identity theft and spam. In just a few short years we’ve gone from occasional Web site defacements courtesy of “script kiddies” to sophisticated, purposeful, well-funded online fraud (such as phishing).

Proliferating pressure points

Of course, it’s not just cyber threats that try the patience of CIOs. As every IT professional knows, today’s competitive business landscape has some unique pressure points of its own:

· Regulations. Enterprises are increasingly under regulatory pressure — the governance requirements of Sarbanes-Oxley, the privacy requirements of HIPAA, the homeland defense measures of The USA Patriot Act, the European Data Protection Act, the Basel II Accord, the new e-commerce laws passed in over 40 countries around the world, not to mention FISMA, GLBA, and NERC. This regulatory climate requires CIOs to implement policy, process management, monitoring, audit, documentation, and reporting solutions that can ensure accountability, transparency, and compliance. Failure to comply can result in lost business and customer confidence, in addition to financial and legal liability.

· Doing more with less. CIOs and IT departments continue to be asked to do more with less, and to act more quickly and with greater impact on business success. CIOs are not only being asked to keep the business up and running, but to implement and maintain new capabilities that will enable the enterprise to pursue new opportunities, attack new markets, maintain competitive advantage, and more deeply embed customer relationships.

· Downtime. Today, the IT department’s challenge is clearer than ever: support the business goals of the enterprise by ensuring the safety and accessibility of its information assets. Anything that disrupts this safety and accessibility creates downtime, and downtime costs companies money. And when disruptions do occur, IT departments need to get the enterprise restarted and restored to the “moment before” state as rapidly as possible, without risk of repeating the same failure.

Needed: a resilient infrastructure

Given the current threat environment and pressure points, how does information integrity allow an organization to maximize security and availability? The short answer is that it does so by providing enterprises with a resilient infrastructure. Specifically, information integrity combines advanced administration tools – patch management, provisioning, installation design, license and asset monitoring, backup, recovery, and reporting – with expertise in intrusion detection, firewall, virus protection, content filtering, compliance assessment, vulnerability assessment, and VPN. The result is that an enterprise is better able to understand, act, and control.

· Understand means knowing what you need to know about your information environment, both inside and outside your organization. It means being aware of electronic threats emerging anywhere in the world before they reach your organization. It’s about identifying possible regulatory compliance issues, assessing the effectiveness of security and administration tools, and constantly monitoring the status of hardware, software, information, and other network assets anywhere in your enterprise.

· Act is about responding successfully to both vulnerabilities and attacks, as well as to new business opportunities. It’s about securing devices, applications, and networks against threats before they happen. It’s taking steps to be sure information is up-to-date, compliant, and restorable.

· Control is about managing information resources to prevent disruptions and minimize downtime. That means provisioning new applications, managing software patches, and taking other steps to keep your enterprise up, running, and growing.

Conclusion

Achieving information integrity is about dealing with the very real business challenges that enterprises face every day. Information integrity recognizes that IT operations and security must be synchronized, that information availability and information security need to be addressed together.

Technology specialist IDC has characterized today’s IT environment as “a large, distributed, and complex infrastructure of servers, desktops, and laptops [that are] constantly changing to stay current with the needs of fiercely competitive businesses.” Never before has the challenge to be competitive placed so much pressure on the IT department. In that light, information integrity is the best way to keep your business, up, running, and growing – no matter what happens.

Rowan Trollope
About Rowan Trollope
Rowan Trollope is vice president of Security Management Products at Symantec, where he leverages more than 13 years of experience to oversee the engineering, business strategy, product development and industry relations for the company's worldwide security management products. Trollope is also responsible for Symantec's core technology group, which provides the security management platform for the company's comprehensive product line. Previously, Trollope served as vice president of research and development for Symantec consumer products, leading the Norton brand to market leadership in Internet security.

Leave a Reply

Your email address will not be published. Required fields are marked *

You may use these HTML tags and attributes: <a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code> <del datetime=""> <em> <i> <q cite=""> <strike> <strong>