iEntry 10th Anniversary RSS Archive

IT Management Begins With Security
SecurityProNews > News > Security News > Insiders And The Risky Business Of Security
Search:
[ news_security_news ]

Insiders And The Risky Business Of Security



David Utter
Staff Writer
2007-10-18

SecurityProNews: Insider Reports Insider Reports RSS Feed


One person with an administrator password and access to critical systems can cause chaos within a business.

The time has arrived to crack down before something really sensitive gets compromised.

Back in September, a simulated remote attack on an electrical generator left the machine a smoldering wreck.

With enough access to such critical systems, one person could cause a lot of damage.

Multiply that potential by the national power grid, and you get the kind of responses CNet cited from Rep. Jim Langevin (D-R.I.), who wants much more stringent controls and security standards for the nation's infrastructure.

On the topic of infrastructure, Xceedium CEO Cheryl Traverse said in a chat with SecurityProNews the real threat comes from the high risk users who can touch many parts of an enterprise system.

Administrators, developers, and anyone whose access rights cross systems and structures poses a risk.

Traverse claimed 86 percent of internal attacks come from insiders or outside people brought in and given too much access.

It's a situation that her company believes it can address through technology.

In this case, infrastructure virtualization will serve to compartmentalize what people can see in the system, limiting them to where they are authorized to be.

Traverse said the control takes place at the socket layer, so if an insider tries to jump from an authorized place to an unauthorized one, that access will be stopped.

Various tracking tools show what people do in the system.

Traverse noted that reporting functions will show compliance with established policies is in effect, an important piece of the compliance puzzle for publicly traded firms in particular.

Corporate losses to insider actions should make Xceedium and competitors that will certainly follow a business decision to be considered.

If the technology can work on a practical level as advertised, its benefits should outweigh the costs of implementation and ongoing monitoring needed to benefit from it.


About the Author:
David Utter is a business and technology writer for SecurityProNews and WebProNews.

More news_security_news Articles

SecurityProNews: Insider Reports Insider Reports RSS Feed

Get Your Site Submitted for Free in the World's Largest B2B Directory!

Email Address:
* URL:
*
*Indicates Mandatory Field

Terms & Conditions

iEntry Featured Services: Jayde Member Services | Forums | Freeware | Advertise with Us

Contact Us | Advertise | Newsletter Archive | Sitemap | Submit an Article | News Feeds
SecurityProNews is an iEntry, Inc.® publication - $line) { echo $line ; } ?> All Rights Reserved | Privacy Policy and Legal		 Join the WebProWorld Forums: Click Here
Virus Warnings

Subscribe to
SecurityProNews FREE!


[ more newsletters ]

Featured On:
article resources
Search Articles:
[advanced search]

WebProWorld.com
Get in-touch with industry experts and leaders
Post your site for review by expert and peers
Ask Security, IT, Development and Design questions

Free Membership: Join Now!

Visit WebProWorld.com

Titan Quest Forum
The #1 Titan Quest forum
Halo 3 Forum
The best Halo, Halo 2, Halo 3 forum
Nintendo Wii
Nintendo Wii news and views
Mac Software
The best in OS X freeware
Graphics Forum
Your source for graphic tutorials
SecurityProNews.com | Breaking eBusiness News Get Your IT Questions Answered - Click Here SecurityProNews News Feeds