CYBER SECURITY: NAVIGATING THE THREAT LANDSCAPE

Transcription

1 CYBER SECURITY: NAVIGATING THE THREAT LANDSCAPE WHITE PAPER

2 2 Table of ontents EXECUTIVE SUMMARY: CYBER SECURITY MANAGING YOUR ATTACK SURFACE DATA VULNERABILITY 1 THE ENDPOINT IMPERATIVE HOW TO REDUCE DATA VULNERABILITY WITH AN ENDPOINT SOLUTION 1 NO USER INVOLVEMENT 2 CENTRAL CONTROL OVER DATA BACKUPS 3 CENTRALIZED & GRANULAR DATA ACCESS CONTROL 4 DATA ENCRYPTION 5 THE ABILITY TO TRACK DATA CHANGES 6 SAFE & SIMPLE DATA RECOVERY SUMMARY 1 CONCLUSION: CIBECS OFFERS COMPLETE CONTROL OVER ENDPOINT DATA, REDUCING CYBER THREAT VULNERABILITY

3 3 01 EXECUTIVE SUMMARY The cyber threat landscape has matured significantly over the past 10 years, due in part to the proliferation of new technologies and an increasing reliance on the Internet for personal and business needs. Not only are Governments looking for ways to improve the security of their critical infrastructure systems, enterprises have become increasingly aware of the obvious real threat of data security breaches. The recently released MessageLabs Intelligence 2010 Annual Security 1 report highlights the fact that the 2010 cyber security landscape was shaped by the technological advances made in more sophisticated forms of malware as the cyber criminals continued to find new and innovative ways to attack computers and businesses. Risk management and improved security ecosystems are high priorities for IT. The 2010 CDW Security Straw Poll 2 has illustrated not only the increasing focus on data security in enterprises, but how business data loss is seen as the number one cyber security challenge. The majority of organizations } have dedicated IT security support in place, but nearly all see room for improvement in their business IT defenses, resulting in an increased requirement for a data protection solution that addresses cyber security while providing tangible enterprise benefits. The increasing mobility of workers and the resulting business data spread has required faster security innovation and an IT mindset changelooking at enterprise data architecture from the outside inwards, instead of the inside outwards. Protecting endpoint data and recognizing solutions built from the ground up to secure user data on laptops & desktops has become a paramount enterprise imperative, with Gartner noting that endpoint user data security is one of the major problems faced by IT today Gartner: ID #: G )

4 4 02 MANAGING YOUR ATTACK SURFACE Increasing amounts of business data mean there s more data than ever to scan for threats. Data is being generated at a compound rate of 60% per year. hat means there s 60% more data out every year than there was the year before. 4 Intel s researcher, Ben Calloni, elaborates on this issue by discussing what he calls your business attack surface. Security is expensive, so the need to reduce an organization s attack surface is critical when establishing a security policy. In order to build a security policy that will protect your organization, Calloni argued that you must be able to look at what area or parts of your system/network are available for an assailant to compromise. FIVE KEY AREAS THAT MUST BE LOOKED AT INCLUDE: 1 VULNERABILITY - to have it, an attacker must be able to access it 2 THREATS - any potential hazard of harm to the data, systems or environment by leveraging a vulnerability; Individual taking advantage of a vulnerability 3 RISK - the probability of the threats using the vulnerabilities; higher risks come with more vulnerabilities and increased threats Security decreases as attack surface increases, so the exponential growth of business data in an organization makes protecting data more complicated than ever before. A larger mobile workforce and the growing prevalence of enterprises using laptops as their primary system makes control over endpoint user data one of the most challenging and vital cyber security considerations. Vulnerability is one of the most important and actionable aspects of cyber security. Reducing the vulnerability of your business data will in turn reduce the exposure and effectively manage risk. User data protection solutions developed from the ground up with endpoint device focus provide IT with a simple, reliable, and rapid response tool to secure, backup, and recover data residing on laptops, desktops and other devices in order to protect business critical data in the modern, mobile, world. 4 EXPOSURE - the damage done through a threat taking advantage of a vulnerability 5 COUNTERMEASURES - processes and standards that are used to combat and mitigate the vulnerability & risks

5 5 03 DATA VULNERABILITY Data loss from internal threats, negligence and/or accidents was rated the next big threat by 37 percent of respondents in the 2010 CDW Cyber Security Straw Poll, 6 revealing that human factors are considered a significant challenge and vulnerability by enterprise IT managers. Data loss is a significant and obvious precursor to vulnerability as if data is lost it can result in unauthorized access. The security threat of access and publication of confidential business data has been further highlighted by Wikileaks ability to draw media attention to company s innermost secrets. If your business data isn t properly protected, a plethora of confidential information can find its way onlineincluding s, legal documents, and records of major decisions such as fighting legislation and employee dismissals. The risk of access to confidential business data, whether through an attack on the network or resulting from an internal threat, should be managed effectively with secure business data protection. 01/ THE ENDPOINT IMPERATIVE Data that isn t effectively protected, is left vulnerable to attacks, data breaches and data loss. Loss of user data is a pervasive cyber security problem among global companies, according to a survey released by Ponemon Institute and Vontu, a San Francisco-based provider of data loss prevention products. 7 According to the survey, which queried nearly 500 information security professionals, Eighty-one percent of companies reported the loss of one or more laptops containing sensitive information during the past 12 months, LOST ENDPOINT DATA CAN RESULT IN: > Access to confidential information by unauthorized parties > Sensitive data being published online > Industrial espionage > Reputational damage > Loss of Productivity > Compliance consequences > Legal action Traditionally, IT data architecture has focused on a from-the-inside-outwards approach. However, with increased mobility in modern enterprises and the quickening advances of technology, it has become paramount for IT to begin with the endpoint in mind. The results of our 2010 Data Loss survey support this with nearly half (46%) of respondents relying on a data backup policy (instructing users to backup to a server or external device) for endpoint user data protection. However the failure of users to follow company policy was also highlighted as the main cause of data loss

6 6 03 Even more disturbing was that 68% of respondents were unsure if their company would be able to recover user data in the case of data loss. Without a user data backup solution that effectively protects the data on laptops & desktops, enterprises run the risk of significant data security breaches and user data loss. Endpoint data security focuses on solutions for user data residing on endpoint devices such as laptop and desktop computers, while central control over the software solution is retained. } 7 THINGS WE KNOW: 1 We all save data on our laptops and desktops 2 Most users never backup business critical data 3 Backup policies do not work because they rely on the individual to adhere to policy 4 Users forget, don t know what to do and think it takes too much time 5 There is no central control over what data is backed up, and how often 6 Storage infrastructures cannot handle a large number of users simultaneously backing up 7 IT then gets blamed when users lose their data Add to that: Remote servers, laptops and desktops all contain business critical information with remote logins from employees creating a greater geographic dispersion of data that further compounds the risk. More often than not, remote sites do not have dedicated IT staff and the backup process is flawed.

7 7 04 HOW TO REDUCE DATA VULNERABILITY WITH AN ENDPOINT SOLUTION 01/ NO USER INVOLVEMENT The reality is that users should not be involved in the security of business critical data. When organizations rely on a data backup policy where users are instructed to backup to a central server, they expose themselves to data loss risks. To form a solid data security infrastructure, enterprises need to first completely remove the user from the data backup process by implementing an endpoint data backup solution that is: Automated Centrally managed and configured Centrally deployed Transparent, with no user interruption, increasing user adoption Removing user involvement in data backups and putting IT in control is vital for effective data security and foundational protection against cyber security threats. 02/ CENTRAL CONTROL OVER DATA BACKUPS IT Managed backup not only ensures that user data is secure and available for recovery in the event of a laptop or desktop being compromised by a virus or other failure, it increases endpoint security and disaster recovery preparedness and decreases the risk of cyber threats. In order to enforce the company s data backup policy, IT needs to have a complete oversight over the endpoint data backup environment. Cibecs gives IT central control over endpoint business data by providing the ability to: Centrally deploy the User Agent software, automating installation and ensuring user adoption Centrally define policies over what data needs to be backed up, from which users, and when Pinpoint potential data loss risk areas and act quickly on it Manage backups centrally and report on protection ratings and areas of concern Prove compliance and the efficiency of Disaster Recovery Planning with intuitive reports Automate the backup process, further ensuring that user data is backed up and secure With Cibecs, IT has full control over data backup selection, quotas, schedule options and settings.

8 / CENTRALIZED & GRANULAR DATA ACCESS CONTROL Central control over user data backups is a paramount foundational consideration when addressing cyber security. However, once the data is backed up and secure, controlling access to this data is an equally important measure. More granular and refined data access and web security policies are a certain requirement for enterprise data protection. MessageLabs Intelligence 2010 Annual Cyber Security report shows an average of 30 custom policy rules per organization in 2010; with a rise to 50 this year. 9 Company policy should limit access to secure data based on business roles. Cibecs ensures central control over endpoint user data with controlled and customizable access to confidential data. With Cibecs, an encryption key is uniquely generated per user to ensure that access to data remains on a per user level. To access a user s data requires the uniquely generated encryption key for that user to be entered. This key is safe guarded in the Encryption Key Safe. The Encryption Key Safe safeguards each user s unique encryption key in the event of a user requiring access to their data. 04/ DATA ENCRYPTION } Research shows that attacks on thousands of business computers are becoming less frequent, with targeted attacks on a single company or, even one individual, becoming increasingly common. 10 These attacks require access to this individual or organization s data. To prevent such an attack and effectively protect user data from any unauthorized access, enterprises need to implement appropriate security measures. Controlled access is only a partial security measure and should form part of addressing security in information architecture as a whole, while reliable and secure data encryption are further critical measures required to secure user data. Local Disc Encryption: Products like Safeboot, PGP and open source options like TrueCrypt encrypt the data on an individual s notebook or desktop, in addition to the data being backed up and encrypted by an effective data backup and recovery software solution. Backup encryption: The backup and recovery solution you use should automatically encrypt your data. This is an especially important feature when it comes to compliance and data breach notifications. Anyone with IT access can access data stored on the server, which is why encryption of user data is vital in preserving data integrity. Cibecs provides the ability for authorized personnel to be granted Security Officer rights over encryption keys enabling them to retrieve keys when required. This ensures granular access to confidential information and central control over who can view confidential user data

9 9 04 Cibecs is a certified Cryptography Service Provider. With Cibecs, the backup data for each user is encrypted using Blowfish 448bit (CBC mode) before being transmitted to the server. All communication between the User Agent and Continuity Server is encrypted through a secure SSL connection. The backup and restore data is also in an encrypted state while being transmitted therefore providing increased data security. } Effective encryption aids in ensuring that confidential user information can t be accessed by unauthorized parties. 05/ THE ABILITY TO TRACK DATA CHANGES For many institutions, security threats and suspected breaches in data security where a document has been changed or edited are difficult to prove as they don t have access to previous versions of user data. A recent example of this is a financial institution suspected unauthorized access to their books where changes were made to spreadsheets. Unfortunately, as they couldn t restore previous versions of their data they could not legally prove their case. A backup solution that provides previous versions of files to be restored removes this risk, improves corporate governance compliance and provides an audit trail. Cibecs allows authorized access to previously backed up versions of user documents through file versioning, giving organizations the ability to restore older versions of files as well as track and monitor data changes. This is a huge security advantage for enterprises in instances such as - Corporate governance compliance - Proving legal disputes - Monitoring and validating a user data security breach With access to this information, enterprises have greater control over data, and security risks are substantially reduced as past versions of user files can be easily restored.

10 / SAFE & SIMPLE DATA RECOVERY Despite high-profile news coverage of botnet attacks, botnets showed as the top concern of only 14 percent of respondents in the 2010 CDW Security Straw Poll, 11 however if user data has been compromised or a user machine has been infected by a virus, data recovery is a of obvious importance. Products like Net Trace also allow for asset tracking and remote deletion of the information but then the data is lost forever. If your endpoint business data is backed up you can go ahead, destroy the data on the user s machine in the knowledge that the business data is accessible and can be restored. An endpoint solution that provides simplified, safe and reliable data recovery is paramount for enterprises, ensuring authorized data recovery, increased operational benefits and reduced required resources- ultimately lowering overhead costs. Cibecs ensures simple, fast and safe data recovery with: Fast, wizard-driven restores Unattended data restore File versioning, recover previous versions of data Ability to restore data to original location on new machine or Operating System Protecting data from unauthorized recovery Cibecs allows users to quickly and easily recover their own data by using the self-service recovery feature in the User Agent. As described, Cibecs prevents unauthorized recovery of the user s data by requiring the uniquely generated encryption key for that user to be entered. Only those with authorized access will know the user s Encryption Key. } 11

11 11 10 SUMMARY Cyber security is a paramount consideration for enterprises. Technology risks should form an integral part of a company s overall risk management strategy, says Richard Dewing, CEO of automated data backup and recovery solutions company, Cibecs. Legislation, like Sarbanes- Oxley, makes it imperative for companies to carefully manage the kind of information they have, how it is used, how it is stored and how it is secured. An effective endpoint solution should ensure the following, improving protection against cyber threats: 1. No user involvement in data protection 2. Centralized endpoint data control 3. Granular access control over business data 4. Secure data encryption 5. Tracking and proof of data changes 6. Safe, fast data recovery As Intel s Calloni states, security needs to be built-in, not bolt-on, enterprises need a strategy that covers data management and protection holistically, ensuring complete and centralized data control. To avoid future data loss/data breach incidents, IT needs to use a solution that offers functionality specific to endpoint devices, paying especially close attention to features that offer IT infrastructure and CPU optimization, central management, data reduction and encryption capabilities, as well as those that remove user involvement in the backup process altogether. Conclusion: Cibecs offers complete control over endpoint data, reducing cyber threat vulnerability Cibecs is an automated data backup and recovery solution, specifically developed for endpoint devices, that offers tangible operational benefits over and above the insurance benefit of quick and easy data recovery. Counting the National Prosecuting Authority, Gijima, Unisys, Ingram Micro, Business Connexion, and several major financial institutions amongst its loyal clients. Visit to download our 30 Day Free Trial now Visit for more information or contact Cibecs at (617) (USA) or (+27) (RSA)