The challenge of computer and network security is not new. Companies and individuals have spent decades trying to prevent unauthorized access, and avoid compromise or infection. Both the threat landscape and the tools and technologies designed to guard against it have evolved significantly over time, but even today it remains an elusive game of “cat and mouse”.
The idea of a network perimeter—where the devices and data on the inside are inherently trusted and protected against any access from the outside—has been dead for a while. Laptops and mobile devices have empowered people to connect to the Internet from virtually anywhere and anytime, which all but negates the concept of inside and outside the network, or “us vs. them”.
Realistically, there is nothing you can do to make a network, computer, or mobile device absolutely impenetrable. Rather than even humoring that as a goal, organizations and individuals should implement security best practices to prevent most attacks and minimize the potential for compromise, but also operate from the assumption that the network or device will, in fact, be breached at some point.
The important thing is securing the data. It would be ideal to prevent unauthorized access to a network or device entirely, but—assuming an attacker does infiltrate—how much damage can they actually do if they are unable to access or extract any of the data?
Vera is focused specifically on securing and protecting data—no matter where that data resides or who it is shared with. Earlier this month, Vera expanded its line of defense to include email with the announcement of Vera for Mail—a tool designed to protect both the body and attachments of email communications, manage internal and external collaboration, prevent unauthorized sharing of data, and give IT admins the ability to revoke access to sensitive data at any time.
“Today employees have more communication options than ever before; instant messaging, social networks, group chat, and yes email – which still remains one of the most important business tools,” said Alan Lepofsky, vice president and principal analyst at Constellation Research. “One of the common business requirements across these services is security. With information being spread across so many channels it’s more important than ever that organizations feel confident that their confidential information remains secure. With millions of messages being sent per day, companies want solutions that IT can enforce, but don’t provide extra friction for employees to use.”
Again, in a perfect world we would be able to prevent an attacker from gaining access to a network or device in the first place. Based on the seemingly constant headlines of data breaches across companies large and small, or the high profile hack of the DNC email servers by Russian attackers to influence the election last year, though, that seems like an unattainable or impractical goal. A more realistic approach is to assume an attacker will gain access and instead implement tools that ensure no information of any value can be compromised.
By all means, continue to put forth your best effort to secure and protect your network and devices from compromise—use firewalls, antimalware, and the other standard security tools at your disposal. Just make sure you aren’t under some illusion that you’ll succeed in becoming impenetrable. Be realistic, and consider what you can do to protect what’s most important—the data—even if an attacker gains access.
Source: SANS ISC SecNewsFeed @ February 21, 2017 at 09:09PM