EXECUTIVE SUMMARY: CYBER SECURITY
MANAGING YOUR ‘ATTACK SURFACE’
DATA VULNERABILITY
1 THE ENDPOINT IMPERATIVE
HOW TO REDUCE DATA VULNERABILITY WITH AN
ENDPOINT SOLUTION
1 NO USER INVOLVEMENT
2 CENTRAL CONTROL OVER DATA BACKUPS
3 CENTRALIZED & GRANULAR DATA ACCESS CONTROL 4 DATA ENCRYPTION
5 THE ABILITY TO TRACK DATA CHANGES 6 SAFE & SIMPLE DATA RECOVERY
SUMMARY
01
EXECUTIVE SUMMARY
The cyber threat landscape has matured significantly over the past
10 years, due in part to the proliferation of new technologies and an
increasing reliance on the Internet for personal and business needs.
Not only are Governments looking for ways to improve the security of their critical infrastructure systems, enterprises have become increasingly aware of the obvious real threat of data security breaches.
The recently released MessageLabs Intelligence 2010 Annual Security1 report highlights the fact that the
2010 cyber security landscape was “shaped by the technological advances made in more sophisticated forms of malware as the cyber criminals continued to find new and innovative ways to attack computers and businesses”.
Risk management and improved security ecosystems are high priorities for IT. The 2010 CDW Security Straw Poll2 has illustrated not only the increasing
focus on data security in enterprises, but how business data loss is seen as the number one cyber security challenge. The majority of organizations
}
have dedicated IT security support in place,but nearly all see room for improvement in their business’ IT defenses, resulting in an increased requirement for a data protection solution that addresses cyber security while providing tangible enterprise benefits.
The increasing mobility of workers and the
resulting ‘business data spread’ has required faster security innovation and an IT mindset change- looking at enterprise data architecture from the outside inwards, instead of the inside outwards. Protecting endpoint data and recognizing solutions built ‘from the ground up’ to secure user data on laptops & desktops has become a paramount enterprise imperative, with Gartner noting that endpoint user data security is one of the major problems faced by IT today.3
1 http://www.symantec.com/about/news/release/article.jsp?prid=20101207_01
2 http://newsroom.cdw.com/features/feature-06-01-10.html
MANAGING YOUR
‘ATTACK SURFACE’
Increasing amounts of business data mean there’s more data than ever to scan for
threats. Data is being generated at a compound rate of 60% per year. hat means
there’s 60% more data out every year than there was the year before.
402
Security decreases as attack surface increases, so the exponential growth of business data in an organization makes protecting data more complicated than ever before. A larger mobile workforce and the growing prevalence of enterprises using laptops as their primary system makes control over endpoint user data one of the most challenging and vital cyber security considerations.
Vulnerability is one of the most important and actionable aspects of cyber security. Reducing the vulnerability of your business data will in turn reduce the exposure and effectively manage risk.
User data protection solutions developed ‘from the ground up’ with endpoint device focus provide IT with a simple, reliable, and rapid response tool to secure, backup, and recover data residing on laptops, desktops and other devices in order to protect business critical data in the modern, mobile, world.
4 http://outsourceportfolio.com/cyber-security-top-mind-enterprise-architects-open-group-conference/
5 http://outsourceportfolio.com/cyber-security-top-mind-enterprise-architects-open-group-conference/
Intel’s researcher, Ben Calloni, elaborates on this issue by discussing what he calls your business ‘attack surface’. Security is expensive, so the need to reduce an organization’s ‘attack surface’ is critical when establishing a security policy. In order to build a security policy that will protect your organization, Calloni argued that you must be able to look at what area or parts of your system/network are available for an assailant to compromise.
FIVE KEY AREAS THAT MUST BE LOOKED AT INCLUDE:
1 VULNERABILITY - to have it, an attacker must be
able to access it
2 THREATS - any potential hazard of harm to the data,
systems or environment by leveraging a vulnerability; Individual taking advantage of a vulnerability
3 RISK - the probability of the threats using
the vulnerabilities; higher risks come with more vulnerabilities and increased threats
4 EXPOSURE - the damage done through a threat
taking advantage of a vulnerability
5 COUNTERMEASURES - processes and standards
03
DATA VULNERABILITY
Data loss from internal threats, negligence and/or accidents was rated the “next big
threat” by 37 percent of respondents in the 2010 CDW Cyber Security Straw Poll,
6revealing that human factors are considered a significant challenge and vulnerability
by enterprise IT managers.
Data loss is a significant and obvious precursor to vulnerability as if data is lost it can result in unauthorized access.
The security threat of access and publication of confidential business data has been further highlighted by Wikileaks’ ability to draw media attention to company’s innermost secrets. If your business data isn’t properly protected, a plethora of confidential information can find its way online- including e-mails, legal documents, and records of major decisions such as fighting legislation and employee dismissals.
The risk of access to confidential business data, whether through an attack on the network or resulting from an internal threat, should be managed effectively with secure business data protection.
01/
THE ENDPOINT IMPERATIVE
Data that isn’t effectively protected, is left vulnerable to attacks, data breaches and data loss.
Loss of user data is a pervasive cyber security problem among global companies, according to a survey released by Ponemon Institute and Vontu, a San Francisco-based provider of data loss prevention products.7
According to the survey, which queried nearly 500 information security professionals, Eighty-one percent of companies reported the loss of one or more laptops containing sensitive information during the past 12 months,
LOST ENDPOINT DATA CAN RESULT IN:
> Access to confidential information by
unauthorized parties
> Sensitive data being published online > Industrial espionage
> Reputational damage > Loss of Productivity > Compliance consequences > Legal action
Traditionally, IT data architecture has focused on a ‘from-the-inside-outwards’ approach. However, with increased mobility in modern enterprises and the quickening advances of technology, it has become paramount for IT to begin with the endpoint in mind. The results of our 2010 Data Loss survey support this with nearly half (46%) of respondents relying on a data backup policy (instructing users to backup to a server or external device) for endpoint user data protection.
However the failure of users to follow company policy was also highlighted as the main cause of data loss.8
6 http://newsroom.cdw.com/features/feature-06-01-10.html
7 http://complianceandprivacy.com/News-Ponemon-data-breach-confidence-study.html
03
}
Even more disturbing was that 68% of respondentswere unsure if their company would be able to recover user data in the case of data loss.
Without a user data backup solution that effectively protects the data on laptops & desktops, enterprises run the risk of significant data security breaches and user data loss.
Endpoint data security focuses on solutions for user data residing on endpoint devices such as laptop and
desktop computers, while central control over the software solution is retained.
7 THINGS WE KNOW:
1 We all save data on our laptops and desktops 2 Most users never backup business critical data 3 Backup policies do not work because they rely
on the individual to adhere to policy
4 Users forget, don’t know what to do and think it
takes too much time
5 There is no central control over what data is backed up, and how often
6 Storage infrastructures cannot handle a large number of users simultaneously backing up
7 IT then gets blamed when users lose their data Add to that: Remote servers, laptops and desktops
04
01/
NO USER INVOLVEMENT
The reality is that users should not be involved in the security of business critical data. When organizations rely on a data backup policy where users are instructed to backup to a central server, they expose themselves to data loss risks.
To form a solid data security infrastructure, enterprises need to first completely remove the user from the data backup process by implementing an endpoint data backup solution that is:
Automated
Centrally managed and configured Centrally deployed
Transparent, with no user interruption, increasing user adoption
Removing user involvement in data backups and putting IT in control is vital for effective data security and foundational protection against cyber security threats.
HOW TO REDUCE DATA VULNERABILITY
WITH AN ENDPOINT SOLUTION
02/
CENTRAL CONTROL OVER
DATA BACKUPS
IT Managed backup not only ensures that user data is secure and available for recovery in the event of a laptop or desktop being compromised by a virus or other failure, it increases endpoint security and disaster recovery preparedness and decreases the risk of cyber threats. In order to enforce the company’s data backup policy, IT needs to have a complete oversight over the endpoint data backup environment.
Cibecs gives IT central control over endpoint business data by providing the ability to:
Centrally deploy the User Agent software,
automating installation and ensuring user adoption Centrally define policies over what data needs to be backed up, from which users, and when
Pinpoint potential data loss risk areas and act quickly on it
Manage backups centrally and report on protection ratings and areas of concern
Prove compliance and the efficiency of Disaster Recovery Planning with intuitive reports
Automate the backup process, further ensuring that user data is backed up and secure
}
04
03/
CENTRALIZED & GRANULAR
DATA ACCESS CONTROL
Central control over user data backups is a paramount foundational consideration when addressing cyber security. However, once the data is backed up and secure, controlling access to this data is an equally important measure.
More granular and refined data access and web security policies are a certain requirement for enterprise data protection. MessageLabs Intelligence 2010 Annual Cyber Security report shows an average of 30 custom policy rules per organization in 2010; with a rise to 50 this year.9
Company policy should limit access to secure data based on business roles.
Cibecs ensures central control over endpoint user data with controlled and customizable access to confidential data. With Cibecs, an encryption key is uniquely generated per user to ensure that access to data remains on a ‘per user’ level. To access a user’s data requires the uniquely generated encryption key for that user to be entered. This key is safe guarded in the Encryption Key Safe. The Encryption Key Safe safeguards each user’s unique encryption key in the event of a user requiring access to their data.
Cibecs provides the ability for authorized personnel to be granted ‘Security Officer’ rights over encryption keys enabling them to retrieve keys when required.
This ensures granular access to confidential information and central control over who can view confidential user data.
9 http://www.symantec.com/about/news/release/article.jsp?prid=20101207_01
10 http://outsourceportfolio.com/cyber-security-top-mind-enterprise-architects-open-group-conference/
04/
DATA ENCRYPTION
Research shows that attacks on thousands of business computers are becoming less frequent, with targeted attacks on a single company or, even one individual, becoming increasingly common.10 These attacks
require access to this individual or organization’s data. To prevent such an attack and effectively protect user data from any unauthorized access, enterprises need to implement appropriate security measures. Controlled access is only a partial security measure and should form part of addressing security in information architecture as a whole, while reliable and secure data encryption are further critical measures required to secure user data.
Local Disc Encryption: Products like Safeboot, PGP
and open source options like TrueCrypt encrypt the data on an individual’s notebook or desktop, in addition to the data being backed up and encrypted by an effective data backup and recovery software solution.
Backup encryption: The backup and recovery solution
04
}
05/
THE ABILITY TO TRACK DATA
CHANGES
For many institutions, security threats and suspected breaches in data security where a document has been changed or edited are difficult to prove as they don’t have access to previous versions of user data. A recent example of this is a financial institution suspected unauthorized access to their books where changes were made to spreadsheets. Unfortunately, as they couldn’t restore previous versions of their data they could not legally prove their case.
A backup solution that provides previous versions of files to be restored removes this risk, improves corporate governance compliance and provides an audit trail.
Cibecs is a certified Cryptography Service Provider. With Cibecs, the backup data for each user is encrypted using Blowfish 448bit (CBC mode) before being transmitted to the server.
All communication between the User Agent and Continuity Server is encrypted through a secure SSL connection. The backup and restore data is also in an encrypted state while being transmitted therefore providing increased data security.
Effective encryption aids in ensuring that
confidential user information can’t be accessed by unauthorized parties.
Cibecs allows authorized access to previously backed up versions of user documents through file versioning, giving organizations the ability to restore older versions of files as well as track and monitor data changes. This is a huge security advantage for enterprises in instances such as
- Corporate governance compliance - Proving legal disputes
- Monitoring and validating a user data security breach
04
06/
SAFE & SIMPLE DATA
RECOVERY
Despite high-profile news coverage of botnet attacks, botnets showed as the top concern of only 14 percent of respondents in the 2010 CDW Security Straw Poll,11
however if user data has been compromised or a user machine has been infected by a virus, data recovery is a of obvious importance.
Products like Net Trace also allow for asset tracking and remote deletion of the information – but then the data is lost forever. If your endpoint business data is backed up you can go ahead, destroy the data on the user’s machine in the knowledge that the business data is accessible and can be restored.
An endpoint solution that provides simplified, safe and reliable data recovery is paramount for enterprises, ensuring authorized data recovery, increased operational benefits and reduced required resources- ultimately lowering overhead costs.
11 http://newsroom.cdw.com/features/feature-06-01-10.html
}
Cibecs ensures simple, fast and safe datarecovery with:
Fast, wizard-driven restores Unattended data restore
File versioning, recover previous versions of data
Ability to restore data to original location on new machine or Operating System
Protecting data from unauthorized recovery
Cibecs allows users to quickly and easily recover their own data by using the self-service recovery feature in the User Agent. As described, Cibecs prevents unauthorized recovery of the user’s data by requiring the uniquely generated encryption key for that user to be entered. Only those with authorized access will know the user’s
SUMMARY
Cyber security is a paramount consideration for enterprises.
Visit www.cibecs.com for more information or contact Cibecs
at (617) 674-2437 (USA) or (+27) 11 791 0073 (RSA)
10
“Technology risks should form an integral part of a company’s overall risk management strategy,” says Richard Dewing, CEO of automated data backup and recovery solutions company, Cibecs. “Legislation, like Sarbanes- Oxley, makes it imperative for companies to carefully manage the kind of information they have, how it is used, how it is stored and how it is secured.” An effective endpoint solution should ensure the following, improving protection against cyber threats: 1. No user involvement in data protection
2. Centralized endpoint data control
3. Granular access control over business data 4. Secure data encryption
5. Tracking and proof of data changes 6. Safe, fast data recovery
As Intel’s Calloni states, “security needs to be built-in, not bolt-on,” enterprises need a strategy that covers data management and protection holistically, ensuring complete and centralized data control.
To avoid future data loss/data breach incidents, IT needs to use a solution that offers functionality specific to endpoint devices, paying especially close attention to features that offer IT infrastructure and CPU optimization, central management, data reduction and encryption capabilities, as well as those that remove user involvement in the backup process altogether.
Conclusion: Cibecs offers complete control over endpoint data, reducing cyber threat vulnerability
Cibecs is an automated data backup and recovery solution, specifically developed for endpoint devices, that offers tangible operational benefits over and
above the “insurance” benefit of quick and easy data recovery.
Counting the National Prosecuting Authority, Gijima, Unisys, Ingram Micro, Business Connexion, and several major financial institutions amongst its loyal clients.