Manage security from within

Once beleaguered security teams now have significant budgets to spend in a bid to mitigate the risk associated – primarily – with the constantly escalating threat borne out of the Internet.

However, the massive investments made in perimeter defences – encompassing firewalls, access control, intrusion and virus detection – are doing little more than creating a false sense of security for the majority of UK businesses. Although the perimeter is now being effectively patrolled, what about the internal threat?

Every time the IT operations team extends user access across different systems, or makes unauthorised changes in response to a system configuration crisis, the end result is a potential increase in security loopholes and an unacceptable level of risk to the business.

Security teams usually carry the can for such failures, but they are working blind. They have no control over operational activity and, typically, no visibility of any changes that happen to have been made. The first time any holes in the security policy are revealed is during a major business problem, by which time it can often be way too late.

Failure to police IT operational change fundamentally compromises the extensive investment made in security technology, at the same time creating a significant business risk. It’s high time organisations adopted a more proactive approach towards monitoring the changes in systems infrastructure.

They need to stop focusing so much attention on the perimeter because it’s already secure. Instead, corporate enterprises ought to be policing those internal processes and systems changes that currently leave the business vulnerable to a security breach.

Paul Gostick, Marketing Manager (EMEA), Tripwire