Prevention is better than cure, right? That’s what we’re told every time something goes wrong, something that we should have been able to prevent with a little foresight. The logic is sound but that doesn’t mean we shouldn’t have a plan B. After all, some events are nigh impossible to prevent; in which case, you really ought to have a cure or some other solution available. This is a point that Art Gilliland, who is senior vice president at Hewlett Packard (HP), makes in relation to data security. Gilliland, who is also HP’s general manager of enterprise security products, thinks that companies waste too much time and resources trying to devise hacker proof security systems, when they ought to focus on developing systems that will allow them to identify and evict hackers before too much damage is done.
According to Gilliland, Internet hackers who breach a data security system can poke around for an average of 416 days before the system even knows that they are there. That’s over a year of having a stranger put his dirty paws all over your sensitive information. Imagine the damage that can be done in all that time; the long-term damage.
To add insult to injury, it seems that in almost 100% of cases, companies that have been breached never find the interloper themselves – they have to be pointed out by third parties. That’s embarrassing at the best of times, but it’s ever so much worse when you’ve invested a small fortune in your data security controls.
How to Stop Hackers – Catch them early
We’ve imagined the damage that an intruder can do within a space of 416 days, but we haven’t imagined how comfortable he can make himself in this time. Essentially, he’s had more than a year to create a nest and set up his own security. He becomes practiced at evading your detection systems. The more time he has to make himself at home in your space, the more difficult it will be to evict him. It’s almost as complicated, and as daunting, as trying to evict squatters from physical premises.
What you need, then, are early detection systems, so that you can give hackers the boot before they have time to settle in.
Before you can create these systems, however, you need to really understand your system, especially its vulnerabilities. Those are the areas where you want to build the most solid defenses, sure; but they are also where you want to have your strongest backup systems.
You also have to realize that the vulnerabilities don’t necessarily have to be directly tied to your business. One of your employees could have a chatty brother on Facebook; one misguided comment and one status update later, and hackers could have found a backdoor you never knew existed. This just serves to illustrate that your data’s security depends on a lot more than firewalls and encryption.
If you can nip breaches like that in the bud, you’re on your way to understanding what is required when it comes to other levels of security.
If it looks like a duck, but doesn’t quack like a duck, is it a duck?
One of the reasons why intruders successfully infiltrate our systems and remain undetected is their ability to blend in perfectly. They may take over a staff member’s profile, using the stolen identity to get away with corporate murder. The trick is to look for and find the subtle signs that certain staff members are acting out of character. For example, alarms should go off if Grace, who usually only opens a certain set of files twice a week, opens it four times in as many days. Perhaps Grace has access to all the files at a certain security level, but she doesn’t have any need to open more than three of them.
If she suddenly starts opening files she’s never looked at before, it’s probably time to start asking questions. (Mind you, Grace shouldn’t have access to files she doesn’t need, in the first place.)
It’s all good and well having early detection systems in place that will help you identify security breaches; but even the best tools are useless in a fool’s hands. Early detection is just one part of the security foundation; you also need security teams who know how to use the systems, from monitoring them to carrying out emergency repairs until professionals can come in. You need staff who understand just how important your data is, and who are responsible not to let information slip in front of that chatty brother.
And, of course, you need good defenses. Security has to start somewhere, so it might as well start at the beginning.
Jemima Winslow writes for Data Detect, a data recovery specialist whose quality hard drive data recovery services in Perth have earned it a reputation for reliability right across Australia.