Protect your business against internal threats

Tips to help you avoid attacks similar to taking control of computer networks in San Francisco.

In July 2008, a disgruntled network administrator named Terry Childs took control of the computer network in San Francisco, preventing other network administrators from accessing the system.

Photo: www.cssecure.com

Details of how Childs used to carry out the case are still being investigated. However, it seems that Childs has changed the passwords of routers and switches a lot, then removed access for all employees of the San Francisco Ministry of Information and Communications, leaving him in total control. system.

Why does an individual have the privilege of administering the entire system? How can an extravagant act like changing a series of passwords be done without encountering any obstacles? And finally, the most important question: What do you draw from the attack and how do you protect your work from the danger that exists inside?

Security experts use the term 'threat' to refer to things that are likely to harm your system. One of the most dangerous threats is an internal vandal with a deep understanding of the system.

Fred Pinkett, Vice President of Core Security Technologies, a security company based in Boston and Buenos Aires, has given some advice to building a strategic security layer that helps to limit the ability of insiders to sabotage.

1. Division of roles and duties closely.

No one has access to everything. If you have a lot of administrators, separate your work, so don't let an individual or a group have full access to all computer networks. This will ensure that no single individual is able to knock down the entire system.

2. Consider carefully if managing sensitive data.

If you have a modest budget, can't afford to recruit employees for IT positions, take a step back and consider the importance of your job security. If you manage credit card information or other sensitive data, you should consider transferring the IT department to a company that has the financial ability to fully recruit the necessary position to operate. security system. If not, with such an open system, it's best not to manage sensitive data anymore.

3. Pay special attention to backup strategies.

The department responsible for backing up and storing data needs to be separate from network administrators and system administrators. Otherwise the backup copies will be very vulnerable in the attack.

4. Invest in a solid security system.

Building a multi-tiered defense system, using a firewall combined with maintaining suspicious moves is the key to a solid security system.

5. Install intrusion detection system (IDS).

In the San Francisco case, the IDS system can detect the process of changing passwords in bulk and give timely alarms. Remember that a rebellious attack can start from the inside, so if you focus all the firepower outside, you will experience heavy losses.

6. Encryption, encryption and encryption.

All sensitive data needs to be encrypted in any case. Imagine if your data were in packages, when the cargo truck was in distress, where would the packages fly, where would the customer credit card information fly? Therefore, it is best to encrypt the data.

7. Security is a regular and continuous process.

Once you have fully implemented the above strategies, remember that security is a regular and continuous process. Monitoring and checking the current situation needs to be done regularly. Try starting from the outside, entering your defenses and wondering: If a hacker invades this security layer, what will he do? The answer may surprise you.

The key is not in professional architecture: people and ways of handling are important factors. If you can master all three factors, you are able to resist attacks similar to those in San Francisco.