 |
|
|
CU Resources Spotlight
Perimeter, Host and Endpoint Security – Finding the Right Mix
By Kevin Prince, Chief Security Officer, Perimeter eSecurity™.
In the past, security at the perimeter and network edge took precedence, but the balance has gradually shifted over the years. While it is still important to secure the perimeter because the old attacks featuring scripts, bot-nets, port scanning, etc. are continuing unabated, the inner edge and the core of the network are gaining more attention. Unfortunately, the inside and outside threat levels are blurring and credit unions must work hard to protect against all types of threats regardless of where they originate.
In many regards, there is a "perfect storm" brewing: hackers now have easy access to the tools, networks and specialized knowledge that they need to launch complex attacks. There is a whole new world of attack methodologies and techniques, and many of them involve lodging themselves inside the credit union’s network with remote control, root key, and/or keylogging software. This means that credit unions must do a better job of securing individual systems such as file and database servers that hold sensitive data, as well as individual workstations. It is critical for IT departments to always know who is accessing their systems and from what location.
Host based Intrusion Prevention Systems are gaining in popularity as a result of these new inside attacks. Many of our clients now are using a layered Intrusion Prevention strategy – one that combines Network Intrusion Prevention with a full-featured Host- based Intrusion Prevention implementation. We design these systems to work in concert to deliver a defense in depth solution.
Additionally, we can obtain a contextual view of the flow of data through the credit union’s network which allows us to enforce security controls and policies from a central location. It is always important to strictly enforce the credit union’s policies and we accomplish this with our Policy Compliance service. This service utilizes a comprehensive series of system security tests to measure various security aspects of the computers located in the credit union’s network and compares the results with Perimeter’s Recommended Security Policy.
With so many different layers of defense needed today such as e-mail, user, network, system, vulnerability and intrusion; it can be quite difficult for credit unions to decide where to start. Virtually all credit unions have at least two or three layers of defense in place, so the big question becomes what should I do next? At Perimeter eSecurity, we have helped thousands of credit unions answer that question and focus their efforts in the most risk-appropriate areas. With over fifty different security products, our goal is to tailor the right solution to each credit union’s specific needs. We call this ‘complete security on demand,’ and Perimeter makes this world-class security easily available and affordable for credit unions of all sizes.
More information
on the company and their services.
February, 2008
|
|
|
|
|
