Security Experts:

When it Comes to Your Infrastructure, Security is More than Skin Deep

Anyone who’s a Game of Thrones fan knows that fortifying the castle walls is essentially useless if the structures and people inside are not equipped to proactively fend off attacks. Winterfell, after all, was taken by a handful of men who came quietly at night -- and so can your data if no one is armed, trained and prepared to protect it. I see quite often that in the rightful pursuit of compliance and external security, armoring internally against incoming threats is all too often overlooked.

Without the internal and external safeguards working in conjunction, your vulnerability will spike and your performance will suffer as a by-product -- two things you can’t afford to have happen. Here’s a look at why security on the inside as just as vital as security on the perimeter.

Overlooking your internal security sets you up for exploitation

To put it in practical terms, let’s think about a healthcare organization. Most healthcare-focused businesses take care of implementing a base level of external security in order to meet HIPAA, HITRUST, or other regulatory compliance requirements but many times overlook internal security components. This can be devastating. In 2012, 46 percent of data breaches in healthcare organizations were the result of lost or stolen devices, and 42 percent were the result of employee mistakes or unintentional actions, according to the Ponemon Institute’s annual report on Patient Privacy & Data Security.

Neglecting parts of your internal infrastructure can swing the door wide open for an attacker to exploit PCs, kiosks, printers or other internal hardware by abusing allowed or open resources needed for day-to-day business. Malicious websites, emails and other media contribute to widespread data corruption. Proven true in recent data breaches, internal assets are often the initial footholds by which attackers pivot through an organization and steal data. Rely on introspection, monitoring, alerting, and forensic data in order to prevent and respond to potential attacks.

Your staff leaves you open to human error

I’ve touched on this before, but it’s an important piece of the puzzle to keep top of mind. Without question, your staff is your most volatile internal security risk. Simply because your staff is comprised of human beings, errors are bound to occur.

A poorly trained workforce, disgruntled employee, and social engineering can all contribute to a compromise from within. Just last November, the South Carolina Department of Revenue’s website was hacked through a social engineering tactic in which a user of the system was duped into opening a malicious file. As a result, more than three million social security numbers, and other sensitive pieces of information, were stolen. This is just one example of the damage that the vulnerable human element of security can perpetrate.

So what can you do to be proactive about this? Here are the musts:

• Detail a comprehensive policy that outlines a protocol around data confidentiality and electronic media usage, so that all members of your team clearly understand what is expected of them.

• Host recurring security training sessions, so safe habits are instilled in your staff and refreshed frequently.

• Stay mindful of the potential for employee collusion, and assign privilege and access based on the idea of least-privilege to help mitigate this possible threat.

• Remain vigilant as far as asset management is concerned. In other words, always know what you have, where you have it, who can access it and how it’s vulnerable.

While you’re nailing down your most optimized and all-inclusive security plan, don’t lose sight of these truths. Take the time to meticulously craft a program that works from the outside in, as well as from the inside out, and keeps your performance at its peak. Attackers will be quick to root out any holes that are left and exploit them, so your watchfulness in securing any conceivable crack before it can become a full-blown security fissure is what will save your business every time.

view counter
Chris Hinkley is a Senior Security Engineer at Armor where he maintains and configures network security devices, and develops policies and procedures to secure customer servers and websites. Hinkley has been with Armor (previously FireHost) since the company’s inception. In his various roles within the organization, he’s serviced hundreds of customer servers, including Windows and Linux, and overseen the security of hosting environments to meet PCI, HIPAA and other compliance guidelines.