However, massive investments in perimeter defences – including firewalls, access control, intrusion detection and virus detection – is creating a false sense of security for the majority of UK businesses.
While the perimeter may now be effectively patrolled, what about the internal threat? Every time the IT operations team extends user access across different systems, or makes unauthorised changes in response to a system configuration crisis, the end result is a potential increase in security loopholes and an unacceptable level of risk to the business.
Security teams usually carry the can for such failures, but for the most part they are ‘working blind’. They have no control over operational activity and, typically, no visibility of the changes made. The first time any holes in the security policy are revealed is the occurrence of a major business problem.
Any failure to police IT operational change fundamentally compromises the extensive investment in security technology, and creates a significant business risk. It’s time for organisations to take a more proactive approach towards monitoring the changes in system infrastructure. They need to stop focusing so much attention on the perimeter because it’s already secure. Instead, they should patrol those internal processes and system changes which are currently leaving the business vulnerable to a security risk.
Paul Gostick, Marketing Manager (EMEA), Tripwire