What can we learn from the Snowden case?
By Daren Glenister, Field Chief Technology Officer, Intralinks
Monday, 08 June, 2015
The infamous Edward Snowden case is the most cited security breach in recent history. This is in part due to the highly confidential data he extracted from the National Security Agency (NSA), but also the extremely public nature of his revelations. So what can we learn from cases like Snowden and, more importantly, how can businesses protect against others just like him?
Historically, the organisation’s perimeter has been protected by the firewall. However, with mobile technology and the cloud dramatically changing business processes and practice, IT has been forced to open up the firewall to allow for remote or mobile users, enable collaboration with external business partners and make way for technologies in the cloud, such as CRM and payroll applications.
With the demand to open access to data, security vendors introduced Identity and Access Management tools to control who had access to data. The transition from the firewall to identity as the new perimeter led data access to be restricted based on the security clearance and role of specific employees.
Edward Snowden was a classic case of how this failed. While employed by the NSA, he had Top Secret clearance and had access to Top Secret data. His user identity was closely monitored, but this did not prevent him from stealing approximately 1.7 million highly classified documents. If identity as the perimeter did not protect the NSA, how reliable is it for anyone else?
If security parameters are too tight, productivity suffers, and if there are no perimeters, sensitive information can be leaked into the wrong hands.
So where should the perimeter be? In today’s environment, content is the new perimeter. Content as the perimeter means that instead of relying on firewalls or identity solutions to prevent unauthorised access to data, newer technologies - such as Information Rights Management (IRM) - can enable organisations to implement security controls in their data, wherever it resides. By placing the controls in the data itself, organisations have the ability to control who can open it by verifying their permissions and even unsharing data in the event an employee leaves the organisation. In the case of Edward Snowden, IRM would have enabled the NSA to immediately revoke Snowden’s access to all the data he stole. Continual advancements in IRM software mean it won’t be long before data can be controlled, geo-fenced and access analysed for usage, wherever it resides.
So where to from here? The IT industry is constantly evolving. Organisations need to demand advanced levels of security to ensure they remain productive and competitive. Being conscious that the perimeter is a constantly shifting thing, and partnering with technology companies that understand this and are constantly innovating, will ensure organisations are better prepared for change on the information security battlefront.
Chinese hacker group Thrip is involved in a targeted espionage operation against satellite,...
Some 28% of Australian organisations encountered cryptojacking attacks in Q1 and 21% encountered...
PageUp has provided an update on the potential data breach disclosed by the company at the start...