Recently, India was subject to cyber attacks from a few Chinese miscreants who hacked into the country's External Affairs Ministry (MEA) server. Though ministry officially denied that such an attack ever took place, and that no important data was available on the server, the incident has created a flutter around the world on the account of security. This wasn't the first incident of hackers trying to break into secure sites.

Earlier, the Chinese army was accused of hacking into a computer system in the Pentagon, US. The previous year, in August, Sweden-based hacker Dan Egerstad managed to hack 100 e-mail accounts of emba­ssies and government offices across the world, including 13 Indian establishments. The hacker posted a list of login IDs, passwords and server addresses on his website www.deranged­security.com. The list included e-mail accounts of Indian Ambassadors to China, US, Germany, Italy, among others. The e-mail account of the officials of the National Defense Academy (NDA) and Defense Research and Development Organization (DRDO) were also found. But Egerstad claimed that he was not a hacker. “I am not a hacker. I only wanted to test security systems. I hope this leads them to take action,” said Egerstad.

Today, the dimensions of the attacks are changing and it's not just restricted to the Pentagon, MEA, DRDO or NDA but every enterprise network today is subject to the risk of being hacked or exploited, which is driving the need for enterprise security.

Threats
In any organization security threats can be classified into two categories-internal and external. The external threats are mostly web-based. The key external threat that enterprises are facing today is from hackers, where the intruder gets access to the network through the root and steals critical information available in the server.

The other way to enter the server is through e-mails. “Research has shown that a majority of e-mails sent over Internet is unsolicited. Phishing has been rampantly used and has created a new category of threat-identity theft. Studies of affected enterprise networks have shown that malware such as worms and viruses are introduced via e-mail. Phishing is one of the bigges:ht threats for the BFSI sector,” informed Bhaskar Bakthavatsalu, Country Manager, Check Point Software Technologies, India and SAARC. Spam mail are also topping
the external threats list today.

Every enterprise network is subject to the risk of being hacked or exploited

However, in today's scenario, internal threats are also increa­singly gaining mileage. As the network comprises many users, anyone can easily get access to secure data and misuse it.

Changing dimensions
The dimension of the risk factor and threats is increasing with everything trickling down to data loss. Earlier, vendors came up with anti-virus solutions for viruses, which were the only threat. But today, we have spyware, worms, Trojans, which are of more concern to customers, as they are the primary reasons for data loss within an organization. “Any enterprise is affected by data loss, whether it's a BPO or BFSI. Enterprise security is headed towards prevention of data loss within the organization. More than deploying a firewall, now there is a need for enterprises to go for total security solutions to prevent any loss in business,” informed Ronny Ferro, Business Head, EssenVision Software, a Mumbai-based security consul­ting company.

According to Kartik Shahani, Regional Director, McAfee, internal threats are more troublesome than external threats. “An ex-employee can easily use his password to steal data,” he informed. Primary reasons that vendors cite for such issues are the lack of security policies and protocols while building the enterprise security architecture.

Key challenges for a CIO
“The biggest challenge that CIOs face today is lack of awareness about the security postures of the entire network they handle. Due to this, it becomes difficult for them to manage the network including the mobile network, and to judge the level of security at any given point in time,” informed Karthik.

He also felt that very often budgets are too limited and CIOs find it difficult to decide where they need to really invest the money. “The most critical thing for a business is a secured server. This is where people are confused about their point of investment, as in whether they should invest in noise critical factors or business critical factors. They have to find a balance between expense and security. The CIOs have a problem with that balance,” he averred.

The latest issue that decision makers are facing today is compliance and regulations in the security arena. Currently in India, we don't have compliances like Sarbanes-Oxley Act of 2002 (SOX) that are applicable to corporate, but sooner or later, compliances to such standards would be mandatory in India as well. The major challenge here is how do the enterprises implement, follow such stan­dards in their limited budgets.

Shantanu Ghosh, VP-India Product Operations, Symantec Corporation felt that for today's enterprises, meeting the require­ments of a variety of technical standards, IT governance frameworks, and laws related to security and administration has become a significant challenge. “As numerous industry experts have observed, the pressure to demonstrate compliance with such mandates is likely to increase every year,” Ghosh claimed. He also felt that the compliance must be made as the DNA of IT for having a secured enterprise network

Solution
Two-three structured authen­­tication processes and multi-layering are needed for security checks like gateway protection, endpoint produc­tion, network protection and system protec­tion. “We should build many layers of protection and access control, as it would control all those who gain access to the network. But beyond that, if some one escapes the access control, a secured network should have a second and third line of defense,” informed Karthik.

In Cisco, the technology is designed in such a manner that the router itself acts as the firewall, VPN device, remote access solution as well as the IDA-IPS solution. “As the complexity grows, requirements go towards a higher end functionality. If the routers and switches are configured properly, users can avoid 60-80 percent of the common vulnerabilities,” claimed Mahesh Gupta, Business Development Manager-Network Security, Cisco.

Is putting the right policies in place a one-stop solution for all security issues? Karthik of McAffe explained that today, the best of technologies are available but it all depends on the implementation of those technologies.

The execution of a strong security policy would take some time due to few challenges like necessity of new technology, investment, etc. Post deploy­ment of the security solution, the policy has to be followed religiously in order to have a strong security system in place. Consistent updates of the security solutions and follow-ups alone can make an organization a secured one.

NR Sethuraman
(sethuramannr@cybermedia.co.in)

Page(s)   1