# Data security: Stop chasing the rats, and protect the cheese



## cpm@ (Oct 29, 2013)

http://www.techrepublic.com/blog/tech-decision-maker/data-security-stop-chasing-the-rats-and-protect-the-cheese/.

As interesting resource: Vormetric White Papers about Data Security Technologies and Solutions.


----------



## vanessa (Oct 29, 2013)

@throAU is the target audience for this reading


----------



## throAU (Nov 14, 2013)

Will have a more detailed read, but from a skim of the first few paragraphs the premise is sound. You can protect your perimeter all you want, you're still boned when a trusted user steals your data, or an infected laptop is plugged in behind the firewall. IMHO, these days you need to assume that your perimeter defenses will be compromised, or that the attack will actually come from within. And yes - it is the intellectual property that is what you need to protect - the machines can be rebuilt/secured - once the IP is leaked, it's too late.

I am not a security expert, but I am an enterprise network admin, and the threat landscape has certainly moved on.  Malware is increasingly sophisticated, and end users are more technically savvy. You can't just rely on perimeter defenses any more. You need to treat internal machines as if they are exposed to malicious users (firewall what you can, least privilege access, etc.) and if possible, use DRM on important data so that if it leaves the enterprise you can expire it.

No, we're not there yet where I work, but the direction things are moving is clear.

Also - malware has moved on from "for the lolz" or just to own the machine or wipe hard drives, break the machine, etc. (like viruses from the 90s for example). These days, malware is big business, and both IP/credentials theft and IP destruction (e.g., Cryptolocker) is the order of the day. Not only that - people all have mobile devices now with wireless hotspots.  Unless you've disabled the ability for the user to hotspot their laptop to their phone, there's every chance they're punching holes in your network directly out to the internet using their phone to get around access controls that you may have implemented.

Endpoint security, and data security is paramount now.


----------

