More than half of the insider attacks in organizations instigate from current or previous employees in technical positions. The average loss an organization suffers per incident can be massive. They are the insiders who have access to the privileged resources and are far more capable to explore the loopholes in a network than outsiders. Hence it becomes vital to implement, automate, and validate control environment especially for privileged users, in compliance with the standards such as Sarbanes Oxley act (SOX). Here are a few guiding principles for control implementation & validation.
Understanding the Access Model: Virtual Private Network (VPN) gives access to an authorized user with in an encrypted domain. Organizations should undertake security measures healthier than typical VPN model, say DAPE- “deny all, permit by exception”, which follows the principal of least privilege. In DAPE model, each user account starts with zero visibility/no access. In order to provide precise or granular resource access an exception is created for an individual or group of users. Hence, DAPE model offers reliable and instant security enhancement. No user is given access by default but to specific authorized resources. Thus testing and monitoring becomes simplified.
Access Containment: Leapfrogging seems to be a largest source of exposure for an organization. It is the ability of a user to move from an authorized to an unauthorized resource on a same network. It can be a nightmare for an organization as exploits the resource vulnerability. A best way to combat is to use the security policy enforcement technology. It eases out the burden of security policies implementation & enforcement by holding users to their authorized areas. The beauty of the enforcement technology lies in the monitoring, testing, and detecting the varying situations where a user tries to hop to an unauthorized server or a network device.
Compartmentalization: It is a vital step to achieve true segregation of duties. It ensures that the users are able to access the resource only for which they are authorized so that critical information such as is not compromised. One of the ways to accomplish compartmentalization is port based access. It provides a high level granular control to what authorized user can see and hiding anything else. Thus it restricts the exposure to IT infrastructure effectively.
Conclusion: A cautious assessment of current security policies and model is vital for an enterprise. It helps them in the assessment and correction of current and future threats or espionage. With advancement of security infrastructure technologies it becomes more feasible for organizations to implement automated and validated internal controls.
Be the first to rate this post
- Currently 0/5 Stars.
- 1
- 2
- 3
- 4
- 5