Thursday, July 30, 2009

Persistent, information-centric protection, PCI and the Network Solutions breach

The more news I see regarding various breaches, the more I am convinced of the superiority of persistent and information-centric security. For example, take the latest breach at Network Solutions - a PCI compliant organization. Over half a million cards stolen.

Comments galore:
Here is what they say "The company determined that the unauthorized code may have been used by cybercriminals to capture transaction data, including customer names, addresses, and credit card numbers, and transfer it to servers outside of the company...."

Now look at the statements below from industry experts:

"...many enterprises are behind in security protection efforts such as anti-virus updates due to shrinking IT budgets, which results in unpatched vulnerabilities that are easily exploited"

Seems like anti-virus and unpatched systems are the main culprit - long live infrastructure protection!

"...the incident illustrates the risks of cloud computing."
A broad general statement - not clear what the implication is :)

The point:
My point is that the industry is so wrapped around protecting the infrastructure - i.e. protecting dat aby proxy, that they forget what it is they are really trying to protect. With an information-centric security solution, the credit card data would be protected persistently. Even if the data were to be "..transferred over to servers outside the company..", it would still remain encrypted thus making it much harder for criminal organizations to obtain any value from the data.

The last and best line of defense is the data - this is how layered security should be.

No comments: