Guest post – Brian Singer, Security Solutions Manager, Novell
Security folks have been saying for some time now that organizations need to take a long, hard look at how they think about information security. Now that intellectual property is the target of attacks, the stakes are higher. Organizations must start from the assumption that no endpoint is secure and build their security programs around that hypothesis. In this world, authentication is not enough—the underlying activities could still be malicious.
In this podcast, I discuss with Novell security specialist, Ben Goodman, how the Aurora breach has shined a spotlight on the failure of the traditional perimeter security model. The response to these threats must be multi-faceted. Ultimately, we believe the solution may lie in systems that tie together all the information available within an enterprise. Mining that wealth of information for inconsistencies, and putting a lens to the fine-grained activities that are taking place will lead organizations to broad-based user-activity monitoring. Any time a valuable asset is accessed, systems will check to see if that access is consistent with what's expected – anything out of the ordinary will trigger alarms or could shut down access completely.
What are your thoughts on the Aurora breach? Post your comments and let's start a discussion.