Protect What's Precious


This article can also be found in the Premium Editorial Download "Information Security magazine: What's your biggest information security concern?."

Download it now to read this article plus other related content.

Nearly 40 percent of the 453 security professionals surveyed rate detecting internal attacks as either a very or somewhat important challenge for next year. To that end, many place a priority on identity and access management issues in 2007. About 32 percent say improving employee access to information will be very important for their organizations, and almost 30 percent say deploying stronger authentication is key for next year. Brian Joyce, IT director at CPA firm Joseph Decosimo and Co., says his firm plans to implement some type of strong authentication, probably

    Requires Free Membership to View

RSA Security's RSA SecurID.

"One of our biggest vulnerabilities is our end-user community, even though we force strong passwords and short retention times," he says. "[If] a user maliciously or accidentally gives out a password, that makes us more vulnerable."

Concern about the risk posed by insiders spans private and public sectors alike. This fall, the Edmonton Police Service in Canada was in the process of installing a tool from Consul Risk Management to track what privileged users are doing on the network and hosts. The agency, which has about 1,400 police officers and 400 civilian staffers, is also looking at ways it could develop additional policies to manage end-user risk, says Peter Clissold, head of security. With some officers working covertly on drug or gang-related cases, he says data security is critical for the department: "If our information is mishandled, it can be life or death."

In an academic environment, controlling user access is difficult, but just as important as in the corporate world, says Jon Oliver, assistant dean and IT director at Rutgers University's School of Communication, Information and Library Studies.

This was first published in December 2006

There are Comments. Add yours.

TIP: Want to include a code block in your comment? Use <pre> or <code> tags around the desired text. Ex: <code>insert code</code>

REGISTER or login:

Forgot Password?
By submitting you agree to receive email from TechTarget and its partners. If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States. Privacy
Sort by: OldestNewest

Forgot Password?

No problem! Submit your e-mail address below. We'll send you an email containing your password.

Your password has been sent to: