|
[IMAGE] [IMAGE] [IMAGE] [IMAGE]
[IMAGE] [IMAGE] [IMAGE] [IMAGE]
[IMAGE]
[IMAGE] [IMAGE] [IMAGE] [IMAGE]
[IMAGE]
[IMAGE]
[IMAGE] [IMAGE] [IMAGE] [IMAGE]
[IMAGE]
[IMAGE]
Nearly 40 percent of the 453 security professionals surveyed rate detecting internal attacks as either a very or somewhat important challenge for next year. To that end, many place a priority on identity and access management issues in 2007. About 32 percent say improving employee access to information will be very important for their organizations, and almost 30 percent say deploying stronger authentication is key for next year. Brian Joyce, IT director at CPA firm Joseph Decosimo and Co., says his firm plans to implement some type of strong authentication, probably RSA Security's RSA SecurID...
To continue reading for free, register below or login
To read more you must become a member of SearchSecurity.com
.
"One of our biggest vulnerabilities is our end-user community, even though we force strong passwords and short retention times," he says. "[If] a user maliciously or accidentally gives out a password, that makes us more vulnerable."
Concern about the risk posed by insiders spans private and public sectors alike. This fall, the Edmonton Police Service in Canada was in the process of installing a tool from Consul Risk Management to track what privileged users are doing on the network and hosts. The agency, which has about 1,400 police officers and 400 civilian staffers, is also looking at ways it could develop additional policies to manage end-user risk, says Peter Clissold, head of security. With some officers working covertly on drug or gang-related cases, he says data security is critical for the department: "If our information is mishandled, it can be life or death."
In an academic environment, controlling user access is difficult, but just as important as in the corporate world, says Jon Oliver, assistant dean and IT director at Rutgers University's School of Communication, Information and Library Studies.
|
 |
|
