The Internal Threat

Once a matter for internal, behind-closed-doors debate, the threat to organisations from their own users is now a matter of open consideration and discussion for IT and security professionals.

Given that over 70% of IT security breaches originate from within (according to Vista research), and data losses cost US companies over $50 billion last year alone (The Economist) – the internal threat is now recognised as not just inconvenient and embarrassing, but existential.

Enterprises today are making internal security – and especially internal access to network resources - their highest priority, even above gateway solutions like antivirus and firewalls. Today's greatest enterprise security challenge is - how to provide access to key information without exposing it to risk? How to trust internal users, but retain enough control over their actions to verify their reliability?

The Vulnerable Endpoint

Enterprise endpoints – desktop and laptops - have been swamped with new connectivity options. WiFi, Bluetooth, IrDA, Wireless USB, and others are all exciting new productivity innovations that create fast, hassle-free connections between desktops and devices. But they also multiply the ways that confidential data can leak from the organisation, or malware be introduced into the network.

The result - IT security, traditionally focused on the perimeter, has begun addressing the endpoint threat as well. With the amount of corporate data residing on endpoints estimated at over 60%, endpoints may be the most valuable, and vulnerable, part of the enterprise network.

So Many Opportunities for Data Leakage

There’s a lot to be lost by leaving endpoints insecure, and there are more and more ways things can be lost. For example:

• Over 1 billion USB devices have been sold to date
• Over 5 million Bluetooth devices are sold every week
• 60% of corporate data resides unprotected on enterprise endpoints
• Data theft cost U.S. corporations $50B in 2004
• Half of IT incidents originate inside an organisation
• 70% of security breaches that involve losses over $100,000 are perpetrated from inside the enterprise

By way of further example, Apple sold over 21 million iPods (which can store up to 60G) in the first three quarters 2005. Readily-available iPod software add-ons, such as the well-known ‘Pod Slurping’ utility, can be programmed to automatically copy Word, PDF, Excel and other office files from a host PC to the iPod in seconds. A recent experiment stripped all such files from a PC in 65 seconds.

Regulatory Imperatives on the Rise

With the rise of regulatory security initiatives like Sarbanes Oxley (SOX), HIPAA, FISMA, and BASEL II, organisations are required to scrupulously and continuously comply with evolving data security standards.

These regulations make no distinction between a mainframe and a memory stick with regards to protecting confidential information. Thus, organisational regulatory liability is just as great from endpoint security risks as from hacking.