Members of the hacker group Milw0rm broke into the local area network (LAN) of the Bhabha Atomic Research Center (BARC) and retrieved information on India’s nuclear weapon program.

Hackers stole credit and debit card information of 15,700 online customers of Western Union, whose Web site was unprotected while it was undergoing maintenance.

Computer vandals attacked several pages of the London-based HSBC Bank and posted pictures of British prime minister Tony Blair on its home page along with a statement supporting the recent crippling fuel protest by truckers and others demanding lower fuel prices.

Keeping today’s enterprise secure is a never-ending struggle. Giants like HSBC, Yahoo, AT&T and Western Union have not, despite heavy IT budgets and well thought-out security policies, been able to stave off security breaches. These companies have spent fortunes on restoring normalcy in the aftermath of a security problem. And this is not the last time they will face such attacks either.

Just when you think you have an airtight system in place, a new hacker technology or an especially diabolical adversary enters the picture. What’s more, enterprise security breaches are not usually "outside hacks". In fact, the USA’s Computer Crime Unit of the FBI reports that more than 80% of all network security breaches are inside jobs—disgruntled or dishonest employees with their own agendas, or simply careless employees.

Regardless of the type of threat or where it comes from, it is essential that an effective system that secures company assets be in place. It is important to put in place policies that determine ‘who’ is authorized for ‘what’ access and to ‘which’ information, denying any malicious or destructive intrusion. This would mean a strong user authentication system in place.

According to Swapan Johri, business head, enterprise networks, HCL Comnet, a complete security solution will have to span across security issues involving the physical protection of assets to user authentication, access control, encryption, management and monitoring of the network. An enterprise may employ any or all of these to achieve data integrity and access control. Agrees Rangan Devrajan, GM, e-management and e-security services, Hewlett-Packard India Software Operations (HP-ISO), "Since the security compromise can come from many different sources, the security challenge should span across the entire enterprise, including both tangible and intangible aspects." Johri adds, "The best strategy depends on the risk involved, the cost of deployment and the cost of a security breach or lost data."

Page(s)   1  2  3