The Daily Network Monitor

I have been out on the road the past few weeks but I am glad to be back. I was reading about the latest data theft at Boeing today. A disgruntled employee with the intent of hurting his employer placed sensitive data on a thumb drive with the hopes of leaking it to a local Seattle newspaper. As you probably guessed, this man is unlikely to receive any employee awards or merits. What really caught my eye in this story was the ‘potential’ financial impact had the newspaper not done what is right – a whopping $5-$15 billion loss was possible. If you’re like me, your wondering what the heck the data said? Did it unveil the material makeup for it new dream liner or was it indicative of bad business practices?

One of my favorite security lecturers is Bruce Schneier. If you ever have the chance to listen or speak with Bruce, you’ll be entertained and well educated by the end. In reviewing this data breach, Schneier bring up valid points of practicality, “If a company hires an untrustworthy employee, there is almost nothing it can do to prevent theft”, Schneier argues. “What’s done in African mines is they do full-body cavity strip searches every time they leave. That works,” Schneier says.

I’ll talk more about USB thumb drives in a future entry but in the meantime, check out RedCannon Security. I can’t validate whether or works yet but these guys caught my eye as a needed innovation in the security space. RedCannon says it can restrict the types of USB drives that are plugged into computers, monitor what data is pulled from a hard drive, and remotely destroy content if the thumb drive is inserted into an Internet-connected computer. As an extra safeguard, RedCannon says its products can set USB devices to stop working when they are not inserted into a computer connected to the Internet

Breach, which is set for release in a few weeks, focuses on the true story of an FBI upstart who must investigate his boss who is suspected to be selling secrets to the Soviet Union. For those of you who read the story in paperback or in weekly new journals, a strong lesson materializes in a story early on that is applicable to the numerous breaches we have heard about at TJX and other retail and insurer organizations. Regardless of how strong and robust your physical and digital security plan is, the success or failure of the plan more likely will lie with the human capital charged with installing, managing and watching the systems.

I’ve spent nearly all my career in security related software solutions and I’ve never forgotten the important lesson taught to me as a new recruit at RSA Security a few years ago. No solution, no matter how robust and error proof will survive its goal to protect an organization without the proper declaration and focus of a security plan and the proper screening and training of professionals entrusted to manage the systems. Time haves changed a bit and RSA and other leading security companies have advanced security technologies to make them user-friendly. Still, as I listen to the news day after day, I cannot help but think how much safer consumer data would be today had the breached organizations enabled their staff with proper training and operational-knowledge?

The problem is not a technology one. One need only do a Google search to look-up tens of companies specialized in helping to protect data from RSA (EMC) to Symantec to more specialized firms like Application Security and Ingrian who offer the capability to secure databases with industrial strength encryption and user provisioning. Even my sister product here at Ipswitch, WS_FTP, which revolutionized the way data was transferred from point A to point B has introduced new versions featuring strong encryption and security features to protect the integrity of data in motion and rest after customers and prospects demanded such with strict audits and business rules changing their business models for data sharing. Yet, all of this technology is worth ZERO unless there is a commitment to the proper training of staff that runs these systems.

You might be asking why does the product manager for WhatsUp Gold care so much about security and specifically breaches. First, I like you am nervous about personal data integrity and I have seen first hand in my travels the impact data breaches can have on persons and organizations. Second, I see a strong convergence happening between the security duties and the network duties at organizations around the world. After all, your certificate server, your firewall and your anti-virus boxes are only effective if they are up and running and WhatsUp Gold has the out-of-the-box ability to manage all of the different elements you have running using native SNMP and the related OID’s. For example, in 2006 RSA Security released a version of its flagship ACE Server with SNMP capabilities. Administrators can now monitor the ACE server for common characteristics like up/down as well as other counters for performance. The same is true for SonicWALL, Cisco, Fluke and Adtran equipment to name a few.

Security is an on-going road of progress and never a destination. The marriage between security and network management will ensure the journey has less stops and detours along the way.