Industry Research : US Department of Homeland Security Survey Highlights
News that the US Department of Homeland Security has identified the weak link in IT security is the human element comes as no surprise to Idappcom, the data traffic analysis and security provider.
According to Ray Bryant, the firm's CEO, after DOHS staff quietly dropped data disks and USB sticks in the car parks of government agency and allied company buildings, they found 60 per cent of them were inserted into the company/agency's computer systems.
"What's even more ironic is that if the disk case had an official logo, then the `success rate' soared to 90 per cent, something that the DOHS notes as proving there is no device known to mankind that prevents people from being idiots," he said.
"This observation - the proof of anecdotal evidence if you will - has ramifications in all aspects of IT security, and especially, I believe, when it comes to network security, as it also shows you cannot rely on staff installing IT security systems properly," he added.
Bryant went on to say that, whilst many IT security professionals do install their IPS, IDS, UTM and firewall systems effectively, as well as configuring them correctly, there is a sizeable minority who do not, largely due to a lack of effective training.
And then the question becomes - how do you spot these incorrectly configured systems, whose insecurity tends to get worse as time goes by, often owing to patches and updates not `taking' as they should - another symptom, says the Idappcom CEO, of poor configuration.
The answer, he explains, is automated and effective auditing of the security appliance and allied systems, which then assists the IT security management about which areas of network/IT system security need tightening up on.
Automated pen testing and auditing systems cannot even hope to correct for the human failings identified in the US DOHS survey, but, says Bryant, that can compensate by acting as a real-world check on the efficiency of a given IT security system, quickly and efficiently identifying the areas where security needs to enhanced.
The fact that the test subjects were `infected' with an ET-call-home app - which could have been a trojan or similar piece of malware – clearly proves the case that human operatives make errors.
2018 Top Ranking Performers Present:
CONTACT CENTER & CUSTOMER ENGAGEMENT
BERLIN - ORLANDO - MACAO
FIND OUT MORE!
2018 Top Ranking Performers Present:
"IT systems, however - when properly configured - do not normally make such errors, so applying a safety net of IT security audit layer such as our TrafficIQ technology, makes a lot of sense," he said.
"TrafficIQ won't stop human error creeping into even the most effective of IT security departments, but it will help management compensate for configuration and similar consequential problems. To err is human, but to fail to compensate for those errors is an unnecessary risk," he added.
Today's Tip of the Day - Getting The Training Underway
Published: Friday, June 17, 2011
Genesys® powers 25 billion of the world’s best customer experiences each year. Our success comes from connecting employee and customer conversations on any channel, every day. Over 10,000 companies in...
Semafone provides secure voice transactions for contact centres and retailers taking Cardholder Not Present (CNP) payments. The solution allows a call - and the call recording - to continue as normal ...
Aspect Software contact center and workforce optimization solutions engage consumers, empower agents, improve quality, and lower the cost of delivering remarkable experiences. Our cloud, private cloud...
DialogTech, the combination of Ifbyphone and Mongoose Metrics, provides the only platform for end-to-end call attribution and conversion essential for data-driven marketers. DialogTech's platform solv...