Traditionally, Internet security has centred on the creation of barriers to protect users against viruses and malware. However, the time has come for security systems to focus on the 'human factor' in a bid to slam the door on dangerous code that could seriously compromise corporate security.
The flight attendants at a large US airline are urging their bosses to filter its in-flight Internet service to block access to pornography and other 'inappropriate' Web sites. This follows a slew of complaints by passengers and cabin crew about the activities of those who are taking improper advantage of the amenities introduced by the airline to boost revenue from sources other than fares.
The airline has adopted a cautious stance, realising that crossing the line between 'monitoring' and 'policing' will result in a backlash that might gather pace to the point where it impacts the future viability of the company.
The furore has highlighted one of the problems facing many companies today.
The dark side
The Web is a great tool for research, education and communication, but it also has a dark side. Staff members' online activities can - and often do - present security threats to their organisations, the corporate IT infrastructures and, more significantly, the business-critical information held in vulnerable data repositories.
Traditionally, online security has centred on the application of anti-virus software, and 'porn' and other content-filtering solutions geared towards identifying and neutralising computer worms, denial of service attacks, Trojans, spyware and spam so closely linked to so-called 'adult' sites.
Filtering rules were typically set by a central IT department and often implemented via software installed at a central point on the network, such as the proxy server or Internet router.
But now, in the face of criticism that these measures do not go far enough - and that Internet and e-mail security companies have deliberately 'gone down the wrong road' in terms of security applications - users are coming to realise that solutions have to be more 'orientated around the individual'.
Today, technologies need to focus - and ascertain - the logic behind data streams both entering and leaving the corporate network. Sophisticated and intelligent content filtering technologies are needed to prevent individuals - authorised or otherwise - from opening the door to malware and dangerous code that could seriously compromise network security and performance.
These technologies need to address personal security, as much as they address network security and manage bandwidth, in a quest to manage the 'who' behind possible security breaches.
Getting personal
By making security a personal issue and by establishing security 'checkpoints' at multiple sites across the distributed enterprise, it is possible to monitor the activities of individuals, including off-site users linked to the network.
Mike Hamilton is MD of Channel Data.
By making security a personal issue and by establishing security 'checkpoints' at multiple sites across the distributed enterprise, it is possible to monitor the activities of individuals, including off-site users linked to the network.
By emphasising the personal aspects of content filtering, to the extent of allowing different computer users to have different levels of Internet access, it will be possible to enhance application security.
A spin-off benefit will be application acceleration for all Web content - including encrypted SSL (Single Socket Layer) content.
Taking this concept one step further, it will also be possible to relax the rules to allow staff access to social Web sites, games and sites that relate to their specific personal interests - be they sport, news or entertainment - during their lunch break or after work.
By basing an individual's security clearance level, not necessarily on his or her title, but on a personal profile - which is formulated with the aid of a comprehensive risk analysis - organisations will be able to 'stop the bad and accelerate the good' across the network.
Undoubtedly, this will contribute to a significantly safer and more productive network environment wherever users and applications are located.
The hurdle that faces all organisations moving in this direction, however, is that very visible line between monitoring and policing.
By managing the 'who' in the company, it can automatically monitor e-mails sent and received, chat conversations and instant messages, files downloaded, Web sites visited, applications launched and keystrokes typed.
In addition, by taking screen snapshots, a company will be able to create the equivalent of a digital surveillance tape so it can see the exact sequence of everything employees are doing on their computers...
It will be interesting to see how South African organisations come to terms with the crossing of this particular Rubicon.
* Mike Hamilton is MD of Channel Data.
Share