Can we really stop malicious insiders? - fraud, insider threats

Can we really stop malicious insiders?

Detection of insiders committing fraud requires broad event collection, robust analytics, and mechanisms that remove false positives.

Brian Contos (Network World) 30 September, 2008 08:48

Tags: fraud, insider threats

Page:

1
2
next >

In terms of malicious insiders committing fraud, can anything "really" be done?

There is a popular quote from the 2003 version of the film The Italian Job that comes to mind when I read this question. "I trust everyone. It's the devil inside them I don't trust." The threat from insiders, being fraudsters or otherwise, has always been there - certainly before security companies started talking about them. What has changed, and this is in direct response to the question, is that - yes, there are things that can be done, many in fact.

First, let's look at the advantages insiders have: Trust and access. Consider a college intern, Sam, working for a large financial organization. Sam's job requires him to enter payees into the corporate database, and to do this job he his granted access to the database. Sam eventually realizes that his access doesn't just allow him to create payees, but also pay those payees because of flawed access controls, lack of segregation of duties, poor policies, etc. Sam begins generating false payees associated with a PO Box he set up, and then has checks sent to that PO Box.

This is pretty low tech - not likely to make its way into the newest James Bond film. But Sam's activities are also representative of how many fraudulent, insider incidents are perpetrated using activity that stays below the radar of most security controls. What is needed to address this are solutions designed to do just that - detect suspicious activity carefully concealed as legitimate, normal, and otherwise boring.

Detecting fraudulent, insider activity requires a combination of network and data security. While firewalls, routers, VPNs, and IPS solutions provide tremendous value they are just the peanut butter. Similarly, while applications, database activity monitoring (DAM) solutions, and identity solutions provide valuable insight, they are only the chocolate. However, by putting network and data security solutions together under one monitoring umbrella with SIEM (Security Information and Event Management) you have a delicious treat, and a comprehensive approach to mitigating fraudulent, insider activity.

Page:

1
2
next >

Computerworld Buyer's Guide - Vendors Matched to this Article

Unixpac , Citrix , Dimension Data , Revelation Software , GFI , SonicWALL , 3Com

More about IPS

Comments

Post new comment

Have your say!

Computerworld Buyer's Guide - Vendors Matched to this Article

Unixpac , Citrix , Dimension Data , Revelation Software , GFI , SonicWALL , 3Com

More about fraud

More about fraud >

More about insider threats

More about insider threats >

Discussions on The Computerworld Forum

Whitepapers

Read up on the latest ideas and technologies from companies that sell hardware, software and services.

Zones

Zones provide focussed content from Computerworld and leading technology partners.

Newsletter Subscription

RSS Feeds

Computerworld Today

Show all RSS feeds

More >

Computerworld Webinar

Thursday, June 11th, 2009
10:30am EST (Sydney, Australia)
Screening at your PC

Computerworld is hosting a 30 minute live webinar to help you to learn how unified communications can save you money, foster innovation and business agility by making it easier for people to find, reach and collaborate with one another.

Register Now

+

Savings do add up: How organisations are saving thousands by adopting Unified Communications and Collaboration. 15 June, 2009 12:01

This week's CW Live podcast features a discussion between Audrey William, research director at research firm Frost & Sullivan Australia, and Craig Campbell, business unit executive for Integrated Communications Services at IBM Australia / New Zealand on why companies are adopting unified communications, and whether there is any benefit to hosting a unified communications solution in the cloud.

[ MP3 (2.22 MB) | Windows Media (2.26 MB) ]
+

Storage Virtualisation: Increasing Information Availability and Lowering Costs 02 June, 2009 12:36

This week's CW Live features a discussion between Dr Kevin McIsaac, IBRS Research's Advisor for Virtualisation and Craig McKenna, Consulting Technical Leader, System Storage, for IBM's Growth Markets division, on why storage virtualisation is key to an organisation's information management plan.

[ MP3 (4.62 MB) | Windows Media (4.69 MB) ]
+

Computerworld Live Podcast #100: Enterprise Cloud Computing and Network Virtualisation 25 March, 2009 13:46

CW Live speaks with Matthew Zanner, HP ProCurve worldwide director of datacentre solutions, about how cloud computing is changing the way IT professionals are designing their networks and running their datacentres.

[ MP3 (3.25 MB) | Windows Media (2.48 MB) ]
+

Computerworld Live Podcast #99: Reducing the Costs of Enterprise Mobility 28 January, 2009 10:43

CW Live speaks with Mark Thompson, Global Sales/Marketing Manager for HP's ProCurve Networking Business, to discuss strategies for reducing the cost of enterprise mobility, including tips on securing a wireless network, smart network design strategies, and advice for simplifying the management and support of wireless networks.

[ MP3 (3.63 MB) | Windows Media (2.77 MB) ]
+

Computerworld Live Podcast #98: The Future of Datacentre IP 18 December, 2008 10:33

CW Live speaks withLin Nease, Director of Emerging Business for HP ProCurve, to discuss the future of networks, including the effect of IP-based storage on datacentres, new capacity requirements generated by the use of 10Gb Ethernet, and how an efficient network design can slash energy and cooling costs, and help enterprises build a "green" image.

[ MP3 (5.45 MB) | Windows Media (4.15 MB) ]

More >

Master Data Management and Accurate Data Matching

For many companies, data integrity is so poor that they have no idea who a significant number of their customers are. Developing a highly accurate matching process requires understanding of types of errors and their root cause. Read on to discover more.

Enterprise IT Buyer's Guide

Find Technology Vendors Fast

Find vendors by name | Find by category

Comments

Post new comment

Savings do add up: How organisations are saving thousands by adopting Unified Communications and Collaboration. 15 June, 2009 12:01

Storage Virtualisation: Increasing Information Availability and Lowering Costs 02 June, 2009 12:36

Computerworld Live Podcast #100: Enterprise Cloud Computing and Network Virtualisation 25 March, 2009 13:46

Computerworld Live Podcast #99: Reducing the Costs of Enterprise Mobility 28 January, 2009 10:43

Computerworld Live Podcast #98: The Future of Datacentre IP 18 December, 2008 10:33

Frost & Sullivan: Converged Services A Natural Play For Telcos 06 July, 2009 09:06

Get real time traffic updates from Nokia’s Ovi Maps for mobile devices and for web 03 July, 2009 10:34

Get real time traffic updates from Nokia’s Ovi Maps for mobile devices and for web 03 July, 2009 10:34

Expand Networks Positioned in the ‘Leaders’ Quadrant for the 2009 WAN Optimisation Controllers Magic Quadrant 03 July, 2009 09:52

2X Enhances Children’s IT Education Through Free Software Offer 02 July, 2009 19:38

Master Data Management and Accurate Data Matching

Buying Guides

Latest Products

Buying Guides

Latest Products