Industry Solutions and Trends
Technology is more than just networking and Juniper experts share their views on all the trends affecting IT
Showing results for 
Search instead for 
Do you mean 

Data Breaches - The Evil from Within

by Gilles ‎02-24-2012 01:28 AM - edited ‎03-23-2012 12:55 AM

(Version française)

 

In its 2011 Data Breach Investigations Report, Verizon Business reported that 17% of all data breaches in 2010 were due to internal agents. It is true that represents a relative decrease of 31% compared to 2009, but this is mainly due to the exploding number of breaches having external agents as an origin (+22%), which is not a surprise. The bottom line is that the absolute number of such internal breaches didn’t change much over the last couple of years, meaning that you still have to pay high attention to this phenomenon.

 

Not all of the insider breaches are deliberate although according to Verizon they do count for 93% of all them. The rest is due to awkward, thoughtless or untrained employees, making mistakes and acting inappropriately. Let me give you a quick example. Let’s consider an employee working time to time from home using his company laptop. Because this is a company rule, he gets connected to his organization’s network through a SSL/VPN session, ensuring both confidentiality and integrity. Establishing such secured connection is the only way for him to get access remotely to his company resources, so he doesn’t have the choice actually. Furthermore, a host checker scans his laptop, making sure notably that nothing malicious is present before the VPN session is established, and also that nothing infects his machine during the session. Some while later our employee has done with his work and wants to quickly book tickets for a concert. As a conscientious person, and because this is for private usage, he terminates the SSL/VPN session and browses the Web from his laptop. And then guess what ? Just his luck ! His machine gets infected… No host checking running in background anymore, no significant evidences that something went wrong, and the result is you end up with an infected host without being aware of it at all. The next morning our employee returns to his office, bypasses all the most proven firewalls and other detection systems, and re-connects naturally his laptop to the network. Because there is no specific local access control mechanism in place, right after the laptop has been switched on, the malicious code is spread across the entire organization, causing major damages.

Can we really blame this employee? Did he adopt a risky posture? Did he act carelessly? Probably not. We could eventually make him aware of this risk, give him some extra training, but that’s more or less it. No, the reality is that it is the IT organization’s responsibility to put in place a system mitigating this type of risks.

 

Another interesting element highlighted in the Verizon report is that you don’t need super user’s privileges to deliberately steal data or to cause major problems on the network.

 

So what’s the challenge here? Traditional security assumed that the threats which enterprises needed to protect against came from somewhere outside of their network. As a result, security deployments focused mainly on providing perimeter-based protection. And this where we begin to weaken, as the insider threat opens up a whole new attack vector which completely bypasses the perimeter security strategy, so strong could it be, as my little example above has demonstrated it.

 

Another factor that must be seriously considered is the proliferation of smart phones and tablets we can observe now. By nature these new devices are meant to be used first and mainly on the public domain, but also more and more on the internal network (known as the BYOD effect). This multiplies then the risk of bringing malicious codes into your organization.

 

Whatever is the cause of the insider threat – good employees unknowingly doing bad things or bad employees exhibiting bad behavior – and regardless of the motivation behind an employee committing the threat, the results can be devastating to your organization. The remedy consists of putting in place a comprehensive solution to address and mitigate these insider threats, by notably:

 

  • Keeping critical data safe and secure
  • Ensuring that only the “right” people can access sensitive applications and data
  • Protecting your network, applications, users and data from contamination
  • and safeguarding your business and reputation.

The good news is that Juniper Networks has done the heavy lifting when it comes to securing your business against the insider threat. We can deliver this comprehensive security approach with our Adaptive Threat Management and Network Security Access Control solutions. The key features and benefits are:

 

  • Ensure that only the “right” people can access the network, sensitive applications and data by verifying the identity and role of individuals and devices before they are allowed access to the network, applications, and data
  • Prevent infected devices from accessing and contaminating the network
  • Detect anomalous or malicious behavior on a network, and taking fast, explicit action before the threat can proliferate
  • Log and report on who is accessing specific applications, when, and from where, simplifying insider threat tracking.

This will ensure a global identity aware networking, both for local and remote users, users that could be employees, partners, contractors, and guests – just to name a few – and using any kind of devices and accessing from anywhere.

 

Just a suggestion: try to apply my little example to your own organization and see what the result is. If you come to the conclusion that your existing security defense cannot effectively stop such insider threat, there is a matter of urgency to take some quick actions. Otherwise you expose yourself and your organization to major risk.

 

Imagine your company’s name being inserted in this headline: “Data Breach at (name) results in 3 day business outage costing millions”

 

And this is not going to decrease over time with the big BYOD wave surging these days. Finally, don’t expect your users to always behave appropriately – they are just human beings… Smiley Happy

 

Announcements
Juniper Networks Technical Books
Labels
About the Author
  • Aviram Zrahia is a consulting engineer at Juniper Networks and an industry researcher of cyberspace. He holds a CISSP and GCIH certifications, as well as a bachelor's degree in computer science and MBA in management of technology, innovation, and entrepreneurship. He is also a research fellow in the Blavatnik Interdisciplinary Cyber Research Center (ICRC) at Tel Aviv University, currently focusing on the domain of threat intelligence sharing.
  • Ben has been working with service providers around the world for the last 15 years developing business cases for a variety of product concepts and new ventures. Ben holds an MBA from MIT and a BS & MS in Mechanical Engineering from Johns Hopkins University.
  • A Marketing and Business Development professional with 24 years extensive Sales/Business Development, Marketing and Technical experience in the Networking/Telecoms/Datacomms and Mobile market segments, focused on selling to Service Providers. Fomerly VP Marketing at the Metro Ethernet Forum (MEF)
  • David Noguer Bau is the head of Telco Vertical Marketing at the SP Strategic Marketing team in Juniper Networks. He has extensive experience in Service Provider network evolution and regularly runs executive sessions with technical and marketing teams of important telecom operators to accelerate the adoption of virtualisation. David is based in Barcelona and has over 15 years of experience in the telecommunications sector. Prior joining Juniper Networks, Mr. Noguer Bau spent seven years at Nortel where he was a Business Development Manager specializing in Carrier Ethernet and Broadband areas. Before Nortel he worked at Eicon-Dialogic as Technical Manager in Spain. David has been the Country Marketing Chair at Metro Ethernet Forum for Spain. Mr. Noguer has wide experience speaking at international Conferences. He was graduated as Computer Engineer by Universitat Autonoma de Barcelona (UAB) and has an executive MBA from EADA Barcelona and executive education at the Thunderbird School of Global Management (Arizona) and the Henley Business School (UK). The views expressed here are my personal opinions , have not been reviewed or authorized by Juniper Networks and do not necessarily represent the views of Juniper Networks.
  • Donyel Jones-Williams is the Director of Service Provider Product Marketing Management overseeing all of Juniper's Service Provider Products for Juniper Networks. In this role, he leads all of the internal and external marketing activities for Juniper with respect to routing, automation, SDN and NFV. Prior to joining Juniper Networks in January 2014, Donyel was a Senior Product Line Manager for Cisco Systems with in the High End Optical Routing Group managing product lifecycle for multiple products lines helping telecom providers operate efficiently and effectively including; ONS 155xx Product Family, ONS 15216, ONS 15454 MSTP, Carrier Packet Transport Product Family, ME 2600x, & ASR 9000v. He also negotiated favorable agreements with 3rd-party vendors furnishing components and parts and conducted both outbound and inbound marketing (webinars, case study-development, developed and delivered both business & technical at Cisco Live 2005-2012). Donyel graduated from California Polytechnic State University-San Luis Obispo with a Bachelor of Science in Computer Science. While attending Cal Poly SLO he was a collegiate student athlete playing football as a wide receiver and a key member of the National Society of Black Engineers. Donyel is now an active volunteer for V Foundation.
  • I’ve been 29 years in the industry, first as a trainee IBM operator at Barclays Bank, later starting my own business which was ultimately acquired by French listed company EasyVista – [giving me great insight into working as part of an internationally focused company alongside organisations like Reuters, UBS Warburg, GlaxoSmithKline and London Electricity]. I am Sales & Marketing Director at Netutils – a specialist IT Networking and Security solutions provider. My passion continues to be making enterprise more efficient via the intelligent deployment of technology, with a view to delivering real value for my clients.
  • Jim Benson is currently the Product Marketing Director at Juniper Networks for both the Mobile and Cloud verticals. He has twenty-one years of work experience, including leadership roles in sales, technical sales, business/market development, product management, project management, and hardware/software engineering. He has spent the last fifteen years working in the telecom industry at Lucent Technologies/Alcatel-Lucent, Nokia Siemens Networks and most recently Coriant. Jim holds BS and MS degrees in electrical engineering from the Polytechnic School of Engineering at New York University as well as an MBA from Yale University, where he majored in both Strategy and Marketing. He also holds a Professional Engineering (P.E.) license.
  • Jennifer Blatnik is vice president of cloud, security and enterprise portfolio marketing at Juniper Networks with focus on enterprise deployments of security, routing, switching, and SDN products, as well as cloud solutions. She has more than 20 years of experience helping enterprises solve network security challenges. Before joining Juniper, Jennifer served multiple roles at Cisco Systems, Inc., including directing product management for security technologies aimed at small to medium enterprises, as well as supporting managed services, cloud service architectures and go-to-market strategies. She holds a B.A. in Computer Science from University of California, Berkeley.
  • As a Director of Product Marketing for Cloud Vertical at Juniper Networks, Julius is leading the strategic marketing initiatives for the Cloud solutions, technology and go-to-market. Julius brings over 20 years of experience in Product Management, Marketing and Engineering to his role at Juniper Networks. Recently, Julius was a Director of Product Management for Cloud Platform at Juniper and prior to that he was a Director of Product Management at BTI Systems driving NFV-SDN strategy and execution. Julius has also held senior level engineering/marketing/product-management positions with Juniper, Nortel and Arbor Networks and has extensive experience in the Cloud Provider, Service Provider and Enterprise Markets with an Entrepreneurship MBA focusing on technology strategy and marketing.
  • JOHN F. ORBE Government, Education & Medical Juniper Networks Americas Enterprise John joined Juniper in 2013, leading the firm’s engagement with State and Local Government and Education in the Americas. In 2014, the Healthcare sector was added to John’s responsibilities. The organization focus is upon leverage of Next Generation Network Architectures and Solutions to exceed expectations for: Connected Government, Optimized networks to enable teaching with technology and improving student outcomes in Education and assisting Healthcare Institutions to meet Meaningful Use and Affordable Care objectives. Balancing Agility, Openness and Security through the Campus, Data Center and Cloud. John leads Juniper’s CIO Advisory Board for Higher Education. Prior to joining Juniper, John held various leadership positions during his 32 years in IT, with firms including Nortel, and began his career in IT with IBM and Digital Equipment Corp (DEC). He was a founding Member of ConnectKentucky, a public private partnership. Mr. Orbe has a BS Business Administration from St. Louis University, 1981. John, his wife and four kids live in St. Louis.
  • Jon joined Fujitsu UK&I as Chief Technology Officer in January 2011 from the public sector, where he was Chief Information Officer, Transformation Director and SIRO at the Valuation Office Agency. Prior to this he was Her Majesty’s Revenue and Customs’ first Chief Technology Officer, leading the integration of the former Inland Revenue and Customs & Excise organizations. His roles in both organizations drove out savings in excess of £600m, as well as bringing about significant technology transformation, building high performing teams in the process. Jon was a founding and core member of the UK Government Chief Technology Officer Council and recruited and led a team creating Public Services Network, XBRL mandation and cross government channel strategy. Jon’s client side board level experience is built on 11 years at Accenture, with clients including Barclaycard, Legal & General, BP, Castrol and BG Group. Jon now leads the UK & Irelands 1,200 strong Architecture Community, driving standard solutions, reinforcing rigorous re-use and a collegiate collaborative community and culture, leading with courage and conviction. Jon is a firm believer in the 4Ps – Pace, Passion, Pride and Professionalism. He is a Chartered Engineer, Fellow of the British Computer Society, founding Fujitsu Fellow and a member of the Advisory Board for AppDynamics.
  • I have been in the networking industry for over 35 years: PBXs, SNA, Muxes, ATM, routers, switches, optical - I've seen it all. Twelve years in the US, over 25 in Europe, at companies like AT&T, IBM, Bay Networks, Nortel Networks and Dimension Data. Since 2007 I have been at Juniper, focusing on solutions and services: solving business problems via products and projects. Our market is characterized by amazing technological innovations, but technology is no use if you cannot get it to work and keep it working. That is why services are so exciting: this is where the technology moves out of the glossy brochures and into the real world! Follow me on Twitter: @JoeAtJuniper For more about me, go to my LinkedIn profile: http://fr.linkedin.com/pub/joe-robertson/0/4a/34a
  • I'm a Distinguished Systems Engineer at Juniper Networks. My main technical interests are routing protocols, MPLS, PCE/WAN Controllers, automation, and optical integration. Before joining Juniper Networks in 1999, I worked at BT for several years, at first in the Photonics Research Department and later in the data transport and routing area. I have a PhD in ultrahigh-speed optical transmission and processing and an MA in Physics, both from Cambridge University. I co-authored the book "MPLS-Enabled Applications: Emerging Developments and New Technologies", with Ina Minei. The book is now in its third edition.
  • Laurence is passionate about technology, particularly cyber security. His depth and breadth of knowledge of the dynamic security landscape is a result of over twenty years’ experience in cyber security. He understands the security concerns businesses face today and can bring insight to the challenges they will face tomorrow. Laurence joined Juniper Networks in 2016 and is our senior security specialist in EMEA. Security throughout the network is a key area where Juniper Networks can help as business moves to the cloud and undertakes the challenge of digital transformation.
  • Mike Marcellin is Senior Vice President and Chief Marketing Officer, leading the global marketing team responsible for marketing Juniper’s product and services portfolio and stewarding the brand, driving preference for Juniper in the market, training our partners and account teams, and developing a differentiated information experience for our customers. Before joining the global marketing organization, Marcellin led business strategy and marketing for Juniper’s industry-leading portfolio of high-performance routing, switching and security products. Prior to joining Juniper in 2010, Marcellin served as Vice President of Global Managed Solutions for Verizon, where he oversaw product development and marketing of its managed IP networking, hosting, security and IT solutions for businesses around the world. He also served as Vice President of Global Product Marketing for Verizon Business, executive director of Verizon Business’ IP and Ethernet portfolio as well as leading the company’s eCRM marketing division. Marcellin began his career with MCI in 1994. Marcellin is a Board Member for the Telecommunications Industry Association and a Board Member of US Ignite, an NSF-sponsored initiative. Marcellin holds two patents and was a Rodman Scholar at the University of Virginia, where he received a bachelor of science degree with distinction in systems engineering. He is based in Sunnyvale, California.
  • I am a Senior Systems Engineer for NEC, based in Auckland, New Zealand. My main focus for NEC is all things Juniper, ranging from the smallest SRX platform to the PTX5K and everything in between, including the QFX and MX series. In addition to looking after the Juniper Networks equipment, I am also deeply involved in the SDN and compute platforms from NEC and Netcracker (an NEC company). Next on my certification list is the JNCIP-DC, having already completed the JNCIP-SP, JNCIP-ENT, JNCIP-SEC and the JNCDS-DC, SEC and WAN. Outside of work I enjoy the great outdoors: Mountaineering, bouldering, rock or ice climbing, tramping (hiking to non-Kiwis) and snowboarding. My partner and I own a lifestyle farm South East of Auckland, overlooking the beautiful Coromandel peninsula. We have 13.5Ha and keep Highland Cattle, horses and the chickens but also have a compliment of wild ducks, geese, peacocks and pheasants roaming through the land. Outside of work I enjoy the great outdoors: Mountaineering, bouldering, rock or ice climbing, tramping (hiking to non-Kiwis) and snowboarding. My partner and I own a lifestyle farm South East of Auckland, overlooking the beautiful Coromandel peninsula. We have 13.5Ha and keep Highland Cattle, horses and the chickens but also have a compliment of wild ducks, geese, peacocks and pheasants roaming through the land.
  • Marcel Wiget is a member of the Routing TME team. His career within Juniper started back in 2009 as a Senior Systems Engineer driving one of the first MX based Broadband Edge deployment to success. Prior to Juniper, Marcel held various positions in pre-sales, professional services and development at Chantry Networks, Spring Tide, Nortel Networks and Wellfleet.
  • I am one of a small team of Network Engineers working for Lumison Ltd, a UK ISP/MSP based in Edinburgh, Scotland. I have been with the company for almost 6 years moving from frontline support to the Managed Services team dealing with customer network design and implementation before talking up the role of Network Engineer. As well as the JNCIE-ENT certification.
  • I love the intracacy and intimacy of succesful communications. Why and how people engage with each other is fascinating. I am also consumed with the way IT changes behaviours, values and expectations in society. I bring this sense of wonder to my role in EMEA Service Provider Marketing Programs at Juniper Networks. Down time: My passions are music, reading, politics, Derby County and playing the guitar (and the harmonica). You can follow me elsewhere: twitter: @neilpound my personal blog: http://neilpound.tumblr.com/ my LinkedIn account: Neil Pound
  • Head of EMEA Marketing for Juniper Networks. An inspirational marketing leader working across the entire marketing mix to transform brand into business value, activity into results and thought leadership into measurable pipeline. You can follow me on Twitter at @PaulGainham
  • Paul Obsitnik is Vice President of Service Provider Marketing for Juniper Networks Platform Systems Division (PSD), responsible for the marketing of Juniper’s portfolio of high performance routing, switching, and data center fabric products to Service Providers globally. Paul's team is responsible for marketing strategy, product marketing, go-to-market planning, and competitive analysis worldwide for the Service Provider segment. Obsitnik has extensive experience in marketing, sales and business development positions with a proven track record in creating technology markets. He has served in senior marketing and sales management positions at several companies including BridgeWave Communications, ONI Systems, NorthPoint Communications and 3Com. Paul holds a Bachelor of Science with Honors in Electrical Engineering from the United States Naval Academy and a Master of Business Administration from the Harvard Graduate School of Business. Obsitnik is based in Sunnyvale, California.
  • I have been at Juniper Networks since 2004, focused on Corporate Communications (media relations, analyst relations, customer reference progam) for the Europe, Middle East & Africa region. I have worked in the networking industry since 1988.
  • Quite some years in the IT and Telecom Industry, half of it in Juniper ! Currently self-driving in a world of telecommunications which is both real and virtual.
  • Solutions Marketing Sr Manager
  • Raghu Subramanian is VP of Sales Engineering for Asia-Pacific at Juniper Networks. Prior to this, he has served Juniper as chief strategist for the security business, product evangelist to channel partners, and product manager for M-series routers. In past lives, Raghu was a chip designer at Hewlett Packard, and an R&D manager at a start-up acquired by PMC-Sierra. Raghu has an MBA from the MIT Sloan School of Management, Ph.D. in Computer Science from the University of California at Irvine, and a B.Tech.in Electrical Engineering from the Indian Institute of Technology at Kanpur. In his spare time, he enjoys reading non-fiction, coaching kids for the Math Olympiad, and traveling with his family to other countries to learn about their ways.
  • Raj is a Sr. Cloud Technology Architect with Juniper Networks and focuses on technologies such as VMware, SDN, and OpenStack etc.
  • Sergio Fickel is a senior marketing manager with almost 20 years experience in strategic marketing planning, marketing communications, campaign management and execution in regional European roles. He is experienced in business development for IT Managed (Security) Services, high value Security Solutions, Networking and Media & Broadcast solutions.
  • Stephen is currently a Partner Acccount manager at Juniper Networks, and has held this role for 3 years. Prior to Juniper, he worked at Extreme Networks for 11 years in a variety of roles. Stephen is a Father of 3 children, a keen cricket fan and enjoys cooking, reading and theatre in his free time.
  • Stephen Liu is Senior Director of Product Marketing for Juniper Networks. In this role, he leads product marketing for Juniper’s industry-leading service provider portfolio of high-performance routing and switching products. These products include Juniper PTX Series, T Series, MX Series, and ACX Series platforms along with software and security. Prior to joining Juniper in 2013, Stephen served as Director of Service Provider Marketing at Cisco Systems. In that role, he led product and solution marketing worldwide for the service provider routing, switching, optical, and software portfolio. Products included NCS, CRS, ASR, and ONS platforms. Stephen attended the University of California, San Diego, where he received a bachelor’s of science degree electrical engineering – communication systems. Hobbies include restoring old Volkswagens and coaching competitive youth soccer. He is based in Sunnyvale, California.
  • Steven Tufts is Corporate Vice President of Services at Juniper Networks. In his current role, Steven is responsible for all services sales and delivery in the Americas. Previously, he led the Global Support Organization delivering technical support for all products in all theaters. Prior to Steven’s 10+ years at Juniper, he served as Vice President of Global Service and Support at Alcatel. He arrived at Alcatel through the acquisition of Xylan Corporation and worked in the combined companies for 10 years. Before that, Steven served in technical and management roles at Bay Networks/Nortel as well as Wellfleet Communications. Steven earned his B.S. degree in Computer Science from Worcester Polytechnic Institute and an Executive Business degree from Stanford University. He works at the Juniper Networks headquarters in Sunnyvale, California.
  • An accomplished network engineer with 18+ years’ experience, and a Juniper employee since 2004, Tony leads the IT team focused on deploying “Juniper on Juniper”, using Juniper technology to run the business and deliver core business services across the enterprise. Tony holds a BS degree from California Polytechnic State University. Outside of work, Tony serves on a School Advisory Council, loves biking and good coffee.
  • Troy has been with Juniper for over 15 years doing system design on the largest, most complex core routers the industry.
About Industry Solutions and Trends

Subscribe RSS Icon

Follow our Twitter Accounts:
Juniper Networks Twitter
UK Twitter
Japan Twitter
Australia Twitter