Technology Sectors

Market Sectors

OPINION / The support security bubble

Thu, 2010-03-04 09:31 AM

By Nathan McNeil

If there is anything we should have learned from the economic debacle of the last two years, it is that the status quo is not safe. And yet we continue building upon it until right past the point of collapse. It has happened time and again in our markets, and it is happening in IT support as we speak.

For many years, IT support in both the public and private sectors has been concerned with securing others; making sure that each new employee is properly locked down and firewalled. However, little attention has been given to securing IT support itself, and in particular, securing the essential tools of the support trade: remote access and remote control.

Without these tools, many federal agencies would grind to a halt, no longer able to leverage a limited support staff across a distributed user base. And yet when the Verizon Business RISK team investigated over 500 actual data breaches between 2003 and 2007, they found that, “In over 40 percent of the breaches investigated during this study, an attacker gained unauthorized access to the victim via one of the many types of remote access and control software.”

Verizon went on to say: “IT administrators were responsible for more data compromises than any other insider role.”
 
It needn’t take a catastrophic security breach to pop our perception of safety. As with other bubbles, a return to the fundamentals offers a way out before the inevitable burst. An April 2009 report by Gartner, entitled PC Remote Control Security: Risks and Recommendations, offers a few practical but rarely practiced recommendations:

“Include at least one additional user authentication challenge to strengthen remote control access against attacks.”

“Block forbidden PC remote control tools using group policy objects or application control tools.”

“Build a list of unsupported remote control tools, and add them to scans for inventory, vulnerability and intrusions.”

“Do not select tools that rely on a publicly accessible directory system; instead, bring the directory system in-house.”

Perhaps the most important recommendation Gartner makes, however, doesn’t seem to relate directly to security: “Create a strategic vision for the use of remote control.”

A strategy, though, is vital if you hope to deflate the bubble gradually, rather than let the irrational exuberance of the status quo lure you one small step past the bursting point.


As VP of product strategy, Nathan McNeill is responsible for aligning Bomgar technology with the needs of Bomgar's 5,000+ customers. He can be reached at: nmcneill@bomgar.com.

Tags:
 
  • Share/Save
  • Email this page
  • Printer-friendly version
 

Recent Videos

GSN 2011 Awards Dinner and Sponsor Interviews: John Clark, President and CEO, The Whitestone Group
It's been a banner year for the Whitestone Group, according to John Clark, CEO of the facility security, asset/force protection and investigations...
GSN 2011 Awards Dinner and Sponsor Interviews: Jeff Horne, Practice Manager, Malware Solutions, Accuvant Inc
Jeff Horne explains that Denver, CO-based Accuvant , Inc has two different businesses – the Value Added Reseller (VAR) side, in which it is one of...
GSN 2011 Award Winners and Sponsor Interviews: Dave Natelson, President, Nasatka Security
GSN caught up with Dave Natelson for a quick interview at the Cocktail Reception at the 2011 Awards Dinner, before he learned that Nasatka had earned...
GSN 2011 Award Winners and Sponsor Interviews: Ann Pickren, VP Solutions, MIR3,Inc
Ann Pickren discusses MIR3’s Mass Notification System that was awarded a Winner’s Trophy in GSN’s 2011 Homeland Security Awards Program. She explains...
GSN 2011 Awards Dinner: Presentation of 1st Annual GSN/Raytheon Award for Distinguished Leadership and Innovation in Public Safety and Security to Admiral Thad Allen, former USCG Commandant (Ret.)
Former Coast Guard Commandant Thad Allen, who served through a long and distinguished career in the United States Coast Guard and later answered the...
More Recent Videos

Upcoming Events

Event Details Dates of Event
SANS Monterey 2012 Jan 30 - Feb 4
2012 Adobe Government Assembly Feb 8
SANS Phoenix 2012 Feb 13 - 18
SANS Secure India 2012 Feb 20 - 25
The Airport Law Enforcement Symposium Feb 23-24, 2012 Feb 23 - 24
Physical Security: Introductory Applications and Technology Feb 27 - Mar 1
Conducting Corporate Investigations Feb 27 - 28
ISC CHINA 2012 (International Security Conference & Exposition CHINA) Feb 27 - 29
RSA Conference 2012 Feb 27 - Mar 2
SAP Public Sector Partner Exchange Feb 28 - 28
SANS Secure Singapore 2012 Mar 5 - 17
SANS Germany 2012 Mar 5 - 10
Homeland Security Finance Forum 2012 Mar 6 - 6
Basic Hands-On CAMEO Training Mar 12 - 14
ASIS Assets Protection Course: Principles of Security (APC I) Mar 12 - 15
SANS Mobile Device Security Summit 2012 Mar 12 - 15
Aviation Week's Innovation Challenge Showcase Mar 13 - 14
Symantec Government Technology Summit Mar 20 - 20
STI at SANS 2012 Mar 23 - 30
SANS 2012 Mar 23 - 30
The 9th Two Day Conference On Indian Medical Devices & Plastics Disposables Industry 2012 Mar 23 - 24
SANS Northern Virginia 2012 Apr 15 - 20
Active Shooter Apr 18 - 19
SANS AppSec 2012 Apr 24 - May 2
SANS Cyber Guardian 2012 Apr 30 - May 7
Telework Exchange Spring 2012 Town Hall Meeting May 2 - 2
5th Sample Prep - Sample Preparation for Virus, Toxin, & Pathogen Detection & Identification May 3 - 4
SANS Security West 2012 May 10 - 18
SANS Toronto 2012 May 14 - 19
Counter Terror Expo US May 16 - 17
CEIC 2012 (Computer and Enterprise Investigations Conference) May 21 - 24
SANS Rocky Mountain 2012 Jun 4 - 9
Data Center Brainstorm 2012 Jun 19 - 19
SANS Forensics and Incident Response Summit 2012 Jun 21 - 27
Vanguard Security & Compliance 2012 Jun 25 - 28
SANS Canberra 2012 Jul 2 - 10

Full 2011 Calendar