Much has been made of firewalls, VPNs, smartcards, and biotechnology. These things are important of course, but how are companies investing in protecting their internal security? Threats from within make up a good percentage of identity theft (read: NY Horse Racing Association scandal), credit card fraud, proprietary information theft, harassment, and intellectual property violations. All very serious business indeed. I am positive that most high tech Human Resources departments do not employ a forensic investigator, nor is it likely that there exists the appropriate funding for IT admins. to attend forensic training.
Proper tools and training are definitely important. Understanding the methodology behind forensic investigations is even more important. I'd go toe to toe with anyone that thought they could purchase a bargain forensic toolkit and do a decent job of it. It's just not comprehensive enough. Then again, what is "enough?" There are many determinants to deciding on appropriate investigative tools: How secure do you want to be? What exactly are you looking for? Do you need to monitor crucial business functions like Accounting and Finance? Is leaked information in Software Engineering a cause of concern? Are PCs and laptops properly investigated for signs of abuse when an employee has left or been terminated?
These are questions that beg consideration. The "threat" to corporate security is not waiting around the outside of the parking lot day after day. Sometimes, yes. More frequently, it's internal. Multi-national companies pose an interesting challenge in that there are hundreds, sometimes thousands of people networked together, making the ability to respond to threats in real-time and from a remote location, increasingly important.
By subscribing to our early morning news update, you will receive a daily digest of the latest security news published on Help Net Security.
With over 500 issues so far, reading our newsletter every Monday morning will keep you up-to-date with security risks out there.