Threats to Enterprise Security
Threats to enterprise security are numerous and well-documented by the media. Hardly a week goes by without reports of large scale compromises of records, with many of these breaches occurring at large, tier one organizations. If you are a systems administrator, it may seem like breaches can come from anywhere-and you would be correct in that assumption, based on several studies released in 2013.
According to the findings from Verizon’s annual data reach investigations report, 621 confirmed data breaches with 47000 reported security incidents were identified in 2012. Among the breaches, 24% came from the retail environment or food services industry. These industries face higher incidents of breaches in part because of the vulnerability of their electronic payment terminals, credit, debit and prepaid card terminals are often situated in publicly accessed areas and connected to less secure, public networks, placing them at greater risk for criminals to install malware to intercept cardholder information. These statistics are consistent with the longer-term data collected by privacy rights clearing house (PRC) which began tracking breaches in 2005. Since then, PRC estimates place the number of records compromised at more than 606 million. Organizations across multiple industry verticals share this risk. Education (schools and colleges) represented 15% of the incidents, government agencies for 18%, healthcare providers for 16%, and businesses for 52%. The most prevalent cause of breaches: 25% from hackers, 13 % from stolen endpoint devices such as tablets, laptops and smartphones and 56% of all breaches were from outside perpetrators.
What is evident from these numbers is the diversity of entry points which attackers can and do exploits.
According to the Verizon data breach investigations report, 72% of attacks on organizations originate as outsider attacks: including hackers or others without authorized access to network systems and data. Worrying still, is the threat of a breach caused by a rogue, or simply negligent, employee. Breaches of this type range in type from the lost device like cell phone or tablet to an orchestrated attack.
When industry best practices are not integrated into an organization’s policies, or are ignored altogether, the stage is set for an internally driven breach. Trends in technological development, while they are revolutionizing the way data is stored, accessed, and used, should give organizations pause. Information stored in vast, cloud-based repositories or on unencrypted servers are ripe for a data breach. Additional steps must be taken in order for employees or outside attackers to access the information beyond simple password protection, and limitations must be placed on the ability to transfer large chunks of data using a USB thumb drive or other storage device.
Outsiders have become ever more resourceful in their attacks on organizations.
To mitigate these risks, organizations are taking a varied approach to data security. A mix of policy-based security procedures and hardware-based security systems with a foundation in data encryption are proving effective in preventing both insider and outsider attacks.
Costs of a Breach
Breached organizations experienced a number of negative consequences, which ultimate include financial loses, but also less direct loses including a decline in their brand value and potentially a loss of customers. Total estimated cost from data breaches worldwide in 2012 are cited at an estimated $8.1 billion dollars, with an average of $194 per record. Data breaches are not isolated events exclusive to large organizations and the impact to a small company can have devastating events. According to a study released in 2011, nearly 72% of breaches involved organizations with 100 or fewer employees. The median cost for downtime associated with a breach was $12,500 per day. Beyond the punitive costs of violating regulations, if an organization is proven negligent, a breach can have a far-reaching effects. Risks associated with breach include:
- Loss of customers and revenue
- Negative publicity in the blogosphere and through media outlets.
- Release of personal private information
- Diminishment of customers’ and business partners’ trust and confidence
- Lawsuits by affected parties and regulatory fines resulting in severe financial losses
Organizations pay a steep price in the wake of a breach. Some regulatory bodies mandate breached organizations undergo a lengthy audit to determine if proper measures have been instituted to prevent another breach. If the compromised data is related to personally identifiable information, organization may choose to cover the cost of personal credit counselling or monitoring in an effort to minimize the effect of identity fraud or theft related to the breach.
Benefits of Hardware –Based Security Solutions
Hardware security modules implemented in an enterprise’s security infrastructure and dedicated devises build to protect data using physical, logical, encryption based security features. HSMs are versatile solutions which can perform a wide array of functions across multiple industry verticals.
Encrypting and authenticating sensitive data using a secure cryptographic device offers unparalleled benefits for maintaining security, preventing fraud, ensuring regulatory compliance. Breaches from insiders and outsiders are valid worries for system administrators, but hardware security modules provide an unrivalled form of protection to defend against these vulnerabilities. These tamper-responsive devices are designed to house encryption keys within a secure boundary, eliminating risks commonly associated with software data security tools. Furthermore, attackers are unable to access the clear encryption keys contained within the HSM, even when the physical tamper with the device whereas a simple key logger can often prove the downfall of software- based tools. HSMs, however, are capable of identifying an unauthorized access or attempted attackers. Attempts at tampering with the hardware will cause the device to immediately erase all sensitive data providing an additional layer of protection preventing the attacker from acquiring that information.
Additionally, hardware security technology can offer advanced disaster recovery and redundancy features – functions that guarantee continued operation in the event of an unplanned outage. For global organizations with a vast array of mission-critical data in widespread use on a 24 x 7 x 365 basis, this reliability is a necessity.
One Device, Many Applications
*Some functionalities of a hardware security model, such as PIN printing and 3-D Secure, must be carried out on dedicated device. Historically, hardware security modules most commonly have applications in the financial and banking industries for use in debit transactions where the PIN is being encrypted and an exchange of encryption keys occurs for the transactions to be processed.
However, an HSM is a far more versatile solution which can serve as an important facet of an organization’s data security infrastructure.
What is an HSM?
A hardware security module, or HSM, is a dedicated, standards-compliant cryptographic appliance designed to protect sensitive data in transit, in use and at rest through the use of physical security measures, logical security controls, and strong encryption.