Another approach to manage the constantly increasing volume of threats and rising level of infrastructural complexity that information and infosecurity executives have to contend with was proferred by Teng Fang Yih, Computerworld Singapore Editor, whose talk referenced “The Checklist Manifesto: How to Get Things Right” by Doctor Atul Gawande, a MacArthur Fellow, surgeon at the Brigham and Women’s Hospital in Boston, and assistant professor at Harvard Medical School and the Harvard School of Public Health. Teng provided examples of checklists used extensively in the airline industry and the clinical/medical setting that worked. He then offered up one that should be used by organisations looking to draft effective infosecurity policies, before topping off his presentation with a checklist for checklists.
While security threats are broad based, social networking has increasingly become the centre of attention.
The Blue Coat Security Report 2011 found social networking to be the vector of choice for hackers while legitimate sites and acceptable Web categories have become the favourite hideouts of malware seeking to avoid traditional security solutions.
“We need to focus on social networking as the new method of communication,” said Lee Dolsen, Chief Solutions Architect, APAC, Blue Coat Systems. “The time people spend on social networking actually surpasses the amount of games, email and instant messaging by a wide margin.”
“Without control, social networking has become the No.1 enemy of productivity in enterprises,” he added. “It’s difficult to block it out completely as it impacts employee job satisfaction, so it needs to be controlled and looked at from governance perspective.”
But beyond business productivity, social media has attracted much attention from a malware perspective and phishing and unwitting hosting through embedded web links as a popular ploy.
“About 35 percent of the companies hurt by social-media malware suffered financial losses, with more than a third losing in excess of US$5,000,” Dolsen noted. “Further, a quarter of the businesses said they lost sensitive data due to employees who violated company policy by revealing information via social networks.”
Apart from normal security measures like antivirus software and firewalls, Blue Coat thinks that subscribing to a real-time collaborative cloud-based web filter goes some way to staunching the proliferation of malware.
“It can scan web content in real time, provide real time analysis, and immediately feed back information to the user and warn the user if there is a potential threat,” he said. “In a collaborative system with millions of users, learning from one user benefits all as potential threats are immediately flagged and prevented from impacting others.”
Sign up for Computerworld eNewsletters.