Cyber Impact: Why Physical and IT Security Are Converging
From “Cyber Impact: Why Physical and IT Security Are Converging”
Security Today (03/01/16) Joseph, Stephen
The shift of banking practices from physical branches to online has forced financial institutions to revamp their security measures for the cyber realm. IT and physical security are increasingly converging, with new network-based technologies allowing the two departments to share common tools and work in tandem. Corporate security directors faced with limited security staff are using smart technology for traditional security support as well as for handling decision making. An example is network routers that can be programmed to detect and route specific network traffic, such as financial transactions, e-mail or surveillance video, according to preset conditions and priorities. In mitigating potential threats, it is also important for IT and physical security to work side-by-side, such as in deploying a physical security system technology on a bank’s network. Another way the two fields are converging is the IP video camera, a popular physical security device today being deployed across banking networks. As with any network device, the security camera should meet certain basic IT security standards and banking institutions should follow standard protection recommendations. New technology always comes with the potential of new threats, but through efforts by both parties to seamlessly merge cyber and physical security programs, an institution can become more capable and successful in mitigating potential risks.
| Web Link | Return to Headlines
Data Security Threats Could Be Lurking Inside Your Organization
From “Data Security Threats Could Be Lurking Inside Your Organization”
In Homeland Security (03/02/2016) Tarbet, Michael
Most organizations tend to focus security efforts on data breaches that come from the outside. But 43 percent of breaches actually come from within the company itself, some as a result of simple human error and some by more nefarious means. These breaches carry consequences similar to those that come from outside breaches, and often have larger repercussions. As bring-your-own-device policies become more popular, the threat of interior breaches grows. One way to combat this risk is to implement policy-based data access governance. Identity-based access management can work well, but policy-based governance can control what data leaves the organization and precisely defines who or what applications can use the data. It also enables companies to define the types of data an employee can access based on administrative roles. This principle works for current employees, but ex-employees pose a threat as well. The most efficient way to stymie that risk to to revoke all access to data by ex-employees as quickly as possible, especially if their termination was messy.
| Web Link