Information Security: Beyond the Firewall - A Technical White Paper

Today’s Security Landscape
Even with stories of virus attacks and buffer overflows filling newspapers and magazines, security conscious enterprises realize that sole reliance on generic security mechanisms, such as firewalls, intrusion detection, operating system hardening, and virus protection, doesn’t provide the protection they need for their business operations. Each of these security mechanisms are important, but they are insufficient to address an enterprise’s overall information security needs. A firewall, for example, can prevent some Internet-based attacks; but it offers no protection from insiders or outsiders who are using authorized services, but in illegitimate ways. Keeping all security patches up to date can reduce vulnerability to hacker exploits, but it can’t prevent someone in accounts payable from processing fraudulent invoices.

Security conscious enterprises know that the key to safety in the dangerous world of cyberspace is to focus on protecting their sensitive information and not just the computers that process and store it. One reason for this increased emphasis on protecting information is because businesses are becoming more aware of the importance of the value and vulnerability of their own intellectual property and trade secrets. Just last year, a major consumer products manufacturer was ordered to pay $10 million to a competitor for stealing its shampoo formulas, and a software company had to pay a competitor over $180 million for stealing its source code. Corporate espionage is big business.

Click here to view this document in PDF format.

This document is available for download in PDF format only.
Click here to download the Adobe Reader for viewing the PDF files