Security: Beyond the Firewall - A Technical White Paper
Even with stories of virus attacks and buffer overflows filling newspapers
and magazines, security conscious enterprises realize that sole reliance
on generic security mechanisms, such as firewalls, intrusion detection,
operating system hardening, and virus protection, doesn’t provide
the protection they need for their business operations. Each of these
security mechanisms are important, but they are insufficient to address
an enterprise’s overall information security needs. A firewall,
for example, can prevent some Internet-based attacks; but it offers no
protection from insiders or outsiders who are using authorized services,
but in illegitimate ways. Keeping all security patches up to date can
reduce vulnerability to hacker exploits, but it can’t prevent someone
in accounts payable from processing fraudulent invoices.
Security conscious enterprises
know that the key to safety in the dangerous world of cyberspace is to
focus on protecting their sensitive information and not just the computers
that process and store it. One reason for this increased emphasis on protecting
information is because businesses are becoming more aware of the importance
of the value and vulnerability of their own intellectual property and
trade secrets. Just last year, a major consumer products manufacturer
was ordered to pay $10 million to a competitor for stealing its shampoo
formulas, and a software company had to pay a competitor over $180 million
for stealing its source code. Corporate espionage is big business.
here to view this document in PDF format.
This document is available for download in PDF format only.
Click here to download the Adobe Reader for viewing the PDF files