Vulnerable to Data Breaches? Five Tips for Data Breach Security Testing
by Martha AvilesThe cost of publicly disclosed data breaches has rapidly increased over the past 18 months. In 2010 the most expensive reported data breach cost that company nearly $31 million to resolve. So far in 2011, we have witnessed several incidents which surpassed that, including RSA’s SecurID two-factor authentication breach, which cost parent company EMC $66 million dollars, and more recently the staggering $171 million Sony data breach.
The problem is, breaches may only become more costly due to more devices connecting to networks worldwide, more complex applications handling sensitive data, and user traffic volumes reaching uncharted territory. With this amount of traffic, it is reasonable to be anxious about security, but now is not the time to let nerves (or limited resources, as we'll discuss later) paralyze you. Instead, you have a fantastic opportunity to become proactive about security and break out of the “wait and see” mode.
Forget Compliance Regulation: Get Serious About Defending Your Network Now
As discussed in an earlier post, data breach compliance regulation is coming. But shouldn’t all businesses already be concerned with data breaches? In fact, some businesses are not waiting for legislation, because they understand that the costs of data breaches are skyrocketing, so they can’t afford to delay.
While protecting networks and data centers feels like a daunting task, the bigger challenge for IT departments is to do more with less and maximize already shrunken resources. But it can be done.
How can you help your organization get ready for a potential data breach? Let’s look at five ways to get your organization to put more resources into hardening cyber defenses, even in these days of tight budgets.
#1. Quantify data breach costs
Regardless of the size of your organization, if you’re responsible for network security, there are lots of relevant facts and figures about data breaches that you can provide to your organization. Only a few—like Sony’s huge loss—are just the tip of the iceberg. Sometimes seeing the numbers creates the “ah-ha” moment needed.
Keep in mind that the numbers you need might come from within your own organization, too. Think about this, how many mobile users are operating on your networks and how has that grown in the past two years? How many SSNs, addresses, pieces of financial information, and transactions pass through your system? Are your data loss prevention (DLP) methods effective on mobile devices? Even if the answer to all of these is “I don’t know,” that is valuable information that can help move your network security initiatives along, and in many cases, help create management support for testing your network or data center.
#2. Test with Real Application Traffic
Legacy testing devices generate only canned traffic and configurations, leading to inaccurate security, stability, and performance results. It is important to test using tools that can create accurate simulations of vulnerable traffic such as personal information and corporate IP to ensure that DLP measures work like they’re supposed to. For example, did you realize that most organizations run about 30 applications simultaneously across their networks? You need to be able to test under those conditions.
You can also increase the authenticity of tests using methods like Markov text generation, which analyzes real text samples to generate new ones based on statistical probabilities. Without this ability you cannot properly test DLP devices with human-readable text such as Facebook, email, and HTTP. Testing under these precise conditions is the only approach that will provide your organization’s management with definitive answers—and not just your best guess—about how effective your network security is.
#3. Purchase Only What You Need
Once you start using real-world conditions to test equipment, you can conduct accurate side-by-side validation of competing products to find out how each of them will perform in your infrastructure. These results will also help your management understand what you are doing to keep the infrastructure secure and prevent unnecessary device purchases. For example, you’ll be able to definitively tell your organization’s leader which firewall provides the most protective AND cost-effective solution for your business, or how different IPS devices perform under normal and high-stress conditions. Here at BreakingPoint, we are helping IT teams find the technical answers required. We’ve seen our customers use these answers to save up to 40% on purchases by determining exactly what they need.
#4. Perform Pre-Deployment Device Evaluations
The ability to evaluate equipment like servers, load balancers, firewalls, and IDS/IPS devices before deployment helps resiliency and infrastructure planning. By comparing and evaluating content-aware devices using the conditions of your environment, you can ensure that the equipment will withstand the stress of your network and meet your organization’s specific technical needs. For instance, the ability to test with simulated sensitive data such as real Social Security numbers and real credit card numbers is crucial, because it gives you the authenticity you need when validating the deep packet inspection (DPI) capabilities of network and security equipment. It’s also imperative to understand if end users will experience performance degradation as additional functionalities are turned on. Why upgrade your network blind? The more information you can gather before deployment that predicts exactly how a device will perform in your network, the more you will save not only dollars but also configuration and troubleshooting time.
#5. Test All The Time
Proper security and performance testing helps you meet compliance requirements AND prevent data breaches. It is much easier to get ahead than to play catch up. Often organizations overdesign their networks by purchasing any security measures they can get budget for, yet they still experience a security attack. Why does this happen? Application protocols and security attacks are continually evolving, so your testing tools must remain current as well to ensure protection. Staying on top of emerging network traffic is a full-time job—one you don’t have time to do—so you need test equipment that delivers regular updates for applications and attacks. That lets you harden the resiliency of your devices, networks, and data centers knowing that you’re always using the most up-to-date conditions.
Each individual IT network or data center is a unique use case depending on the number and behavior of its users and the type of traffic it carries. If you follow the five steps above, your IT infrastructure will be more stable and more secure. Obviously data breach compliance is coming eventually, but you can start hardening your IT infrastructure today for the sake of your business, your employees, and your customers.
So is your organization an innovator, early adopter, or laggard? Are they aware of the serious issues surrounding data breaches . . . or still willing to “wait and see”?
blog comments powered by Disqus
