Results 1 to 9 of 9

Thread: The enemy within?

  1. #1
    Senior Member nihil's Avatar
    Join Date
    Jul 2003
    Location
    United Kingdom: Bridlington
    Posts
    17,188

    The enemy within?

    I came across this:

    Enterprise users are "actively and intentionally" evading IT security controls and ignoring acceptable use policies, according to Palo Alto Networks' first annual "Application Usage and Risk Report."
    Quite frightening really?

    The recent survey results from Palo Alto, a firewall vendor, are based on traffic from 350,000 users in 20 organisations that span the financial services, manufacturing, healthcare, state/local government
    Details are here:

    http://www.techworld.com/security/ne...m?newsID=12102

    OK, I realise that is quite a small sample, and I don't know how representative or unbiased it is, but it does make you wonder?

  2. #2
    Dissident 4dm1n brokencrow's Avatar
    Join Date
    Feb 2004
    Location
    Shawnee country
    Posts
    1,243
    That report covers a lot of ground: 350K users and how many corporations?

    I've seen well-funded outfits that ran very tight ships (you'd be fired for even having a USB stick) to underfunded and sloppy outfits where half the employees had local admin rights. A friend at one mfg'ing outfit even told me about an admin that was running a P2P server in one of the backrooms.

    It's a jungle out there. I'm curious how Palo Alto collected all those reports.
    “Everybody is ignorant, only on different subjects.” — Will Rogers

  3. #3
    Senior Member nihil's Avatar
    Join Date
    Jul 2003
    Location
    United Kingdom: Bridlington
    Posts
    17,188
    Yeah,

    350,000 in 20 organisations............... I make that an average of 17,500 each?

    Worrying thing is that they mention finance, government and healthcare? they have strict regulatory compliance requirements



    EDIT: As for the company ( Palo Alto)they were testing a new generation of their software, so I guess these guys were beta testers or trialists?
    Last edited by nihil; April 29th, 2008 at 09:40 PM.

  4. #4
    Only african to own a PC! Cider's Avatar
    Join Date
    Jun 2003
    Location
    Israel
    Posts
    1,683
    - External proxies that IT does not support, such as CGIProxy and KProxy, were present in 80 percent of the customer networks.
    Rofl ?

    - Web video and streaming audio consumed significant bandwidth on 100 percent and 95 percent of the sites sampled, respectively.
    Erm I might as well post every finding, thats just ridiculous.

    In a sense its good because they have to employ decent IT people.

    Gore could of maybe got a job sooner

    Nice find. Thanks.
    The world is a dangerous place to live; not because of the people who are evil, but because of the people who don't do anything about it.
    Albert Einstein

  5. #5
    Senior Member nihil's Avatar
    Join Date
    Jul 2003
    Location
    United Kingdom: Bridlington
    Posts
    17,188
    Yes, but remember my reservation? I think that the reason these outfits were taking part in the trial was because they already knew that they had a problem?

  6. #6
    Dissident 4dm1n brokencrow's Avatar
    Join Date
    Feb 2004
    Location
    Shawnee country
    Posts
    1,243
    Quote Originally Posted by nihil
    ...finance, government and healthcare? they have strict regulatory compliance requirements
    Wait a minute...I thought the gov't only ENFORCED strict regulatory
    requirements. You mean they're SUBJECT to them, too?

    p.s.- I'm talking about in practice, not in theory or court cases.

    “Everybody is ignorant, only on different subjects.” — Will Rogers

  7. #7
    Senior Member nihil's Avatar
    Join Date
    Jul 2003
    Location
    United Kingdom: Bridlington
    Posts
    17,188
    Well, I am no expert on US laws, but I was mostly thinking of Sarbanes-Oxley and HIAPPA.

    I suspect that the "government" bodies were local government, and they certainly have to comply with Federal laws, where appropriate.

    I seem to recall that the Feds get audited each year and a performance ranking is published?

    No idea what happens after that............. not a lot I would imagine

    p.s.- I'm talking about in practice, not in theory or court cases.
    That is true.......... with corporates and institutions you have a clearly defined target. Government is a very amorphous structure.

  8. #8
    Just Another Geek
    Join Date
    Jul 2002
    Location
    Rotterdam, Netherlands
    Posts
    3,401
    To be honest SOX doesn't mean a thing.. I work for a company that has to be SOX compliant. The security around here is crap to say the least. I'm working on a few Solaris boxes and within a week I found several ways to elevate my privileges. Hell, I can even SSH into my home network and tunnel everything through that.. Yes, we have lots of procedures, rules and regulations.. And as long as everything is documented and according to procedure it's ok. Unfortunately this doesn't mean it's secure in any way.
    Oliver's Law:
    Experience is something you don't get until just after you need it.

  9. #9
    Senior Member nihil's Avatar
    Join Date
    Jul 2003
    Location
    United Kingdom: Bridlington
    Posts
    17,188
    To be honest SOX doesn't mean a thing.
    Until you have a security breach?

    And as long as everything is documented and according to procedure it's ok. Unfortunately this doesn't mean it's secure in any way.
    That is very true, and the problem is not only in regulations, I see it in certifications (BS, ISO etc.) and methodologies (CMM for example). So long as you have processes and procedures to support them, documentation, and you adhere to the processes and procedures, you will get the certification.

    There is no concept of quality and effectiveness.

Similar Threads

  1. To know my enemy...
    By THE RADICAL in forum Cosmos
    Replies: 15
    Last Post: October 4th, 2004, 02:09 AM
  2. does Stalin's enemy know tech?
    By cross in forum AntiOnline's General Chit Chat
    Replies: 0
    Last Post: June 20th, 2003, 04:37 PM
  3. Know Your Enemy
    By sweet_angel in forum Product / Book / Training / Conference Reviews
    Replies: 0
    Last Post: January 26th, 2003, 08:59 AM
  4. Extracts: Know Your Enemy
    By smirc in forum Miscellaneous Security Discussions
    Replies: 9
    Last Post: May 12th, 2002, 06:36 PM
  5. destructive thing for ur enemy
    By lovable in forum Newbie Security Questions
    Replies: 7
    Last Post: February 15th, 2002, 04:51 PM

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •