Here are four techniques and related technologies several cited as underrated in today's security fight. Since one security pro's miracle tool is another's waste of budget, it's no surprise that a couple of the technologies panned last week are praised here.
Application security is something companies increasingly worry about, as the number of business and personal apps proliferate. Hackers are targeting everything from online banking apps to the gaming apps popular on such social networks as Facebook. Web Application Firewalls (WAFs) are among the technologies designed to reduce the risk. One of the more overlooked features of the technology is whitelisting, the art of allowing only traffic known to be valid to pass through the gate; thus providing an external input validation shield over the application.
Andy Willingham, senior security engineer at E-chx and founder of AndyITGuy Consulting, believes whitelisting and URL filtering are too quickly dismissed as too difficult. "Most people think that it's too hard to limit what people can run and where they can go," he said. "We've reached the point where we can't just let people do what they want. Too many preach that if we want to attract and retain good employees that we have to allow them to install programs and surf freely but until we get virtual environments to the point where everything is its own virtual session and can be 'cleared' at will or regularly, then we have to start locking down."
Chris Young, a VP at ISM, said the biggest setback for this technology has been inconsistency on the management side, but that this piece is improving. "We are at the point where this is no longer a problem and new programs can be added with minimal/no admin assistance in a secure and controlled manner," he said. "On the endpoint it should not be seen as a locking down of the system in that users won't be able to have any freedom, but it provides admin/user education in the sense that it forces admins/users to check what they are downloading first to make sure it is a legit program and conforms to company policy."
At the same time, he said, the technology is filling the holes cause by poor/accidental user behavior while protecting executables that have been authorized to run on the system. "Operation Aurora was one of many examples where whitelisting on the endpoint would have completely prevented the compromise even after a user was duped into clicking on a link that led to a website that automatically downloaded and executed malware on the host system," he said.
Data encryptors and/or shredders
Readers noted that one of their biggest challenges is to properly protect the data they HAVE to store and get rid of the data that's no longer needed. In many a security breach, the latter is what the bad guys hack into or physically cart offsite. For the digital data that can't be expunged yet, those polled stressed the importance of data encryption. For the physical records (and of course disk drives also), the humble shredder is a machine some cite as underrated.