Managing internal access to data and software has always been a challenge for technical and security departments. In the past, security was often managed physically; workers couldn’t access what they couldn’t physically get to. Today, cloud computing and the need for employees of all levels to access data from disparate locations makes physical controls outdated in most industries. Instead, organizations are turning to a variety of cloud, software, and hardware-based security solutions, some of which are less effective than others.
In a 2015 Verizon Report on data breaches, top causes of breaches included malicious attempts from hackers, phishing schemes, denial of service attacks, and payment card skimmers. But internal security dangers also made the list: approximately 15 percent of incidents reported related to physical theft of hardware. As many as 55 percent of those thefts occurred within the work environment, creating a need to secure hardware physically and create safety features on devices to limit access if someone inappropriate is in possession of the computer, phone, or tablet.
While rendering your data unreadable to the outside may benefit you in the event of a stolen VM, it is also your first security barrier which serves to protect against potential Not all security threats are malicious in nature. The same Verizon study indicates that almost 30 percent of all reported incidents are traced back to an error. Publishing data incorrectly, accidently accessing information, sending sensitive information to the wrong person, and disposing of data in an insecure manner are all top errors that lead to data breaches. While human error can’t be expunged completely from any process, organizations can use internal security to limit data access to appropriate staff members, thus limiting the mistakes that can occur.
Often, organizations use a combination of password and PIN entry, VPN requirements, and fobs and smart cards to create internal data security even when employees themselves are not on the premises. The problem with such security measures is that they create unnecessary expense and headaches for everyone involved in the process.
Usually, such measures require the employee to carry both a company-provided laptop or device and a company provided fob or smart card when they travel. When logging in, the employee combines password or PIN entry with the fob or smartcard: both have to be available and correct for access to the device, the network, software, or data.
These measures create added work and expenses, such as:
Intel’s IPT with PKI solutions provide the same level of security that you’ll find with smart cards, but the security elements are incorporated into the device and the network itself. Employees don’t have to carry a secondary element; technology departments don’t have to worry about additional components. Intel’s IPT solutions also provide security across numerous functions, from VPN to email encryption, creating powerful, flexible security solutions for organizations.
A concern with solutions that are hardware-based are that screen scrapers or other hacker tools can capture PIN or passwords, but Intel’s solution keeps that from happening. PIN or password entry occurs on the screen, but the keypad can only be seen from that device. Any other person attempting to access the information would see a single black box.
Security is a critical component for any organization today, and costs can quickly escalate as companies attempt to protect themselves, employees, and customers. Working with an IT solutions provider to integrate intelligent security solutions across the workforce and network can help organizations reduce the cost and headache associated with security without decreasing security itself.
Find out just how secure your network really is. Learn more about our free Security and Threat Prevention assessment.