New Approaches and Systems in Data Security: A Comparison

Jerry Irvine is the CIO of an outsourcing firm, Schaumburg, as well as a member of the National Cyber Security Task Force. In his article, Mobility and Cloud: A Double Whammy for Securing Data, he discusses the issues involved with securing mobile and cloud data as well as a layered approach for security development within those fields. He introduces the article with the notion that security systems such as firewalls and intrusion detection systems are obsolete, and after the year 2014 will not be able to sufficiently protect corporate data against cybercrime and what is called BYOD, or bring your own device, scenarios. Irvine then describes why this is a concern, explaining that security issues and the protection of data are two of the main focuses of information technology departments today. Irvine is concerned that the growth in the production of mobile devices and cloud systems renders legacy security solutions incapable of keeping up with data-protecting solutions.

Irvine discusses the evolution of technology protection from the focus on physical device protection to the placement of intellectual property and data in clouds as well as access of this information to multiple employees from personal smartphones, tablets, and computers. He stated that before this evolution, “The general rule of thumb was that if the organization protected the device, the data was also protected (Irvine)”, and that now the focus is on data protection instead of primarily device protection. Irvine outlined several obstacles with data protection, including application dependency, cloud solutions that exist outside of core enterprise environments, firewalls and security systems that are designed to allow access to applications and data in a network, and finally, the development of malware that takes advantages of both the weaknesses of mobile devices and cloud configurations. Irvine offered a three-tiered approach to these problems: First, the data classification and categorization to define what can be accessed and what needs to be secured. Second, strong service-level agreements and contractual agreements in order to make sure that cloud providers are meeting security requirements when organizations outsource their data into clouds. Third, the establishment of policy-based and automated device management, that combines automated and manual management and security of employee devices that can access corporate material.

Irvine’s article on data security is interesting and thought-provoking because it is relevant and informative. Some of the information presented in the article, Mobility and Cloud: A Double Whammy for Securing Data, pertains to course material information that is being taught in the IT 263 course. The information that correlates between the article and the course has to do with intrusion detection systems. Intrusion detection systems are information security strategies or solutions that are configured to identify suspicious packet patters, such as in the case of denial-of-service attacks, and also to trigger alarms when patterns are detected. There are four different types of IDS: host-based, signature-based, network-based, and anomaly-based. The IDS’ characteristics, advantages, disadvantages, and deployment are outlined in the course notes. Irvine also defines the IDS system in his article and states that they are no longer sufficient in the mobile and cloud data age to protect data by themselves because of their dependency on operating to protect single devices.

Irvine is not alone in this assumption that IDS systems are obsolete. In another article, Intrusion Detection Is Dead. Long Live Intrusion Prevention, Timothy D. Wickham outlines the weaknesses of information detection systems and promotes the use of information prevention systems instead. Wickham explains that IDS systems were created in an effort to protect data in an increasingly hostile environment in the information technology world. Threats to data protection have become vast and diverse since the advent of the computer, and concern over data protection has risen exponentially as well. This concern that Wickham observes is certainly well justified, companies are losing thousands of dollars each year due to cybersecurity breaches. According to the 2012 Cyber Security Watch Survey Results, companies lost approximately $374,000 dollars due to cyber-crime attacks, which is more than double that of the losses in 2011 (CSO Business Risk Leadership). Wickham also explains that it was not just these concerns that caused the application of IDS systems. He states that in the advent of IDS systems in the early 1980’s, the decision to implement systems designed to detect malicious patterns instead of prevent them was due to two factors: a lack at that time of specialized hardware capability, and that the belief that the number of security threats was too daunting of a task to prevent. Due to these performance and accuracy problems, IDS systems were put in place to detect malicious threats, but cannot do anything to protect the systems.

Wickham expands his argument against IDS systems by introducing a system that by his definition is better. He states that an IPS system is more accurate and efficient than an IDS system. An IDS system is less efficient because it has the disadvantage of generating a number of false alarms. An IPS system has the specialized hardware capability to both detect a threat to data security and will block it, making it more efficient. He concludes his argument by stating that the weaknesses of the IDS are apparent and that the IPS system is clearly a better solution to data security.

While Wickham’s argument is both appealing and decisive, it does not correlate with Irvine’s three-tiered approach, it only correlates with the insufficiency of an IDS system. Irvine is not the only one to promote a layered approach to data security, it is actually advocated by many information-based security industries. IBM outlines multiple layers of defense in its Iseries Information Center, which is geared to inform organizations on different ways to approach data security. IBM promotes a tiered system of defense which includes system-level security, network-level security, application-level security, and transmission-level security (IMB) which is a similar approach to the one specified by Irvine. Another similar approach to security is defined in the article, A Layered Approach to Security, published by Industrial IP Advantage. The importance of a tiered approach in security is emphasized by the statement, “Multiple layers of network security can protect networked assets, data, and endpoints, just as multiple layers of physical security can protect high-value physical assets (Banathy et al.)”.

As concerns of information technology data security not being able to keep up with the evolution of data threats on mobile and cloud networks, it is important that these types of layered approaches are taken by IT departments. The convergence between technology and teamwork between departments, providers, and networks will be beneficial to future efforts of combating data theft and malicious threats. As systems such as the IDS become obsolete, or refined, and systems such as the IPS are implemented more often, network security will grow and strengthen. There is a lot at stake when data is exposed on devices, in cloud storage, and through accessible networks: thousands of dollars and user’s security are compromised at an exponential rate yearly, and the prevention of such loss will continue to be an important goal in information technology as a whole.

Irvine’s article about data security both reaffirms information learned in the IT 263 course and offers new aspects of the material. This includes the reaffirmation of information detection systems in the context of data security. Irvine offers a new aspect of the IDS system in his assumption that it is obsolete in the current war waged against malware and data security threats. This assumption is supplemented by the argument made by Wickham against the IDS system. Another aspect of the information offered in the main article is the layered approach to security, to ensure an infallible approach to data protection. This layered approach is supported by the supplemented materials from IBM and IP Industrial Advantage. The importance of the information learned in the main article, IT 263 course, and related material lies with the importance of data security as a whole. Individuals and corporations deserve adequate security in this technological age. Keeping up with security is important in saving both money and in preventing compromised information. The only way to close the gap between obstacles and advancements in data security is to advance with these new approaches and to learn from the ones that are now obsolete.

Works Cited

Banathy, Andy, Guy Panozzo, Alexander Gordy, and John Senese. “A Layered Approach to Network Security.” July 2013. http://www.industrial-ip.org/en/knowledge-center/solutions/security-and-compliance/a-layered-approach-to-network-security

CSO Business Risk Leadership. “2012 Cyber Security Watch Survey Results.” Scribd. http://www.scribd.com/doc/119922551/2012-CyberSecurity-Watch-Survey-Results

Irvine, Jerry. "Mobility & Cloud: A Double Whammy for Securing Data." Information Week, 23 Dec. 2013. http://www.informationweek.com/security/cloud-security/mobility-and-cloud-a-double-whammy-for-securing-data-/d/d-id/1113212?

IMB. “Iseries Information Center, Version 5 Release 3.” N.d. https://publib.boulder.ibm.com/infocenter/iseries/v5r3/index.jsp?topic=%2Frzaj4%2Frzaj4rzaj40a0internetsecurity.htm

Wickham, Timothy. “Intrusion Detection Is Dead. Long Live Intrusion Prevention.” 2003. https://www.sans.org/reading-room/whitepapers/detection/intrusion-detection-dead-long-live-intrusion-prevention-1028.