The Enemy Within Circa 2011

The recent exposure of hundreds of thousands of government documents by WikiLeaks points to the lack of both adequate procedures and sufficient deployment of automated technology to secure data from abuses by so-called “authorized users.” Currently, the government has arrested and charged Army Pfc. Bradley Manning, who is suspected of giving classified documents to WikiLeaks. Bradley allegedly downloaded the files from classified computers onto CDs while serving in Iraq, according to NBC News. Over the past five years, Unisphere Research has conducted seven different studies documenting the exposure of sensitive, unencrypted data within organizations and the threat this poses to enterprises and, obviously, to our government. Repeated Unisphere Research studies cover the types of data exposure, the breadth of that exposure, the failure to pass audits and a general level of complacency by information managers regarding inside threats, revealing a disturbing Achilles’ heel that remains stubbornly present. Moreover, we have begun to identify the wide gap between IT professionals and enterprise management in understanding the seriousness of the issue – and applying the needed funding to remediate the issues.

The threat presented from within can only intensify further. As organizations select internal cloud provision over outside cloud service providers, many times in the name of “data security,” we are left to wonder at the level of exposure we are likely to see with data increasingly residing outside the database itself, but within the internal cloud. Our experience here at DBTA and research through our Unisphere Research group paint a picture of broadly haphazard, even casual, security practices vis-a-vis the inside threat. Moreover, we continue to see the focus of security budgets and practices on “perimeter” threats. We also observe an ongoing myopia that appears to be broadly present in the analyst and media community serving the IT market about internal security practices.

Perhaps the one positive that can be taken from the WikiLeaks episode that is still unfolding is that the issue of insider abuse can no longer be swept under the rug. WikiLeaks blows the lid off the problems associated with “authorized user” abuse. Where can you start to learn more about internal vulnerabilities and begin to identify how to deal effectively with them? You can download the “2010 IOUG Data Security Study” in full at http://www.oracle.com/go/?&Src=7011681&Act=507&pcode=WWMK10035434MPP008 or download the shorter Executive Summary at http://www.ioug.org/PublicationsResearch/ResearchWireSurveyData/tabid/90/Default.aspx (scroll down the page for the 2010 study). The PASS study “Data in the Dark: Organizational Disconnect Hampers Data Security” can be downloaded in full here http://tinyurl.com/2auoqvq . Both of these are available on a complimentary basis.