Free Newsletter
Register for our Free Newsletters
Newsletter
Zones
Access Control
LeftNav
Alarms
LeftNav
Biometrics
LeftNav
Detection
LeftNav
Deutsche Zone (German Zone)
LeftNav
Education, Training and Professional Services
LeftNav
Government Programmes
LeftNav
Guarding, Equipment and Enforcement
LeftNav
Industrial Computing Security
LeftNav
IT Security
LeftNav
Physical Security
LeftNav
Surveillance
LeftNav
View All
Other Carouselweb publications
Carousel Web
Defense File
New Materials
Pro Health Zone
Pro Manufacturing Zone
Pro Security Zone
Web Lec
 
ProSecurityZone Sponsor
 
ProSecurityZone Sponsor
 
ProSecurityZone Sponsor
 
ProSecurityZone Sponsor
 
ProSecurityZone Sponsor
 
ProSecurityZone Sponsor
 
 
News

High Profile Hack Demonstrates Need For Constant Security Revue

Idappcom : 08 July, 2011  (Technical Article)
Initial levels of high security on systems can dwindle to open up vulnerabilities if IT security is not maintained, warns Idappcom after Indian National Security Guard hack

News that the Web site of the National Security Guards (NSG) - the Indian counter-terror elite operation of the Indian army and police - has been hacked has a security message for any company IT security manager, says Idappcom.


And that message, says Ray Bryant, the CEO of the data traffic analysis and security specialist, is that no matter how good your ITsec defences are when you install a system, unless you keep those defences under constant review, cybercriminals will slide in and cause havoc.


"It sounds as though the NSG Web site - www.nsg.gov.in - has been hacked more for public embarrassment of the elite counter terror squad than anything, but the message is quite clear," he said.


"Indian newswire reports suggest that the NSG has undertaken a complete security review of its IT operations, and not just on the Web site. That review includes a forced change of e-mail passwords for staff and their contacts," he added.


Bryant went on to say that the hacking of the NSG site is an important issue for the Indian government, as the site reportedly acts as a gateway for a number of services.


This means, he explained, that the hackers could have gained access to a number of Indian government databases, and not just data that relates to the NSG.


This is, says the Idappcom CEO, the problem with a modern corporate Web site being hacked, as a growing number of organisations are using their Web portals as just that - a portal or gateway for staff and qualified third parties to gain access to advanced services.


Many IT managers see the use of Web sites as gateways as a way of saving money in both the short and longer-term, but he says, it is important that at least some of these savings to be re-invested in increasing the security posture of the Web resource in total.


It is, says Bryant, a bit like merging two bank branches into one superbranch. Although the cost of operating the both branches is reduced, the increased concentration of cash and other valuables at a single site means that the bank has to beef up its security.


"For banks this means a security review and general audit of security practices on an on-going basis – and the same principles apply for companies using their Web site as a gateway for additional services, such as e-commerce," he said.


"Web site security is no longer the set-it-and-forget-it aspect of IT defences that it used to be in the days of a static site. Modern Web sites need on-going and in-depth security reviews in order to defend against an evolving hacker threat," he added.


"Auditing and pen-testing a Web site is a must-have in the modern arsenal of corporate security defences, otherwise your corporate system could end up being the UK equivalent of the NSG: a laughing stock in security circles."

Bookmark and Share
 
Home I Editor's Blog I News by Zone I News by Date I News by Category I Special Reports I Directory I Events I Advertise I Submit Your News I About Us I Guides
 
   © 2012 ProSecurityZone.com
Netgains Logo