Active Net Steward - Distributed Firewall

Author: Daniel L. Safeer Published April 4, 2011 from SANS

Recent studies have proven just how incorrect that assumption is. A Digital Research, Inc. reported, "Authorized users are by far a company's biggest security threat." (3) A study by the FBI and CSI showed 44% of respondents "reported unauthorized access by employees."(3) The report that opens the most eyes is a 1996 study by American Society for Industrial Security that reports, "A massive 75 per cent of all computer break-ins occurred internally."(4) Whether this access was malicious or simple curiosity is irrelevant, this access was possible because it was not stopped by traditional methods: firewalls and IDS. The question then becomes, how do I deal with the implied trust afforded to users who are inside of the firewall, either physically or electronically (via VPN or dialup)?

Tags:

Read the complete paper at SANS