While zero day exploits have been making headlines the last couple of years, what is slowly reaching the media are "less than zero day" flaws. For example, the story yesterday in Computerworld "Undisclosed flaws Undermine IT Defenses".
The story points out that there are many software and security holes that are unreported, to which enterprises are vulnerable to. Quoting a CTO of a telecommunications company, "Therefore, the emphasis has to be on detecting and containing the fallout from any attacks to the greatest extent possible, he added. That requires multiple layers of defenses not just at the network perimeter but behind it as well, according to Sullivan, who recommended the use of security measures such as strong user and device authentication, strict role-based access controls, network segmentation and data encryption."
The article is light on the many layers required. While it does mention perimeter security and authentication access control, it doesn't mention checking out workers before hiring, training users to not click on email links, multi-factor authentication and transaction authentication.
Guy
www.authenticationworld.com
guy.huntington@authenticationworld.com
del.icio.us