Employees Will Find Ways to Route Around Corporate Firewalls

business, law, recommendations, technology Add comments
Apr 302009

Joe working within the constricts of work's se...Image by lloydi via Flickr

Study: Employees Will Find Ways to Route Around Corporate Firewalls – ReadWriteWeb:

The study also found that users will go to great lengths to route around corporate networks and often use tools like Gbridge, encrypted tunneling applications, and various private and public proxy services to circumvent security protocols, corporate firewalls and filtering mechanisms. Companies are spending a lot of money on firewalls and filtering products, but in the end, users will always find a way around these.

For those advising corporate clients, this is a very important notion to keep in mind in terms of risk management: technical measures go only so far without buy-in from users and employees, and potential security threats (which sounds more cloak-and-dagger that it often is in reality) can be much more easily be introduced (usually unintentionally) by those within your network than by those on the outside.

To solve the human side of the equation, training and education are critical. On the technical side, “hardening” inward-facing servers is critical. Do not rely on firewalls alone for protection.

I suspect that banning applications or services (such as social media, or even P2P) may be the wrong approach (although from a legal perspective attempting to do so may be important to reduce liability.) Training and education on how to use such tools effectively, securely, and legally may be more effective in the long term, and having users and employees working with your plans (instead of routing around your firewall in any way possible) is far more likely to provide real security.

My final thought: integrate your legal team, your technical team, plus marketing and business operations together to achieve the best security possible (and to gain other benefits, too!). And don’t forget to bring in the users, customers, and clients as well, as they are critical stakeholders in any complete security scheme.

Related articles by Zemanta

Reblog this post [with Zemanta]
Share this post

Share to Facebook Share to Twitter
Stumble It Share to Delicious
Share to Google More...

Subscribe

Subscribe via RSS Subscribe via RSS
Posted by krisnelson at 11:07 pm Tagged with: , ,

Leave a Reply

(required)

(required)

You may use these HTML tags and attributes: <a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code> <del datetime=""> <em> <i> <q cite=""> <strike> <strong>

Disclaimer & Privacy

This is not legal advice. I am not your attorney. I am not licensed to practice in your jurisdiction. I am not soliciting your business. Please see our Privacy Policy.

Copyright

© 2005-2010 by Kristopher Nelson. Want to republish? Get permission. Want to quote? That's fair use.

Site Sponsors

© 2005-2010 by Kristopher Nelson. Want to republish? Get permission. Want to quote? That's fair use. Suffusion WordPress theme by Sayontan Sinha