Slashdot Mirror

← Back to Stories (view on slashdot.org)

Ask Slashdot: Preventing Snowden-Style Security Breaches?

Posted by samzenpus on from the protect-ya-neck dept.

Nerval's Lobster writes "The topic of dealing with insider threats has entered the spotlight in a big way recently thanks to Edward Snowden. A former contractor who worked as an IT administrator for the National Security Agency via Booz Allen Hamilton, Snowden rocked the public with his controversial (and unauthorized) disclosure of top secret documents describing the NSA's telecommunications and Internet surveillance programs to The Guardian. Achieving a layer of solid protection from insiders is a complex issue; when it comes to protecting a business's data, organizations more often focus on threats from the outside. But when a trusted employee or contractor uses privileged access to take company data, the aftermath can be as catastrophic to the business or organization as an outside attack. An administrator can block removal of sensitive data via removable media (Snowden apparently lifted sensitive NSA data using a USB device) by disabling USB slots or controlling them via access or profile, or relying on DLP (which has its own issues). They can install software that monitors systems and does its best to detect unusual employee behavior, but many offerings in this category don't go quite far enough. They can track data as it moves through the network. But all of these security practices come with vulnerabilities. What do you think the best way is to lock down a system against malicious insiders?"

9 of 381 comments (clear)

  1. simple by greenfruitsalad · · Score: 5, Insightful

    Simple. Do good, make people working for you feel they're doing something good for the world.

    1. Re:simple by rtfa-troll · · Score: 5, Insightful

      The question of securing your data shouldn't be about good or evil, or any particular moral judgment, but simply about how to make sure you're critical and confidential data doesn't end up being ripped off.

      There's a certain level that you can go that way. However, in the end, to be useful data has to be loaded into people's heads. People can then unload part of it elsewhere. A very important part of securing the data is making sure that those people who could do that choose not to because they see the value of your mission. Those people who surround them also see the value and put social pressure not to reveal secrets. When the US loses it's moral authority by doing things identical to acts it has previously criticised this is obviously going to increase the risk of a leak.

      --
      =~ s,(.*),<sarcasm>$1</sarcasm>,g if any_point_you_wish();
    2. Re:simple by Dahamma · · Score: 5, Insightful

      No, the general question TFA asks about security breaches really has nothing to do with right and wrong or morality, it was simply about protection of data from insiders in any organization. What if Snowden's motivation had instead been monetary (which is much more common in security breaches than whistleblowing)? Or industrial espionage instead of government?

      Protecting data from internal leaks is a complex issue, and pretending "if you are good it won't happen" is idiotic.

  2. Nice try NSA by stewsters · · Score: 5, Insightful

    How about try not to do anything you would be embarrassed by if it leaked? Not ignoring the 4th Amendment is a good start.

  3. Lesson Number One..... by segedunum · · Score: 5, Insightful

    Don't piss off the sys admin.

  4. Don't be dicks, you'll get less whistleblowers by Anonymous Coward · · Score: 5, Insightful

    Obeying your country's constitution and not operating for the sole benefit of oligarchs and barons of commerce would go a long way towards limiting whistleblowing activity.

    If you want to go the opposite direction, I guess you could lock up your employees in a bunker and hold their families hostage.

  5. Limit access by Xargle · · Score: 5, Insightful

    Have separation between levels of security and have fewer & fewer admins working on them as you go up the chain. Use the old established and trusted guys at the top. Don't have thousands of people (particularly contractors) crawling all over the most sensitive data. Seems obvious really. Look at the amount of data *Private* Bradley Manning got his hands on. It's like NSA & Govt just leave the barn doors open and hope the fear of prosecution will prevent the bad thing from happening.

  6. Re:Nice try NSA by intermodal · · Score: 5, Insightful

    That was certainly an issue. If we're talking Snowden-style, the best deterrent is to actually conduct your operations within the law and within the boundaries of ethical behaviour. Snowden wouldn't have had anything to leak if the government were operating within the legitimate bounds of the constitution.

    --
    In SOVIET RUSSIA... erm...NSA AMERICA, the Internet logs onto YOU!
  7. Re:Nice try NSA by Moof123 · · Score: 5, Insightful

    I'm going to fail Godwin's law off the bat here, but remember that Hitler was lawfully elected and his SS all worked within the law. The letter of the law can twisted and re-written to make torture "legal", but that does not mean that it is OK since it is legal. The fact that "enhanced interrogation", and now "enhanced observation" is legal and was known to congress should be MUCH scarier than if it came out that the NSA was breaking the law without congressional oversight.