Encryption is also now being applied extensively in offices so if ever information does get out and falls into the wrong hands it is rendered useless without the proper cipher key. The use of military-grade encryption has random generators and multi level encryption technologies which were previously available only to the military forces. Hardware based encryption is also another developing technology where hardware components such as hard disks, network cards and other such peripherals are embedded with encryption technology on a chip thus preventing unauthorized data being useable that is transmitted or contained within them. All these technologies along with promising technologies in development such as faster multi-processors allow higher encryption levels without sacrificing performance as today�s technologies are limited to (the faster the processor, the faster the coding/decoding of information that would become almost unperceivable with future computers).

Previously we discussed the importance of having an intrusion detection system to handle the growing number of attacks on corporate networks with Intrusion Detection Systems. A better solution would be to give some form of control to the detection system giving it teeth to execute actions that would prevent intrusion such as denying access or deleting errant file attachments. This comes in the form of Intrusion Prevention Systems which have the ability to detect, analyze and take appropriate action as programmed to do so by the systems administrators who then gets a detailed report on what was done. This allows them to review and take further action if the file was simply quarantined and not deleted by the system. They can then be submitted to the software vendor so they can analyze and formulate a solution to the threat providing feedback to prevent further infections.

Network Intrusion Detection Systems have a sole purpose which is to analyze data packets entering a network while looking for signatures of known malware. These signatures are constantly updated as new threats are detected so they are always on the lookout for a growing number of threats that keep on getting better and better at what they do. A detection system checks for any suspicious activity and then notifies the right people who then do the desired actions that have been laid out. Much like a citizen who calls the cops to report a criminal, it works the same way with the system being the caller and the dispatcher in detection side, and the cops on the System Administration side who takes action and apprehends the suspected criminal. They are however quite dependent on the ability of their handlers (System Administrator’s) to handle the threat as it should be. Miscalculations or lack of action can render it useless defeating its purpose. A better solution will be discussed in the next post that is more pro-active in the quest to protect the corporate network.

United States law enforcement agencies have long used the centralized database systems for storing information on criminals and other law breaking activities for inter-agency cooperation. The FBI has proposed a new system which would also contain more biometric information included with the old photos, rap sheets and biographical information in hopes to boost the capability of crime prevention and investigation units in getting information. The said plan gets many critics due to many problems that are foreseen to come with a new system such as the fact that the agency’s network and computers are some of the most attacked computers on earth. The transmission of all information regarding an investigation is to be sent to the FBI first before all other agencies, which raises questions on the transmission security of the said information. The system in place that has been modified for Homeland Security has a lot of flaws wherein many people with misdemeanors get arrested as “terrorists”. There is no contesting the fact that there is a need for such a system but further testing and development should be done as many experts see the plan. The security and reliability of the government should be prioritized and developed to the full capability of current technology for it to remain acceptable and adaptable for the times to come.

This has bearing for information that is dealt with locally but also with data that is used on the internet as well. Security experts agree that there is no so-called silver bullet that would be able to provide all the security needs of information but rather a mix of technologies. These technologies such as ERM�s or Enterprise Rights Management, allows companies to determine how information is to be used and who gets to send and receive them based on the sensitivity level of the said information in question. For email applications, software that offer S/MIME or Secure/Multipurpose Internet Mail Extensions are the best bet in controlling which email can be or cannot be sent by a
certain individual out through the internet.

Cisco, one of the world�s leading producers of network servers that are deployed on the internet and in large corporations has announced the release of their Self-Defending Network version 3.0. This is after they have finalized the acquisition of security software Ironport Systems Inc. Ironport is responsible for the development of a powerful e-mail and web monitoring service called SenderBase. The said system collects information from almost 100,000 internet providers, schools, universities and corporations globally. Checking for more than 110 parameters for any available active web server connected to the internet which allows it to verify, inspect and check e-mail that passes through them (their massive database/s are reported to get at least 5 billion requests per day).