As Digital Transformation Accelerates, The Risk of Theft of IP Grows
By: Mohie Ahmed
Over the past two decades, with the rise of the Internet and the growth of cloud services, enterprises, and organizations, including government agencies, have transformed the way they do business and serve their constituents. Nearly everything can be found online today, and content being shared on the most secure private networks has been compromised through cyberattacks, including those initiated by insiders.
While identity theft and ransomware attacks continue to challenge organizations given the financial gains bad actors can benefit from, the cost of the theft of Intellectual Property (IP) has huge consequences when it comes to everything from business strategies, transactions underway at publicly traded companies, and more.
Businesses and government agencies spend billions of dollars developing their plans, products, and platforms and do their best to protect them by filing patents while also marking documents confidential, sensitive, and top secret. Their employees are trained to handle sensitive information carefully, to share only on a “need to know” basis and to make sure their devices and applications are secured at every endpoint.
With all these measures in place, including strict policies and training, the theft of IP is on the rise, driving demand for tracking and control, especially in highly regulated fields.
Given the reality of globalization and the determination of nations to compete for economic advantages and financial strength, the management of IP is more important and necessary than ever. Given our technological and information revolution, especially with emerging technologies including artificial intelligence, IP protection needs to be raised to a higher level, including the growing threats to national security.
Government agencies around the world are issuing guidance on these threats – with recommendations regarding the use of software to detect attacks and protect IP by applying access privileges and tracking how the storage and sharing of IP documents and databases are being accessed – by whom, from where, on which device, at what time of day, and more.
The shift to remote work in response to the COVID-19 pandemic only worsened the IP theft trend, from reports of state actors attempting to steal pharmaceutical secrets associated with the development of vaccines and therapeutics to organized cybercriminal rings quickly identifying the gaps in security, enabling them to attack directly or lure insiders with credentials to cooperate with them in the chaos.
A Bitglass research study, covering thousands of companies worldwide, found the following:
- While 73% of enterprises believe that cloud applications are as secure or more secure than on-premises apps, 63% are concerned with data privacy and confidentiality in the cloud—an indication that while the public cloud is considered safe, organizations struggle with using it securely.
- 73% of security budgets are decreasing or staying flat over the next year, while organizations are being tasked to do more with less, demonstrating the necessity to implement cost-effective security that can secure the immeasurable number of cloud interactions.
- 50% of organizations lack visibility into messaging and file-sharing apps, providing a prime opportunity for data leakage, and 30% of organizations have no visibility or control for mobile enterprise messaging, while only 9% have security tools in place for detecting malware.
- 72% of organizations cite malware as a top concern with employees working from home, while 59% believe unauthorized or excessive access privileges are the most concerning threat vector.
How can organizations address these growing threats and attack vectors? Foundational is the implementation of Privileged Access Management technology, which addresses the increasingly complex risks in a multi-cloud world, where data is being shared at unprecedented rates, and where the physical security perimeter associated with “on-premise” working is blurring, and employees, customers, and partners are using unsecured collaboration and document sharing platforms.
In an organization, privileged users have access to IT and network infrastructure for operation and administration purposes or have access to sensitive information or assets, including customer records, employees’ payroll financial records, and company strategies, plans, and IP documents and data.
Privileged users include:
- System, database, and application administrators who have continuous and unrestricted access to a broad range of assets
- Help desk agents who have restricted access to a broad range of assets
- Business Application (e.g., ERM, Salesforce) users or users of an organization’s social media (e.g., LinkedIn, Twitter) accounts
- Nonemployees, such as vendor support, consultants, contractors
It is impossible to govern these teams and all employees who deal with confidential and sensitive information without software automation, which is why we built and continue to develop the Ironsphere platform.
Our approach is modern, flexible, and straightforward to implement and scale.
Instead of limiting the use of specific remote access applications, Ironsphere’s platform allows users to continue using their favorite apps, such as MSTSC, secureCRT, Toad, or FileZilla, from their own computers, without having to adjust their daily routines.
Single source of truth
Most solutions create an internal shadow copy of users and assets and attempt to keep them in sync with the enterprise directory services and asset inventory applications. Ironsphere’s solution continuously discovers assets and user updates through the enterprise’s applications, therefore eliminating synchronization errors.
Most solutions display all the system and infrastructure information to users, sometimes storing it on the user’s computer. Ironsphere selectively displays the information the users are authorized to access and does not store any enterprise infrastructure data on the user’s computer.
Widest support range for protocols
Ironsphere not only manages who can access which system, under what restrictions, but also tracks in-session activities and stops attacks and misuse, including DB and web sessions.
The theft of IP not only benefits competitors and adversaries but can even destroy businesses and agencies if not managed carefully, if not fully protected, and if not fully auditable. As the world continues to address the many economic and health crises 2020 brought to the forefront, it has never been more important to protect all we connect, and software innovation makes it possible to continue “digital transformation” while avoiding the risks through comprehensive security programs, policies and software-driven governance.
Depending on the nature of their work, IT superusers have or need root access to be efficient and productive. Creating a team of superusers makes sense, especially for large organizations, with thousands of servers under management. With a well-managed sysadmin team, their work can be streamlined, and mistakes can be reduced when the team shares the same root accounts on all servers.
Weak passwords have long been the Achilles heel of IT teams, and despite all the best intentions, corporate policies, education, and workarounds, passwords aren’t going away any time soon. There is some buzz around password-less access, but there are good arguments to suggest that passwords should play a fundamental role in authenticating access.
The debate on centralized vs. decentralized IT has been going on for decades, and there are solid arguments for both choices. The rise of the cloud changed everything, and today “shadow IT” continues to challenge CIOs and CISOs who are charged with protecting the assets of their organizations while also not restricting the number of productivity tools available which employees and contractors continue to find and use rather than using “official” applications.