Back

Kazan Business Learns More How to Prevent Insider Threats to Corporate Information

Collaborative roundtable meeting of ICL-KME CS and Citrix, that took place last Tuesday, generated a discussion about how to protect corporate information resources from computer virus attacks and insider fraud. Questions put by the representatives of thirty Kazan businesses and banks showed that for most of them ‘the absolute evil’ lies within social and file-sharing networks. Experts speaking at the roundtable forum were of the opinion that internal/insider threats should be deemed as the first and foremost thing to beware of.

Malware Is Not the Most Dangerous Thing

Incoming era of tablets, netbooks and smartphones has brought an unprecedented freedom. Now lots of specialists do not have to spend the whole day in office to perform their duties. According to SuperJob portal, more than thirty large corporations in Russia have off-site employees. At the same time, information about ‘virtual’ workers is rather contradictory. According to different sources, their number varies between 20 thousand and 300 thousand and constantly increases. There is a statistics that their performance rate is 15—30 percent higher because they work in more comfortable surroundings and do not waste time being stuck in traffic jams or talking with clerical staff.

On second thoughts, mobile devices with Internet access capabilities have made it easier not only for freelancers but for on-site employees as well. It’s not a secret that managers have to spend much time on business trips, and anytime social media access enables their communication with their companies and making decisions online.

However, along with numerous advantages there is the significant disadvantage — the Internet is not safe. It was specially mentioned by Roman Vekshin (expert at System Technologies, ICL-KME CS) at the roundtable forum held at Kazan Grand Hotel yesterday. Not only one can let malware infect a local network but violate license law. A novice user is likely to download pirated software, and in case it is found out the employer will have big problems.

Some attendees of the roundtable told the audience that their companies unsheathe the sword after spending time on social networking sites, since it distracts the staff from work and opens the door to data theft and viruses. Roman Vekshin however said that “malicious code is not the most dangerous thing even though the defensive measures do not keep pace with latest intrusion techniques”.

Major Rows Are Connected With Insiders

The main danger is associated with corporate insiders when employees of a company have shared confidential price-sensitive information with competitors or just with third parties. “Major rows of recent times caused by the leakage of personal data were connected with insider fraud,” said Vekshin. Since open communication via the Internet facilitates that, it’s worth taking preventive measures in advance to give no way to ‘Kazan WikiLeaks’.

“There are several types of decisions that can be made by companies. For example, network is divided into two in a way that a user must have two PC workstations instead of one. But it’s a cost intensive approach,” said Roman Vekshin.

In his opinion, the way out could be the solution developed by ICL-KME CS—PAK DVI, an integrated software and hardware solution for Internet access, built so that all necessary processes to access the Internet occur on the terminal server. To that effect, servers responsible for maintaining and configuring web site access are placed outside of the local area network in the so-called demilitarized zone (DMZ).

“User’s web browser initiates a session on the terminal server by transmitting signals from the mouse and keyboard and receiving screenshots onto the user’s workstation. This provides full imitation of direct access to the Internet though no data from the web can get into the internal network of an organization but left in the DMZ,” he explained the principle of operation based on Citrix terminal products. “All this allows to completely protect workstations against malicious codes and to prevent leaks of confidential information.”

Cost Prevents Criminals from Busy Work with Decryption

Sergey Khalyapin, Team Leader, Systems Engineers at Citrix Systems Russia, kept the audience informed on some particular Citrix offerings. For instance, Citrix XenDesktop is a desktop virtualization solution that transforms Windows desktops into an on-demand service available to a user anywhere, on any device—PCs, Macs, tablets, smart phones, laptops and thin clients. Anyway, virtual desktops and applications will be delivered securely.

XenApp enables any Windows application to be virtualized, centralized, and managed in the datacenter and instantly delivered as a service to users anywhere on any device. “Over 100 million users all over the world use this solution,” said Khalyapin. “Sometimes it reduces costs of application management by 50 percent, and at the same time increases IT systems response rate and data security.”

XenClient is as much interesting, from his point of view. The gist of it is that it lets you run multiple virtual desktops on a single laptop. “User data centrally backed up through the secure connection and the possibility to restore a user’s virtual desktop on any XenClient based laptop without outside help enables reducing downtime and the maintenance burden on IT,” explained Sergei Khalyapin. “Just imagine if your laptop is broken, let us say you have spilled coffee on it. Or it was stolen, which is even worse. Work is stalled. With XenClient laptop users can save the situation suffering the least damage.”

As for networking solutions, Access Gateway, for instance, is a secure application access solution that provides administrators granular application-level control while empowering users with remote access from anywhere. “While corporate resources are accessed through overt channels, there is a risk to be trespassed. Evil-doers can not only steal confidential data, but alter it at their own discretion and send to a target destination. No need to explain what it may lead to when it concerns business. Access Gateway protects data by encrypting network and application traffic, and though data stealing is still possible it is unlikely that cyber criminals will be able to make use of it. By random chance the cryptosystem can be broken, but it will take so much time and resources that it does not make economic sense,” informed Sergey Khalyapin.

Citrix NetScaler makes apps and cloud-based services run five times better by offloading app and database servers, accelerating app and service performance, and integrating security. Citrix solutions genuinely make users life easier. They manage servers and services on those servers, because, you know, it may happen that a server is in operation but the services do not work. By the way, if one of the servers goes down, users will be redirected to a separate server and will therefore not have any negative effect on work quality. Sergey Khalyapin mentioned some figures illustrating the role Citrix plays in IT world. Citrix networking, virtualization, and cloud solutions provide over 100 million corporate touch and desktops approximately around 75 percent of Internet users each day.

Comments

About Citrix Systems, Inc.

Citrix Systems, Inc. provides server and desktop virtualization, networking and cloud computing technologies, helps organizations to deliver a virtual workplace to users everywhere. The corporation was founded in 1989 in the USA. Currently Citrix services more than 230,000 organizations worldwide. Citrix partners with over 10,000 companies in 100 countries. Citrix has been working in Russia since 2004. Among its partners is ICL-KME CS. Citrix annual revenue in 2010 was over $1.87 billion.