The good news/bad news about this is that according to Verizon Business' "2009 Data Breach Investigations Report (pdf)" 32% of the data breaches implicated a business partner. The good news is that breaches linked to business partners fell for the first time in years (-7%) but it was still 3rd on the list (behind External Sources and Multiple Parties). They conclude that the decline wasn’t due to any additional security focus (in fact, the majority was due to lax security practices at the connection level from the third-party) in that particular area but a change in what criminals were going after. In 2008, the Food/Beverage industry had a high percentage (70%) of breaches attributed to partners and in 2009, the bad-guys decided to go after higher payouts – like financial institutions. Only (with a grain of salt) 1,509,000 records were compromised by partners compared to 266,788,000 by external sources based on the report. Usually it was the third-party systems that were compromised and the attacker used the trusted connection to make inroads to the target. Since it’s coming from a ‘trusted’ authorized connection, these are difficult to detect and stop.
Exchanging information is critical to this extended ecosystem and some level of trust is inherent. But you can’t necessarily expect that your security policies will be consistently enforced on a separate network. It’s important to look at these deployments, consider your visibility/accountability for those partner connections and create policies that enable, benefit and secure both ends.
- #14 out of 26 Short Topics about Security
- previous stories: 13.5, 13, 12, 11, 10, 9, 8, 7, 6, 5, 4, 3, 2, 1