As an outsource security partner BAI provides managed security, managed firewall, managed ids, content filtering, internet security, network security, penetration testing, and vulnerability testing.

managed ids, content filtering, outsource security, vulnerability testing, internet security, managed intrusion detection, managed firewall, security audit, penetration testing, network security, information security, managed security, Firewall Notification, Voice Over IP, Fixed Costs, Security, Auditing, Reporting, Policy, Monitoring, Networks, Protection

  BAI Security works with internal IT teams to provide firewall and IDS management, content filtering, custom threat alerts, Internet and network security and penetration and vulnerability testing.BAI Security works with internal IT teams to provide firewall and IDS management, content filtering, custom threat alerts, Internet and network security and penetration and vulnerability testing.  
  ServicesAbout UsPartnersNewsContact  
   
 
 
Articles & Press Releases

TD Ameritrade Breach is a Warning to All Financial Institutions
Untitled 1

The announcement by online brokerage TD Ameritrade that a database was breached reinforces an important lesson to other financial institutions:  You don’t know who is or is trying to access your systems unless you’re actively monitoring them!

On Sept. 14, Ameritrade went public with the news that it had “discovered and eliminated unauthorized code from its systems that allowed access to an internal database”.

For financial institutions (and all other companies), this breach should be a wakeup call that installing firewalls and Intrusion Protection Systems without vigilant monitoring is not sufficient enough to stop would be intruders.  Do you know in real-time if malicious individuals are probing for your systems for vulnerabilities, sending social engineering attacks to your personnel via email, employees are unknowingly browsing bogus Phishing sites setup by hackers or uploading your data offsite?  Many organizations simply archive the log data from these and other security devices for future forensic purposes or random spot checks of activity, while weeks or months of unauthorized access occurs without your knowledge! 

There are similarities to the Ameritrade and TJX (in January 2007 TJX revealed that hackers took account numbers of more than 45 million credit and debit cards from its databases), and financial institutions should learn from these breaches to better prepare themselves for a data breach.

In both cases, there were insufficient controls and monitoring in place to detect data breaches were happening. When you don’t have enough monitoring and logging, the longer it exists, the longer the criminal has to steal information.  Monitoring all communications is one point at which to start. You need to know what’s happening on your web servers, email servers, Instant Messaging, Peer-to-Peer File Transfer Programs, employee web browsing activity, virus activity, Spyware/Malware, and even malicious SPAM traffic. Don’t forget – it’s not just what’s coming in, but what’s going out that should be scrutinized.

Precautions to Take

The most successful companies at blocking malicious activity correlate data from all the above systems to assess the security posture of their environments.  Using proactive Monitoring of Unified Threat Management devices that monitor all of these systems provides the best incite as to what is happening within your organization; both authorized and non-authorized.

Further, look into operational controls you have in place.  How aware are your personnel on securing information appropriately? Incorporate safeguards and security activities within the employees’ individual job activities.  You can create job descriptions and list these safeguards and practices as part of each employee’s job, so that you don’t have someone absent-mindedly sending off information containing personally identifiable information in an email that gets forwarded or gets shared inappropriately.  Ideally, having monitoring systems in place that flag alerts when confidential information leaves an organization can be an effective way of minimizing the severity and duration of such a breach.

Is Your Organization Next?

For those smaller institutions out there reassuring themselves that they can’t possibly be a data breach victim - think again.  Is anyone a target?  The answer is a resounding “yes”.  As a business person, you’re not looking at it from a criminal’s perspective.  You may be surprised to know what they think is valuable.  Many smaller firms and institutions are targeted by hackers, mainly because those companies don’t have the security perimeter built up as larger companies do and they simply are not actively monitoring the security events on their networks.  You may not be a major bank, but a smaller bank, or a tiny loan servicer -- you’re still a target. 

It your Reputation!

And what will be the long-term reaction of the Ameritrade customers whose email addresses were stolen?  The loss to Ameritrade’s reputation can’t be measured yet, but you can look to the amount that must be spent on credit monitoring services for the affected customers.  It is very hard to quantify the real cost of a breach such as this, but I think we’ll have a strong clue when next year’s TJX cost reports come out.  In the mean time, don't wait to see who is next; it might be your organization!

  

Find out how the professionals at BAI Security can help you secure your business. Contact Us Today »

 

Sign up Now!
 
 

    © 1995-2010BAI Security Inc. All Rights Reserved. Privacy Policy | Sitemap