The cost to recover from a security breach can be staggering. In fact, a 2013 report from Symantec shows that the average organizational cost of a security breach in the United States is more than $5.4 million.
For financial institutions, including credit unions, the cost can be even higher. By February 2014, credit unions had already incurred costs of $30.6 million as a result of the Target stores data breach.
Clearly, given these grave financial consequences, a strategy for network security is key. Yes, it's important to keep threats from getting in, but the number one priority for a financial institution is keeping sensitive member information from going out. An intrusion prevention device or system helps provide this added protection.
Recommended For You
Simply put, an intrusion prevention system is a device or software application that monitors network or system activities for malicious activities or policy violations. The device analyzes both inbound and outbound traffic (data packets) on the internet. When the system detects a threat, it, in most circumstances, severs the connection between the computer receiving the threat and the hacker's command-and-control computer.
Hackers are becoming increasingly sophisticated and often hide malicious information in services that look legitimate. But intrusion prevention devices look at each packet's unique signature, verifies where it originated and where it's going, determines if it's questionable, and flags it for further examination. If the packet is obviously malicious, then the intrusion prevention device deletes it.
In financial institutions, hackers are usually looking for bank account numbers, passwords or Social Security numbers that allow them to set up accounts on their own or otherwise steal the institution's money. Once located, the desired information is packaged into a payload for sending back to the hacker's command-and-control computer. An intrusion prevention device blocks the payload directly or notifies the network administrator.
Intrusion prevention systems can also blacklist (block) computers in certain countries or entire continents. In these cases, the device blocks any internet protocol address located outside the United States. This far-reaching protection capability can be particularly valuable for federal credit unions, whose networks have no need to communicate with computers outside the United States.
Executives often ask, "My network has a firewall. Isn't that enough?" Although firewalls are good at blocking known security issues, threats can also infiltrate data ports that are not necessarily deemed to be malicious by firewalls. The intrusion prevention system also analyzes packets in greater detail than a firewall. Think of a firewall as your first line of defense and the intrusion prevention device is what keeps your data even safer.
You wouldn't let a stranger enter the office, walk unaccompanied through the halls, grab a file off a desk, and walk out the door with no questions. Make sure your network is as secure as your facility. Your institution and your members will thank you.
Ted Brown is vice president of IT operations at Network Alliance Inc., a network management solutions provider. He can be reached at 703-715-4930.
© Touchpoint Markets, All Rights Reserved. Request academic re-use from www.copyright.com. All other uses, submit a request to [email protected]. For more inforrmation visit Asset & Logo Licensing.
