Ideas, inventions, copyrights, products, plans -- companies both small and large live and die by their ability to create and maintain their
intellectual property (IP). Meanwhile, cyberthieves are using their creativity to find new ways to infiltrate companies and steal their best ideas and trade secrets.

“Attacks against companies to gain IP equals huge and untold amounts of damage,” says Chris Squier, technology solutions engineer at Ingram Micro in Santa Ana, Calif. “Cyberthieves are getting more sophisticated, and we are seeing targeted attacks. And small and midsize businesses are even more at risk than bigger companies.”

No Safety
Over the past two years, data leaks have compromised more than 150 million personal data records, according to the Privacy Rights
Clearinghouse. Meanwhile, a security breach can cost anywhere between $90 and $305 per record, so that a single, significant breach
may cost a company millions or even billions of dollars, according to an April 2007 report, Calculating the Cost of a Security Breach, from
analyst firm Forrester Research in Cambridge, Mass.

Webroot Software, Boulder, Colo., in its State of Internet Security Report, found that 43 percent of companies surveyed worldwide have
suffered a business disruption due to malware. The Federal Bureau of Investigation has moved cybercrime to its No. 3 priority behind
counterterrorism and counterintelligence, the report says. Webroot, using its Phileas automated spyware research system, has discovered that 1.7 percent (4.2 million) of 250 million URLs around the world
harbor malware.

Learning Safety
Smart planning and strategic use of IT resources can mean the difference between creating a stronghold for corporate intellectual
resources and leaving the back door open to tragedy. First and foremost, companies need to teach their employees about the threat of cybercrime against the company -- both what to look for and how to avoid problems. “The best defense is always education,” says Squier. “It’s important that companies teach their people what a fraud or a scam looks like.”

The World War II slogan, “Loose lips sink ships,” holds true even today. Often, cyberthieves play on people’s helpfulness and professionalism to get the information they want. “They do it through active social
engineering,” says Squier. “They persuade someone that they are a potential client, get the person comfortable and start asking for
information.”

A good first step is a clear, and widely disseminated, security policy.“There needs to be a clear policy that everyone signs off on,” says Squier. “And there needs to be a clear understanding about what happens if someone breaks the policy.”

The key to creating a strong policy lies in clarity and succinctness. “It’s important to have a clear definition that defines levels of data
classification in your organization,” says Squier. “There are several methods for doing that, but one common way is to delineate levels that
include sensitive, private and confidential. Use those to clearly define what each means and lay out what types of information fall into each
category.”

Technology also helps companies put teeth into their security policies. In June, Websense introduced its Websense Content Protection Suite v.6, which integrates information leak-prevention capabilities with Web categorization and filtering to provide organizations with information protection. The solution allows automated enforcement of who has access to what information, how the information can be used and where it can be sent. The Content Protection Suite is aware of both content
and context through Websense’s URL database and ThreatSeeker’s malicious-content classification technology, which allow organizations to enforce their policies.

In addition, employees should be encouraged to consult with colleagues before releasing potentially sensitive information to anyone, says Squier. Also, the employees’ “street smarts” and basic logic can help identify
what might be potentially important information.

“If information is openly available on the Web site, it’s safe to talk about, but if someone asks for account information or is looking for specific information that might be useful to the competition, that’s something that needs to stay close to the vest,” says Squier. “If your gut tells you the conversation is going outside of your comfort zone, you should stop. At those times, defer to human resources or to a corporate spokesperson.”

Multilayer Security Rules
From a technology perspective, a layered approach to security is any company’s best bet. Phishing e-mails containing Trojans that record
keystrokes to harvest information are a common ploy for getting data.“They make it look as much as possible like a business-related e-mail from a potential client or partner,” says Squier. “We’ve seen that for
many years, but now cyberthieves are being more conscious about it and are targeting specific companies and information.”

To safeguard their information from these threats, businesses should invest in content filtering, antispam and antimalware at the gateway.“We recommend solutions that provide unified threat management (UTM) with some intelligence,” says Squier. “These products have
enough intelligence to understand the context of attachments, block the content and call administration.”

WatchGuard’s Firebox X Core and Peak security appliances, for example, offer complete UTM solutions including antivirus, antispyware,
antispam, intrusion prevention and URL filtering. Firebox X Core appliances are designed for organizations with 50 to 750 users and are priced starting at $1,459, while the Firebox X Peak appliances can support 500 to 2000 users and start at $1,999.

Comprehensive protection at the desktop and server level should include antivirus with antimalware and intrusion prevention capabilities.“Most corporate solutions offer an intrusion prevention add-on that is only a dollar per node and flags traffic that seems suspect,” says Squier.

Antivirus programs provide protection from a variety of threats. Symantec AntiVirus automatically removes viruses, worms, Trojan
horses, spyware and adware; it also scans e-mail messages and attachments. It protects itself against malicious code that tries to disable antivirus software and repairs changes made by viruses and spyware. Administrators can do centralized configurations and customize policies to meet their business’s needs.

Centralize Security Control
Organizations should look for solutions that can be centralized and controlled from a single server so that policies can be changed, says
Squier. “Central management consoles provide the unique ability to block anyone logging on who is not up to snuff,” says Squier. In June, McAfee started shipping its McAfee ePolicy Orchestrator 4.0 (ePOTM), which provides the ability to manage multiple security and
compliance applications and suites and delivers real-time information and application integration for network, PC and server security. The solution gives IT administrators control over their security policies via a Web-based console.

Security for corporate road warriors is another concern. “If a mobile device can handle attachments, it’s important to have a solution on a centralized server that does scanning,” says Squier.

Recently, RSA announced that its RSA SecurID two-factor authentication technology was extended to support the Java Platform,
Micro Edition (Java ME platform) and will soon support Windows Mobile platforms. With these improvements, Smart phones can be rovisioned
with an RSA SecurID Software Token to allow them to securely access the network.

Network intrusion detection devices provide a final layer of protection.“These devices help protect machines from any anomalies in normal
day-to-day traffic,” says Squier. “The devices look at overall network traffic and its behavior from the gateway or desktop, identify when things aren’t what they should be and start ramping that activity or traffic down.”

The Juniper Networks Intrusion Detection and Prevention products (Juniper Networks IDP), for example, provide zero day protection against worms, Trojans, spyware, keyloggers and other malware at the network and application level before they inflict damage. These products
also provide information on rogue servers and applications that may have been unknowingly added to the network and let administrators see into specific applications and assets on the network.

Finally, when writing in-house applications, businesses should make sure that their own code is clean and doesn’t leave the doors open to their corporate data. “Businesses need to make sure coders have security in mind when they write code and that they clean out any
statements in the code that say what they do,” says Squier. “A sophisticated hacker can pull down HTML, view the source and know
what it does -- and then create an exploit for it.”

Good policy, good technology and vigilance combine to allow companies to keep their intellectual property safe and secure.