SoylentNews is people
SoylentNews
Robert X. Cringely points out the hidden costs of running corporate IT over the public internet:
How cheap is IT, really, if it compromises customer data? Not cheap at all. Last year’s Target hack alone cost the company more than $1 billion, estimated Forrester Research. The comparably-sized Home Depot hack will probably cost about the same. JP Morgan Chase is likely to face even higher costs.
He wonders why companies aren't shifting to dedicated networks, like they used to make with leased lines.
Taking a bank or retail network back to circa 1989 would go a long way toward ending the current rash of data breaches. It would be expensive, sure, but not as expensive as losing all the money that Target and others have recently done.
Is this practical? If so, how would it be accomplished with modern equipment?
(Score: 2) by MrGuy on Friday October 10 2014, @05:08PM
...the Target breach (one of the two examples given).
In Target, the attackers got access via an environmental monitoring system - they had a service to remotely manage/make recommendations on power/HVAC to some Target stories. Amazingly, those servers were on the same network (with no isolation) from all the POS machines doing actual credit card processing, which is how the attackers were able to compromise the credit card processing.
If Target had designed their network remotely sanely, this service (that admittedly needed internet access) would have been walled off from the network customer transactions happened on. It was not.
Lease lines, by the way, wouldn't have helped Target a whit. They could have had dedicated leased lines between the POS systems and the credit card processors, and it wouldn't have helped them. It's not like they were using a VPN and the attackers compromised the VPN (which is the ONLY attack vector I can see that would have been thwarted by dedicated leased lines). The problem was their INTERNAL network was a mess.