And we think we can stop them with an inanimate pile of clothes stuffed with hay!
Of course, there's a lesson to be learned for information security practicioners. Your company's employees and system adminstrators will learn and adapt. They can see the scarecrow that you've put in place to ensure security. And they figure out how work around it.
Security company RSA in their Oct. 2008 survey reported that:
53% [of employees] have felt the need to work around IT security policies in order to get their work done.Those are well-meaning employees just trying to do their best for the company.
A recent NetworkWorld article titled Inside a data leak audit provides a real-world example. It describes an organization that was seemingly doing everything right with regard to information security. But, a thorough audit revealed 11,000 potential leaks in two weeks. All the scarecrows you could imagine were hanging on posts all across the organization. They weren't enough.
Preventative security doesn't always get the job done. Many organizations would benefit from real-time audit and monitoring solutions. In addition to after-the-fact forensic and audit trail benefits, active monitoring can be a powerful deterrent and even enable real-time remediation.