Bangalore: Securing the Enterprise is on high priority for most of the Chief Security Officers (CSOs) around the globe, a multilevel security approach can help safeguard the enterprise and minimize the risk of potential security breaches.

Cisco’s Vice President and Chief Security Officer John N. Stewart recently in an interview discussed in-depth about the state of enterprise security. He spoke about the most troubling threats facing enterprises today, and about how companies can protect themselves by deploying what he calls "composite security."

Jerome Becquart, Vice President and General Manager, ActivIdentity in one of his interview says that “The perception that organizations are untouchable and security cannot be breached is something of the past. In the first five months of 2011, we saw 178 million to 218 million user accounts, e-mail addresses, token seed files or records stolen from companies that were breached. In the wake of recent high-level security breaches, CSOs must be ready to answer the tough questions CEOs are asking about their organizations’ security preparedness. As threats become more sophisticated and frequent, security measures such as perimeter defense and traditional OTP no longer offer sufficient protection. By implementing a multi-layered approach with a combination of smart cards and advanced OTP tokens, the security organization can validate and authenticate users' access to resources, providing a trusted environment for users.” As per the article in actividentity.com

Why are enterprises more vulnerable today? Where are these vulnerabilities? 

Traditional security methods such as static passwords and authentication at the perimeter are almost obsolete for protecting employee credentials and enterprise data. Restricting employee Internet access has proven impractical, because it interferes with daily business operations. As the value of customer assets increases, so does the value of getting into these assets. Hackers are using social networks to breach the system, assuming employee identities. Once they have penetrated the IT network, hackers can easily access sensitive IT resources and valuable corporate information.

How can companies have security solution?

Becquart says that the enterprises must create an environment in which employees can establish trust in the identity of anyone accessing resources, particularly sensitive information. Further he explains that the CSOs have to be sure and confident enough about the steps they have taken to protect the network and resources. The CSOs also need to implement an enterprise identity assurance solution that validates users’ identities, authenticates their credentials and provides access based on these credentials.

Enterprises need to make sure the security environment does not have an impact on daily business activities and that they educate employees and keep them informed.