NY CU Looks To Outside Help For Outside Threats

Register now

When the SQL Slammer "worm" hit and then choked the Internet one weekend in January, TEG Federal Credit Union's network got quite a thumping. The $100-million CU was also a Code Red target last year.

But the worms failed to infect the CU's network, said Joan Zazzaro, information technology manager at the 22,000- member CU, which serves three New York counties.

Zazzaro credits the CU's good fortune in part to an intrusion prevention service, iSensor, which it has used since summer 2001. The managed service is provided by Atlanta, GA-based SecureWorks.

Depending on network configuration, the services will cost a CU from $7,500 to $50,000 upfront. And for Zazzaro, spending the cash on intrusion prevention is a necessity.

No CU Is Small On The Internet

"Once you're on the Internet, you're not a small CU anymore," Zazzaro said. "You think you're anonymous and no one is out there to get you, but you're worldwide. We get traffic from anywhere from Asia to Kuwait. And unless you're a 24-hour shop, you're going to need something watching your Internet."

CUs online without intrusion prevention and e-mail information security policy can be "like a train wreck waiting to happen," she added. Before iSensor, "I can honestly say that I think we were hacked."

Indeed, Forrester Research recently recommended that administrators go further than applying patches, for example- intrusion detection software should be part of a CU's suit of armor.

iSensor sits between the CU's network and the Internet, blocking and reporting data packets identified as malicious by the SecureWorks database.

SecureWorks e-mails Zazzaro with the IP address and other identification from any malicious events. The e-mail reports a threat level as well.

"We actually called one address that included a phone number," Zazzaro continued. Though the person wasn't a criminal hacker, Zazzaro asked him to stop scanning the CU's network.

Intrusion prevention is just part of Zazzaro's approach to information security. "Intrusion prevention by itself won't protect you," she said.

TEG FCU implements e-mail policies that "keep our people working safely" in addition to running firewalls and e- mail virus protection software, called Antigen from East Northport, NY-based Sybari Software, Inc.

"Antigen sits on our e-mail server and allows me to filter anything with certain file extensions," Zazzaro explained. "Once SecureWorks has an attack signature, I can block it on e-mails with Antigen."

People: The Last Line Of Defense

Then, of course, there are the organization's people. And educated employees can assist in creating a more secure environment.

But Zazzaro can't rely just on educated employees. "Your last line of defense is your people. "The first line has to be a lot quicker."

For a long time, Zazzaro wasn't convinced that intrusion prevention was at all necessary for the credit union. "I thought our firewalls were doing the job just fine, even though I couldn't verify that," she said.

iSensor is the CU's watchdog that, at times, never seems to stop barking. "iSensor is going to make you constantly aware that you're always going to have to deal with security," Zazzaro said.

For reprint and licensing requests for this article, click here.