Is email encryption the future of IT security?
By Davey Winder in Editorial
A global market survey conducted by Astaro Corporation has suggested that more than 65 percent of IT department will be investing additional security funding into WLAN security, vulnerability scanning and web application firewalling during the next fiscal year.
The survey included 2800 IT pros from industries as diverse as manufacturing and healthcare, education and financial services. 100 percent of those surveyed relied on firewalls for the first line of defence when it comes to external attack, no great surprise there then. Antivirus and Antispam on 91.5 and 90 percent respectively, were listed as the next most used security technologies with VPN products on 81 percent and Intrusion Protection Systems on 74 percent following fairly close behind. I’m not convinced that Antispam is actually an IT security product, despite spam being a transport mechanism for threats. However, that’s perhaps an argument for another blog posting.
70 percent of the survey respondents were rightly concerned with preventing unauthorised users from accessing the corporate network or confidential data, slightly more (72 percent) concluded that keeping an overview of possible security weak points will be the biggest challenge for IT departments over the next five years. But it looks like email encryption could be the big surprise as far as the IT security market is concerned, with 22 percent already using it and 67 percent worried about preventing the leakage of company data.
“Today companies are finding that they can’t rely on the basic network security they had in place just a few years ago” says Jan Hichert, CEO at Astaro. “Network administrators are continuously faced with the task of updating and adding layers of protection in order to keep their networks secure against the latest threats.”
Amen to that, and if the survey has revealed a trend for the greater use of email encryption then network admins should be happy enough as it will reduce the workload when it comes to keeping company data out of trouble.
Not yet rated
Loading ...
Time to forget technology and focus on information
By Davey Winder in Editorial
Posted in Uncategorized on
Gartner is predicting that organisations which do not start approaching information management in a coordinated, enterprise manner, will ultimately fail in either their first or second year, and at a rate of more than 90 per cent.
Not yet rated
Loading ...
Virgin on the ridiculous
By Davey Winder in Editorial
Posted in Wireless, Internet on
There is no denying that Richard Branson is a business genius, you don’t make a billion without getting something right after all, but he is a fool in equal measure. Pretty much every press launch I have been to Branson has ensured the focus of media attention is on him and some silly stunt, be that hanging from a crane in a spacesuit or jumping off a tall building and doing himself no favours in the family jewels department. Occasionally, it seems to me, the tomfoolery crosses over from the PR side of things and encroaches on business territory. It is the only explanation I can think of when I have had the misfortune to travel on a (late as usual) Virgin train. It is also the only reason I can think of that he entered into that war of words with Sky TV, a war that was truly verging on the ridiculous and which every outsider I spoke to agreed he could never win.
So it has come as no real surprise to discover that Virgin Media is apparently struggling to compete in the digital TV arena, and has all but conceded defeat by moving focus away from pay TV households to those looking for bigger, faster, fatter broadband instead.
According to Michael Phillips, product director at BroadbandChoices cable provides the potential for truly high speed connections, which is why Virgin Media is currently testing a 50Mbps service. Even here, the fool card gets played once you look beyond the bearded man in a jumpsuit attached to a giant firework rocket with 50Mb stamped on the side launching into the atmosphere (OK, I admit I am only guessing that this is how Branson will launch the service) and start to consider the impact of traffic shaping on the end user speed. “Virgin Media announced its traffic shaping policy earlier this year, and even on the top 20Mb package, customers could find themselves throttled to only 5Mb during peak hours - when obviously, people are most likely to be using the Internet” Phillips told me. “In a market where broadband speeds are advertised as ‘up to’ because of the unreliability of speeds and technology, cable has proven to be more reliable than ADSL. Our own Speed Tester results - taken from over 100,000 speed tests last month - show that cable customers enjoyed an average of 47.5 per cent of their promised speeds, compared to an average of 37.7 per cent for ADSL customers. Virgin Media is looking to regain some of the 40,000 customers that defected after Sky pulled its basic channels, with applications that need much faster broadband. Few other providers can offer the type of speeds needed for high-definition video-on-demand and home surveillance but using these applications could see customers’ speeds throttled and there is little point in a 50Mb connection that is cut each time you use it.”
Phillips argues that the Broadband XL package at 20Mb has a peak-hour allowance of 3GB which could be exceeded after only 20 minutes if the connection was running at top speed. After this time, the connection would be limited to 5Mb for the next four hours. Virgin Media has said that this policy would only affect the top five per cent of downloaders. Fair enough, apart from the fact that by marketing itself as a super-fast broadband provider it is encouraging people to act in just this way - otherwise why bother with such a fat pipe?
Not yet rated
Loading ...
European at work Internet usage revealed
By Davey Winder in Editorial
Posted in Internet on
The Online Publishers Association (Europe) has today announced the results of its study of media consumption amongst the ‘At Work’ audience and it reveals that daytime on the Internet is still primetime media. Indeed, it suggests that if you are looking to reach a highly educated, affluent consumer base then the Net it the place that advertiser need to be. Since the last survey, in 2004, the main thing to change has been the reduction in time spent watching TV and the increase in Internet usage. This has flowed out of the workplace and created a second usage peak during the evening.
The most popular types of Internet sites, according to the OPA, are news and information sites as far as European workers are concerned. In fact, visiting news and information sites is the number one reason European ‘At Work’ users access the Internet. Which is good news for us here at IT Pro, as it suggests we are not talking to ourselves after all. Are we? Hello
Not yet rated
Loading ...
YASS (Yet Another Security Standard)
By Davey Winder in Editorial
Posted in Security on
News has just reached me that the Information Security Forum (ISF) has just launched the 2007 version of its international Standard of Good Practise for Information Security to help companies implement good practise in information security and mitigate information risks.
As someone who earns at least part of his living writing about security best practise, I am all in favour of anything that can help companies get it right in the face of increasingly complex legislative and corporate governance requirements. I am also all too well aware that it can be something of a deep pockets minefield with organisations charging an arm, leg and three quarters of your bottom just to get your hands on their ’standard’ documentation. Which is why I was pleased to see that the ISF has made its Standard of Good Practise documentation freely available for download.
Kim Aarenstrup, Chairman of the ISF and Group Head of Information Security at the A.P. Moller - Maersk Group explains that “our aim is to raise awareness of information security and improve policies, standards and procedures; and to help organisations undertake risk analysis, develop best practise controls and measure their effectiveness.”
Cool. We can all applaud that then.
The ISF standard draws on the practical experiences of over 300 leading international organisations including many of the Fortune 100 companies, and reflects the latest thinking on information security through workshops, face-to-face meetings and interviews, as well as the results of the ISF’s in-depth research and its comprehensive information security benchmarking tool - the Information Security Status Survey. It also has the benefit of a decade of previous versions bringing a certain maturity to the table which is essential when talking about best practise in any field, but doubly so with security.
Split into six key areas, the Standard provides key objectives and a clear overview of the practical measures and activities that need to be carried out to keep information risks under control. The key areas being:
security management
critical business applications
computer installations
networks
systems development
end user environment
But why should you bother, especially if you are already up to your eyeballs in Sarbanes-Oxley, PCI/DSS and the EU Directive on Data Protection while trying to meet ISO/IEC 27002 or COBIT v4.1? Simple, because if you comply with the ISF Standard the chances are that you will find complying with everything else a damn site easier. That’s what following best practise does
Not yet rated
Loading ...
creditcards.com sells for $2.75 million
By Davey Winder in Editorial
Posted in Uncategorized on
Many years ago I sat with my head in my hands as single word, generic, domain names were selling for truly silly money at the height of the dotcom boom. Mainly because I had the opportunity many years before to register pretty much any domain name I fancied and simply did not grasp the investment potential at the time. Perhaps the most infamous of these generic domain sales would have to be business.com which sold for a whopping $7.5 million (
Not yet rated
Loading ...
The
By Davey Winder in Editorial
Fancy a PC that weighs in at less than a kilo, measures up to the sized of a box of tissues and, here comes the killer bit, costs just
Not yet rated
Loading ...
Gatecrashing the WiFi hotspot party
By Davey Winder in Editorial
I attended at flashy BT launch party held in the restaurant on the seventh floor of the Tate Modern art gallery in London last week. Peaches Geldof providing the predictably thump thump thump dance music to which nobody was dancing. There were, however, lots of people squeezed in, enjoying the full array of services on offer such as the food and drink. My colleague and I established ourselves near one group who had just returned from the bar area armed with a huge plate of food, lots of cold cuts and olive bread, sundried tomato and roasted peppers a-plenty. We sat there, waiting for our chance to pounce, and when nobody was looking pinched a little bread and a few cold cuts. Nobody seemed to notice, nor care, so we upped the ante and swiped the entire plate. Now despite sitting just a few feet away from the people whose food it was, they were oblivious to the fact that we were helping ourselves to something that belonged to them. They had erected no obstacles to make it more difficult to swipe the food, nobody stood between us and it, nobody questioned what we were doing when we moved the plate onto our table, nobody shouted at the tattooed man sharing their food without their consent to stop.
Exactly like WiFi it seems to me.
Vast numbers of users just plug in their wireless router and start playing, without fannying about with security stuff. Not just home users, the consumer oinks who know no better, but small business users at the corporate end of the WiFi stick who really should know better. Even the basics such as changing the default root access to the router itself so there is a different password, sometimes any password at all in fact, and an admin username other than root. Not doing this leaves the hardware compromised to anyone who goes and Googles for the default security information for the router in question. But the numbers of folk who do not bother implementing any kind of perimeter security to prevent passers-by, people in the next office, anyone within range from usurping the connection and making use of bandwidth they have not paid for is remarkable.
Which is why the irony that this was the launch party for a new venture between BT and FON to form the ‘world’s largest WiFi community’ did not escape me. You see the plan is that everyone on the BT Total Broadband scheme, all three million plus of them, will be able to join the share your WiFi party. By opening a secure channel on the wireless router a small part of their bandwidth will become available for use by any other member. In effect turning your home or office into a BT FON WiFi hotspot.
Great idea, and all that, but as I have pointed out one that hundreds, thousands and possibly hundreds of thousands of people are already making a reality today without even realising it.
Rated: 100% (1 votes)
Loading ...
Have you got the two factor message yet?
By Davey Winder in Editorial
Posted in Security on
According to research commissioned by RSA, 80% of all new corporate VPN installations now use two-factor protection including tokens, single use passcodes and USB keys. The fact that the message about simple passwords just not being good enough has been heard, understood and acted upon is good news. The problem is getting the same message across at the smaller end of the business market, where small to medium companies are investing in VPNs but not necessarily investing in the right levels of security.
The usual suspects of perceived cost and complexity issues when it comes to deployment and management would seem to be at the heart of the reluctance to get rid of weak passwords. Yet fully managed two-factor services are affordable and remove complexity from the equation altogether.
Not yet rated
Loading ...
Tag cloud
Archives
- June 2010
- May 2010
- April 2010
- March 2010
- February 2010
- January 2010
- December 2009
- November 2009
- October 2009
- September 2009
- August 2009
- July 2009
- June 2009
- May 2009
- April 2009
- March 2009
- February 2009
- January 2009
- December 2008
- November 2008
- October 2008
- September 2008
- August 2008
- July 2008
- June 2008
- May 2008
- April 2008
- March 2008
- February 2008
- January 2008
- December 2007
- November 2007
- October 2007
- September 2007
- August 2007
- July 2007
- June 2007
- May 2007
- April 2007
- March 2007
- February 2007
- January 2007
- December 2006
- November 2006
- October 2006
- September 2006
- August 2006
Most commented posts
- 80 percent of viruses love Windows 7
149 comments
- Has Microsoft gone mental?
- Has the US Army declared war on Windows 7?
- Cuil frozen out: market share drops to next to nothing
- Xbox 360 FAIL
- The 24GB RAM Desktop is born
- Use old version of Windows instead of Linux, says teacher
- Microsoft reveals time-based licensing model
- Windows XP: the invincible OS
- Nexus Two - The Next Generation
Highest Rated Blog Posts
- Why ecommerce fails (100%)
- Google Chrome stands alone at PWN2OWN (100%)
- Betting on Hubdub technology (100%)
- Has Google gone insane as GMail goes back to beta? (100%)
- Chinese whispers as government implicated in UK hack attacks (100%)
- Crimeware toolkit targets 10,000 trusted sites (100%)
- Black Hat risk to migrating VMs (100%)
- Tough on cyber crime, tough on the causes of cyber crime (100%)
- Firefox 3, Beta 4, Enhancements 900, Tested 5 (100%)
- Has the US Army declared war on Windows 7? (100%)
