Meet security concerns that are caused by technology convergence


Published on

Published in: Technology
  • Be the first to comment

  • Be the first to like this

No Downloads
Total views
On SlideShare
From Embeds
Number of Embeds
Embeds 0
No embeds

No notes for slide

Meet security concerns that are caused by technology convergence

  1. 1. Meet security concerns that are caused by technology convergence - 2004-01-19 - Housto... Page 1 of 2Houston Business Journal - January 19, 2004 DEPTH: TECH NOWFrom the January 16, 2004 print editionMeet security concerns that are caused by technology convergenceRichard ColeSpecial to Houston Business JournalSecurity alert! Too many times its like a car alarm blaring; for all the noise, its not given proper attention. Andthat spells trouble for technology convergence.Last February, President Bush announced a national strategy to secure Cyberspace, acknowledging theextraordinary and difficult challenge of securing both public and private information technology infrastructures.As technologies such as personal data assistants, wireless networks, instant messaging and peer-to-peer filesharing programs find their way into an enterprise, often unbeknown to IT, they can create numerous securityand management issues.However, when properly deployed throughout an enterprise, they can offer business advantages throughincreased communications, work collaboration, sales processing and customer relationship management,eventually touching all business processes.Although these technologies offer many benefits, they can create both security and legal issues for thecompany, such as the SOBIG worms and the ongoing recording industry lawsuits. When vulnerabilities areexploited, costs can rapidly become staggering, as evidenced by the FBI in its 2002 Computer Crimes Report.Of the 530 companies surveyed, only 223 companies were able to quantify their losses financially; but, forthose 223 companies, the losses totaled well over $450 million.Technology tornadoHackers have a multitude of tools readily available free from Internet resources, and the knowledge required tocause severe damage is minimal. To combat this calls for individuals capable of documenting, analyzing,developing and deploying programs/applications that prepare companies for the convergence of ever-newertechnologies used in the workplace.Companies find themselves in this technology tornado because of increased user knowledge and the ease ofdeploying many of these technologies requiring no assistance from the IT department. Computer users havebecome so computer savvy that the whole playing field has become a super-infrastructure rather than just acommunications or data transfer platform.Proactive responsesEach new technology calls for developing and implementing proactive responses, instead of reactive ones afterthe damage is done.First, companies should assess their entire network infrastructures by performing network and security audits.While this is not publicly acknowledged by the industry, the vast majority of manufactured hardware and 2/8/2004
  2. 2. Meet security concerns that are caused by technology convergence - 2004-01-19 - Housto... Page 2 of 2software contains flaws and vulnerabilities.Next, software applications should be examined to ensure that the latest updates and patches have been appliedproperly. Rogue applications including peer -to-peer file sharing, such as Kazaa, adware and spyware, are oftena major source of trouble. However, once a thorough understanding of the infrastructure and applications isobtained, remediation can begin to secure the network. Once secure, network monitoring must occur to observetraffic flow, ensuring only "legal" traffic is allowed. Excessive traffic may signal the need for furtherinvestigation to determine if the network is under attack.Best practicesFinally, all companies should begin using industry "best practices" (for example, the Microsoft OperationalFramework).And companies can also take a page from Ciscos SAFE blueprint, a flexible, dynamic plan for security andvirtual private networks based on Cisco architecture for voice, data and integrated data. This blueprint enablesbusinesses to securely and successfully leverage their infrastructure to compete in todays and tomorrowseconomies.The security problem continues growing because most people are still used to yesteryears networks, not takinginto account the astounding changes brought about by Internet connectivity. The Internet makes networksecurity a real problem that demands attention and solutions to protect companies, their employees and vitalinternal information.Richard Cole is Chief Operating Officer at ECS, a network servives provider.© 2004 American City Business Journals Inc. Web reprint informationAll contents of this site © American City Business Journals Inc. All rights reserved. 2/8/2004