Networking

Security front line shifts again

Sun, 25 Feb 2007 19:01:38 -0500

The word has gotten out: finding corporate networks not protected by multiple layers of firewalls, intrusion detection systems and intrusion prevention systems has become far more difficult. Criminals and thieves, having found that the full frontal assault is bearing less fruit, have shifted the focus of their attacks to systems and locations less well-protected. Where's the new front in hacking? Mobile, wireless, and home systems that may be less secure, but that still use a VPN to reach back inside the corporate firewall. If you have users logging in from afar, it's time to make sure that their client hardware is as protected as you want your servers to be.

For more on the newest front:
- read the article at Enterprise IT Planet

Editor's Corner

Mon, 29 May 2006 20:01:40 -0400

The FierceWireless-Bluefire Wireless Security Survey indicates three out of five survey respondents thought their companies would be willing to pay more for wireless security if it were offered as part of a monthly service plan by a wireless carrier. Forty-three percent believed their organizations would pay more if security was provided by smartphone or wireless device manufacturers, while nearly half thought their companies would purchase more devices if security risks could be virtually eliminated. "The survey results paint a very different and surprising picture within the industry," says Bluefire Security Technologies' CEO Mark Komisky.

"This data suggests that the next-step in the evolution of wireless security is for handset manufacturers and carriers to bundle security packages for both end users and enterprises. In doing so, they would not only be creating an important key differentiator, but also responding to a real concern and demand among users," says Kevin Burden, program manager for mobile devices services, for international analyst group IDC.

"The adoption of mobile devices has seen phenomenal growth in the last decade, essentially creating an economy dependent on being connected at all times," said Jeff Giesea, President of FierceMarkets, which publishes FierceWireless. "For businesses and consumers alike, we are also seeing a significant uptake in the mobile device becoming the one device for all communications including replacement of traditional computing devices, making security a significant concern and issue for the industry."

Other major findings of the FierceWireless-Bluefire Wireless Security Survey include the following:

More than 80 percent of respondents reported their organizations' use of handheld devices had increased over the past two years. Aside from voice communications, top-ranked wireless applications included corporate email access and remote access to corporate networks (more than three-fourths of respondents ranked corporate email as among their most-used applications, with remote access to corporate servers ranked second).
As to specific wireless security concerns, more than 70 percent of respondents said their top-ranked wireless security concerns are viruses or attacks on the corporate network and the security of data during transmission over wireless or cellular networks. Loss or theft of wireless devices ranked a distant third, with about 40 percent of respondents indicating a concern.
Eighty-six percent of all respondents agreed that security protection should be required of their handheld devices. More than 90 percent reported being concerned about the security of email access to corporate server-based accounts and remote access to corporate networks, while 84 percent said access to web-based email accounts had become a significant security concern.
Sixty-seven of respondents said they were worried about the security of web access via their smartphones. Other areas of security concern for more than half of the respondents included IM, order entry, CRM, and SMS, or MMS.

About 22 percent of respondents identified themselves as executive management, 27 percent as holding technical/engineering positions, and 20 percent as sales/business development managers. Other job functions reported included marketing/public relations (12 percent), programming (3 percent), and accounting/financial (2 percent). Respondents represented a range of industry sectors, including telecommunications (34 percent), IT/technology (22 percent), professional services (11 percent), financial services (6 percent), manufacturing (6 percent), as well as consumer products, healthcare, education, and government (military and non-military).

A complete report on the FierceWireless-Bluefire Wireless Security Survey is available at www.bluefiresecurity.com/securitysurvey. - Judy

Auditing, risk assessment a mandate

Sun, 14 May 2006 20:01:38 -0400

If you've spent more than a few years toiling in the IT environment, you probably remember the days of 'hubs' and how excited everyone was to plug them into corporate networks. You also probably remember the horrible experience related to the security risks involved in making such a move. The same is true with today's wireless networks, which is why experts are pushing IT leaders to implement and establish strong audit processes and procedures. Risks come from several different segments of the network system and wireless LANs are much more insecure than internal network environments.

The continual quest to get users access everywhere and anywhere creates a substantial security element. Tech leaders need to assess this security threat and then formulate approaches to stop intruders and protect the information being shared. One of the easiest and most common strategies is using the hidden service set identifier, but that isn't foolproof since it also relies on the user's knowledge and responsibility. That's why auditing has become such a valuable tool. As enterprise use a variety of security tools to keep intruders out, the wireless review must become part of the annual IT risk assessment effort. It's the only way potential wireless problems can be treated, like the traditional network issues of authentication, access control, availability and encryption. Article

Laptop hog-wild with wireless capabilities

Sun, 29 Jan 2006 19:01:37 -0500

Dell is taking its laptops wireless and planning to debut Latitude notebooks featuring Wireless EV-DO and mobile broadband modules from Novatel Wireless. Users will be able to wirelessly transmit emails, gain access to corporate networks using a VPN, roam the Internet and share files. The embedded modules are backward compatible with 2.5G and 2G wireless standards, including GSM, GPRS, CDMA and 1xRTT. Article

How to secure WiFi networks

Mon, 05 Sep 2005 20:01:37 -0400

Intel is working on a new approach to securing WiFi use, specifically how to locate a wireless user and/or device by using distance detection technology. The ultimate goal is to secure WiFi networks better by limiting the locations where users can log-in to corporate networks. An added benefit is that by knowing where a system is located, network admins and security staff can quickly identify hardware issues or help users find a good secure log-in position. Intel's emerging technology tracks how long it takes packets of data to travel to and from a wireless access point. It promises to keep unauthorized users from tapping into home corporate network points and the enterprise network, of course.

For more on precision location use:
- read this article at TechWorld