4 #3577 ©2003
IDC
and a denial-of-service attack on the Internet's 13 root servers successfully crippled
traffic on the Internet as recently as October 2002. This attack has been connected to
cyberterror, and IDC is expecting at least one major cyberterror attack on the Internet
infrastructure in the not-too-distant future.
In addition, as wireless installations, home networks, and hotspots become more
common, the opportunities for client penetration are only increasing. Many users don't
even turn on the encryption available on their wireless connections. Picking traffic out
of the air is commonplace, albeit mostly harmless. Nonetheless, on occasion, the
crown jewels are exposed.
Of course, awareness and concern about security issues have risen among corporate
executives since September 11, but a steady drumbeat of increasing Internet fraud
and identity theft has been rising in the background as well. The multiple directions
from which cyberdanger can come are among the main worries of IT managers.
Access control and authentication are key for enterprises with remote employees.
Physical security remains a hot topic, particularly as devices are becoming smaller
and more mobile.
Although IDC surveys show that IT executives in companies engaged in ebusiness
activity have always led others with respect to security, awareness and
implementation are beginning to become more mainstream for enterprise networks.
Security has moved from the global realm of total systems, such as the public key
infrastructure (PKI), which require cooperation and trust among multiple entities, and
focused on the more immediate task of authenticating users at the point of entry and
encrypting local files.
While at the highest level most of the attention to security is focused on protecting the
information of greatest value to the corporation — financial, personnel, and
proprietary technical data — whether it lies in the mainframe, on the network, or in
clients, at the low level of client protection most of the focus has shifted to ensuring
that the
cordon sanitaire
is unbroken at the access point and that user files are
secured. Good mainframe security implementations, particularly at the procedural
level, have been in place for a long time. Network security, which makes use of
techniques such as intrusion detection and firewalls, is primarily concerned with
availability and integrity. Client security is now extending from antivirus products and
limited password controls to robust authentication methods and protection of
intellectual property.
T H E I M P O R T A N C E O F T H E C L I E N T T O O V E R A L L
S E C U R I T Y I N F R A S T R U C T U R E
Security in a networked environment is achieved by deployment of a full set of
protective measures. These measures include software-based perimeter defenses
and antivirus software, which, deployed on both servers and clients, help protect
computing assets from destruction, and hardware-based authentication and
encryption tools, which guard against privacy loss, identity theft, and data tampering.
Almost all clients now have user log-ins and passwords, but these limited protections
are sometimes left unchanged by the user from the manufacturers' uniform settings
— often common words such as "user" and "password" or just plain blank. And if the
password has been set properly (i.e., to a longish string, say, of at least eight
characters, of mixed letters and numbers that do not make up any common words), a
malicious hacker can still enter the system using a "hammering" algorithm such as
L0PHT, which, by trying a multitude of combinations of characters in rapid fire, can
crack open a standard corporate PC password like a coconut in less than a minute.
More primitive client password schemes — still used in Windows 95 and 98
installations — can simply be bypassed by hitting the Escape key.
