Search /
Docfinder:
Advanced search  |  Help  |  Site map
RESEARCH CENTERS
SITE RESOURCES
Click for Layer 8! No, really, click NOW!
Networking for Small Business
TODAY'S NEWS
Valentine's Day Patch Tuesday: Microsoft to issue 9 patches, 4 critical
Mobile World Congress sneak peek: Quad-core smartphones, Ice Cream Sandwich & more
Microsoft details 'Windows on ARM' program
March debut of 'iPad 3' a sure bet, says analyst
FBI unbolts Steve Jobs 1991 investigation file
Cisco boosted profit, sales in Q2 while cutting costs
Macs take on the enterprise
Four crazy tech ideas from Google's Solve for X project
Obama 2012 campaign playlist revealed courtesy of Spotify
Oracle buying Taleo for US$1.9 billion in direct hit at SAP
Amazon attacks Apple: You get 3 Kindle products for price of iPad 2
Pre-rendered pages highlight latest Google Chrome release
Microsoft exec: Lync-Skype integration a 'compelling opportunity'
The future of hypervisors


/
Send to a friend Feedback

Most IT security problems are self inflicted

Related linksToday's breaking news
Send to a friendFeedback

By Juan Carlos Perez
IDG News Service, 10/09/01

IT professionals in charge of computer security need only look in the mirror to meet their biggest enemy.

About 90% of security breaches occur because attackers take advantage of software that IT staffers have either misconfigured or failed to patch, a Gartner analyst said on Monday during the company's Symposium/ITxpo 2001. Thus, by fixing known vulnerabilities and properly configuring software products, IT departments would be able to prevent most security incidents, such as Web site defacements, information theft and denial of service attacks.

"We have met the enemy, and they are us," analyst John Pescatore said.

Most of the malicious code that is unleashed on the Internet simply mimics existing attack scripts and attempts to exploit known security holes for which patches exist.

"Internet attacks are 90% imitation and 10% innovation," Pescatore said.

That these types of easily-preventable viruses and worms - such as the Nimda worm and the Code Red worm - often wreak havoc across computer systems worldwide, proves that many IT departments are simply not showing even basic levels of diligence and care regarding security. But that must change. As companies increase their use of the Internet for critical operations, the cost of security breaches will rise significantly in the coming years.

"As your company's use of the Internet evolves, your security program must lead the way," Pescatore said.

Another big problem is that many IT departments don't have a unified view of their security infrastructure because security initiatives are dispersed among a variety of groups that don't always coordinate their efforts. So the team in charge of a company's PCs may load anti-virus software on client machines, while the networking group puts up firewalls and the server people implement wares to protect applications, all the while without checking with each other first to make sure that those products interoperate, he said.

This lack of communication and coordination often leaves security gaps no one is aware of until it is too late. Gartner estimates that companies where a variety of groups monitor and manage security will suffer 50% more attacks than those where security management is consolidated. Companies should evaluate products designed to pull together the management and reporting functions of a variety of security tools from different vendors, he said.

"A fractured approach to security monitoring and management leads to security fractures," he said.

Other security tips, facts and warnings from Pescatore:

  • Desktop operating systems, including Windows 2000 and Windows XP, do not provide all the necessary security safeguards client machines need, so most users must buy third-party security software for adequate protection.

  • Companies shouldn't go overboard protecting their systems from internal attacks launched by employees. While critical servers should be guarded, applying the same level of security inside the company that is applied outside could hamper productivity.

  • In most cases, trying to find out who launched an attack against the company isn't worth the effort and money. This type of after-the-fact investigation is best left to government authorities.

  • Companies should spend extra money to buy security services from their Internet service providers to nip attacks at the ISP level, before the attacks hit companies directly.

  • Companies should outsource day-to-day grunt security tasks to outside service providers, to free their internal IT teams to do more strategic security planning and design.

  • A company's security strategy and its security policies must evolve and change to continually support and benefit business processes. Otherwise, security measures will be seen as an impediment and will be abandoned.

  • Some 50,000 of a total 25 million Web servers got hit by attacks in the year 2000, a figure that is expected to climb to 200,000 in 2001, or to 1 million counting Code Red victims.

    The IDG News Service is a Network World affiliate.

    • Related Links

    Error 404--Not Found

    Error 404--Not Found

    From RFC 2068 Hypertext Transfer Protocol -- HTTP/1.1:

    10.4.5 404 Not Found

    The server has not found anything matching the Request-URI. No indication is given of whether the condition is temporary or permanent.

    If the server does not wish to make this information available to the client, the status code 403 (Forbidden) can be used instead. The 410 (Gone) status code SHOULD be used if the server knows, through some internally configurable mechanism, that an old resource is permanently unavailable and has no forwarding address.

     
    NWFusion offers more than 40 FREE technology-specific email newsletters in key network technology areas such as NSM, VPNs, Convergence, Security and more.
    Click here to sign up!
    New Event - WANs: Optimizing Your Network Now.
    Hear from the experts about the innovations that are already starting to shake up the WAN world. Free Network World Technology Tour and Expo in Dallas, San Francisco, Washington DC, and New York.
    Attend FREE
    Your FREE Network World subscription will also include breaking news and information on wireless, storage, infrastructure, carriers and SPs, enterprise applications, videoconferencing, plus product reviews, technology insiders, management surveys and technology updates - GET IT NOW.