Search /
Docfinder:
Advanced search  |  Help  |  Site map
RESEARCH CENTERS
SITE RESOURCES
Click for Layer 8! No, really, click NOW!
Networking for Small Business
TODAY'S NEWS

/
Send to a friend Feedback

Most IT security problems are self inflicted

Related linksToday's breaking news
Send to a friendFeedback

By Juan Carlos Perez
IDG News Service, 10/09/01

IT professionals in charge of computer security need only look in the mirror to meet their biggest enemy.

About 90% of security breaches occur because attackers take advantage of software that IT staffers have either misconfigured or failed to patch, a Gartner analyst said on Monday during the company's Symposium/ITxpo 2001. Thus, by fixing known vulnerabilities and properly configuring software products, IT departments would be able to prevent most security incidents, such as Web site defacements, information theft and denial of service attacks.

"We have met the enemy, and they are us," analyst John Pescatore said.

Most of the malicious code that is unleashed on the Internet simply mimics existing attack scripts and attempts to exploit known security holes for which patches exist.

"Internet attacks are 90% imitation and 10% innovation," Pescatore said.

That these types of easily-preventable viruses and worms - such as the Nimda worm and the Code Red worm - often wreak havoc across computer systems worldwide, proves that many IT departments are simply not showing even basic levels of diligence and care regarding security. But that must change. As companies increase their use of the Internet for critical operations, the cost of security breaches will rise significantly in the coming years.

"As your company's use of the Internet evolves, your security program must lead the way," Pescatore said.

Another big problem is that many IT departments don't have a unified view of their security infrastructure because security initiatives are dispersed among a variety of groups that don't always coordinate their efforts. So the team in charge of a company's PCs may load anti-virus software on client machines, while the networking group puts up firewalls and the server people implement wares to protect applications, all the while without checking with each other first to make sure that those products interoperate, he said.

This lack of communication and coordination often leaves security gaps no one is aware of until it is too late. Gartner estimates that companies where a variety of groups monitor and manage security will suffer 50% more attacks than those where security management is consolidated. Companies should evaluate products designed to pull together the management and reporting functions of a variety of security tools from different vendors, he said.

"A fractured approach to security monitoring and management leads to security fractures," he said.

Other security tips, facts and warnings from Pescatore:

  • Desktop operating systems, including Windows 2000 and Windows XP, do not provide all the necessary security safeguards client machines need, so most users must buy third-party security software for adequate protection.

  • Companies shouldn't go overboard protecting their systems from internal attacks launched by employees. While critical servers should be guarded, applying the same level of security inside the company that is applied outside could hamper productivity.

  • In most cases, trying to find out who launched an attack against the company isn't worth the effort and money. This type of after-the-fact investigation is best left to government authorities.

  • Companies should spend extra money to buy security services from their Internet service providers to nip attacks at the ISP level, before the attacks hit companies directly.

  • Companies should outsource day-to-day grunt security tasks to outside service providers, to free their internal IT teams to do more strategic security planning and design.

  • A company's security strategy and its security policies must evolve and change to continually support and benefit business processes. Otherwise, security measures will be seen as an impediment and will be abandoned.

  • Some 50,000 of a total 25 million Web servers got hit by attacks in the year 2000, a figure that is expected to climb to 200,000 in 2001, or to 1 million counting Code Red victims.

    The IDG News Service is a Network World affiliate.

    • Related Links

    Australian airports to deploy body scanning technology 2/9/2010
    Google teaming up with the NSA: should you be worried? 2/6/2010
    EPIC files FOIA request over reported Google, NSA partnership 2/4/2010
    Powered by Inform
     
    NWFusion offers more than 40 FREE technology-specific email newsletters in key network technology areas such as NSM, VPNs, Convergence, Security and more.
    Click here to sign up!
    New Event - WANs: Optimizing Your Network Now.
    Hear from the experts about the innovations that are already starting to shake up the WAN world. Free Network World Technology Tour and Expo in Dallas, San Francisco, Washington DC, and New York.
    Attend FREE
    Your FREE Network World subscription will also include breaking news and information on wireless, storage, infrastructure, carriers and SPs, enterprise applications, videoconferencing, plus product reviews, technology insiders, management surveys and technology updates - GET IT NOW.
    * HOME    * RESEARCH CENTERS     * NEWS     * EVENTS

    Contact us | Terms of Service/Privacy | How to Advertise
    Reprints and links | Partnerships | Subscribe to NW
    About Network World, Inc.

    Copyright, 1994-2006 Network World, Inc. All rights reserved.