- Microsoft Windows chief decries standards grandstanding
- The 5 best, and 5 worst, features of Google Chrome OS
- Federal government using PS3 to crack pedophile passwords
- 10G Ethernet cheat sheet
- Top 10 free Windows tools for IT pros, at a glance
"Management" and "mobility" were words on the tips of many attendees' tongues at the InfoSecurity 2003 Conference and Exhibition in New York, as leading security technology vendors displayed products for managing security devices, combating spam and securing mobile devices.
Frustration with difficulty managing security devices and security risks posed by mobile devices such as PDAs and cellular telephones is driving demand for new products and features bolstering traditional protections like firewalls and intrusion detection systems, according to interviews with those at the show.
A number of companies displayed technology for managing data produced by increasing numbers of security products deployed on corporate networks. Companies like Ubizen NV, OpenService, Consul Risk Management and Network Intelligence showed such products and services.
Securing mobile users was also a major concern of attendees and exhibitors. Heightened attention comes as corporations are equipping more employees with laptop computers, BlackBerry pagers and smart phones that give them constant access to network resources. Increasingly, those devices are serving as entry points for worms and viruses, said David Mortman, director of global security at Siebel, during a panel discussion Wednesday.
"Seventy percent of our workforce has laptops and is mobile, and laptops break the (network) perimeter," he said.
After a recent outbreak of the Blaster worm, Siebel was forced to protect its network from infection by stopping mobile workers as they came to work and requiring them to run a scanning program to detect copies of the worm on their laptops. Siebel stopped about 30 or 40 instances of Blaster from reaching the corporate network, Mortman said.
But companies are looking for more automated ways to deal with threats posed by mobile workers, according to Gerhard Eschelbeck of Qualys, who also participated in the panel discussion.
To meet those needs, companies are investing in new kinds of remote access technology. For example:
* Nokia used InfoSecurity to display Secure Access System, a VPN product based on Secure Sockets Layer that lets companies set up access policies that take into account the mobile user's identity, location and type of device used for network access, said Steve Schall, director of security application product management at Nokia.
Companies can use a client integrity scanner component of the Secure Access System to determine whether a mobile user's operating system is adequately patched and whether antivirus definitions are up to date. Lower levels of network privileges can then be assigned to users who do not satisfy those criteria, Schall said.
* InfoExpress, in Mountain View, Calif., showcased similar technology in its CyberGatekeeper product, a server that sits between VPN users and a corporate network and enforces security policies such as anti-virus updates and configuration on remote clients.
* Control Break Intl. of Houten, Netherlands, displayed technology for protecting data on remote devices. The company's SafeBoot uses two-factor authentication and proprietary technology to validate a user's identity before allowing the SafeBoot-protected device to start.
Rss FeedRss Feed
The Leader in Network Knowledge
Comment