|
|
|
Security strategies ‘not working'
By Iain Scott
, ITWeb
Posted: 12 July 2004
Today's strategies to defend networks against viruses, worms and Trojan horses are not working, says Gary Middleton, IT security specialist at Dimension Data.Addressing the BMI-TechKnowledge/International Data Corporation African banking forum in Midrand last week, Middleton said there was a huge interest in how companies needed to comply with legislation and corporate governance requirements.
In auditing and risk management there was also a requirement to reduce business risk in order to comply to audit reports. Security was also key to customer confidence. The better the security, the higher the customer confidence.
The security market is growing, with a BMI-T survey showing that the market, worth almost R1.05 billion last year, would be worth R1.22 billion this year.
However, while network infrastructure was now more able to defend itself from attack, in 2002 the number of reported security vulnerabilities reached a record high, as did the number of reported security incidents. At the same time security product spending is also reaching record levels.
“There's a huge increase in attacks and vulnerabilities, but also huge increases in spending. Something's wrong,” he said.
A 2003 Ernst & Young global survey found that the top security threat over the next 12 months would be major viruses or worms, with employee misconduct involving information systems coming second on the list. This was followed by distributed denial of service attack, loss of customer data privacy or confidentiality, and amateur hackers.
“The perception has shifted,” Middleton said. “The main threat 18 months ago was seen as a hacker. We have found that customers have not spent money on updating their systems to cater for the new threats.”
He says most organisations have implemented protection measures without a detection and response strategy, despite the fact that the technology to implement such a strategy exists.
By way of analogy, Middleton said in a home situation a security gate was the protection measure. An alarm system was a detection measure. Connecting to an armed response unit was the response aspect of security.
Malicious codes today are no longer simple, and perform multiple actions. In the first half of the year, such “blended threats” accounted for 60% of suspect code. The number of such threats was also on the increase.
Middleton says more legislation and governance rules will drive security spending in the future, particularly as IT security is a business risk issue. However, with employees factoring high on the risk scale, companies need a mixture of policy and technology to minimise the risks they face. |
|
Security Products:
Astaro
Security Linux
Appliance
Award
winning, Rock-solid network security, simple and affordable.
"...exceptionally
polished and extremely robust security gateway for a very
reasonable price.... the most polished and easy to use
Web-based management system we've seen to date." ---
INFOWORLD
Astaro provides six essential security applications in one easy-to-manage package that protects organizations from hackers, viruses, worms, spam and other threats to security and productivity.
Astaro Security Linux offers:
 |
firewall |
|
intrusion
protection |
|
e-mail
virus protection |
|
web
virus protection |
|
spam
protection |
|
VPN
gateway |
|
URL filtering capabilities. |
A unified management platform makes it easy to deploy,
administer, and update a complete network security solution with surprisingly little cost and effort. The software can be installed on a standard Intel PC, or purchased pre-installed on a variety of security appliances.
Based on the best of open source security software, Astaro Security Linux has won numerous awards, and is in use on over 20,000 networks in 60 countries.
Astaro
security Linux is extremely scalable, with the ability to
protect small office home office/remote office to enterprise
implementations incorporating features such as
High availability, VLANs, Qos and a configuration manager to
manage multiple sites from a
single management platform.
Prices
start at $390 for a 10 user license. Educational discounts
are available.
Intrusion
Prevention Systems
Vulnerability
Scanners
Firewalls
| Astaro Security Linux |
| Netscreen |
| Checkpoint |
Management
Virus
Control
| Astaro Security Linux |
| Mail Marshall |
Content Filter
| Astaro Security Linux |
Services
| Security audit |
| Perimeter Vulnerability Scan |
| Router/ switch optimization for
security |
| Firewall checking and configuration |
| VPN Design and Implementation |
| Network design |
| network based application analysis |
| Network Baselining |
| Security baselining |
|
|
  
This mailing has been performed by Aavex Technology
Corporation
42w588 Still Meadows Lane, Elburn IL 60119 USA, 630-365-0025 in compliance
with the "CAN-SPAM Act of 2003", approved and signed by
the president of The United States of America on Dec. 16, 2003. For this
reason, this email cannot be considered SPAM This newsletter contains
commercial advertisement.
|
|
