Safe
computing outside the corporate perimeter
Employees logging into corporate networks from home
PCs over public broadband connections are now commonplace.
As a result, security software and hardware that once
did a fine job of guarding sensitive systems looks
increasingly vulnerable. That's because all these
remote networkers, be they employees or partners,
are no longer snuggly inside the "official"
data-security perimeter.
Also, persistent worm-virus outbreaks, such as Nimda,
explain why more and more corporations are going through
the considerable hassle of putting security software--firewall,
intrusion detection systems, antivirus software--on
every desktop machine. Companies with end-to-end protection
remain in the minority, but they won't be for long
as it becomes easier to link up fleets of desktops
with central control consoles that not only talk to
the big, heavy-duty security appliances but also to
the thousands of small programs guarding the road
warriors' machines.
Identity theft goes berserk online
Call in the copycats. When well-organized ID thieves
convinced a clerk at a Long Island (N.Y.) software
company to give them access to tens of thousands of
credit reports using his company's password, they
illustrated how the Net makes the part of ID theft
that was hard until now--accumulating the information--much
easier. With widely available credit reports such
an integral part of American business, it's hard to
imagine how the credit agencies can quickly and simply
limit access to the reports without impeding the flow
of commerce.
With
easy access to credit reports available to thousands
of people throughout the U.S., expect blockbuster
ID thefts in 2003 and beyond. Whereas credit-card
numbers were traded freely on the Internet in the
past, now the bad guys will trade entire personal
dossiers. And fixing the problem will be much harder
because it's pretty easy to screen out someone who
has picked up one of your credit-card numbers but
much harder when it comes to a rogue who has that,
your bank-account number, your social security number,
and the last five addresses you have called home.
Of
course, this little list is just the beginning. I
haven't even touched on still-early trends such as
merging physical and online security: Companies are
starting to look at guarding these assets in coordination
because often computer-security breaches start with
physical breaches.
Likewise,
more and more businesses are installing software that
tracks theft of sensitive, high-end intellectual property.
Once ham-fisted, the second generation of these systems
works much better, according to Gartner security analyst
John Pescatore.
All
told, computer security remains one of the more dynamic
areas of the moribund IT sector. And it'll get only
more interesting in the coming year.
|
