- +
Your World. . . Hacked 02/10/2007 10:51:23
As your business becomes more collaborative and global, the risks to your company’s trade secrets rise proportionally. Fortunately, there are new strategies to protect the data that allows you to competeThe call to Bob Bailey, an IT executive with a major US government contractor, came on an otherwise ordinary day in October 2003. "Why are you attacking us?" demanded the caller, an IT leader with a Silicon Valley manufacturer. He wanted to know why Bailey's company had launched a denial-of-service attack against his network
Read up on the latest ideas and technologies from companies that sell hardware, software and services. Zones provide focussed content from Computerworld and leading technology partners.Newsletter Subscription
Usability of security software is partly to blame for low protection levels in many computers, according to international security experts.
In a panel session at this year's Australian Unix Users Group (AUUG) conference in Melbourne yesterday, software security developers gave reasons why the IT industry is still at the mercy of so many problems.
University of Auckland computer scientist Peter Gutmann said many security standards were written 10 years ago and have mostly just been tweaked since then.
"A lot of the security stuff is designed by crypto geeks [and] because of a lack of usability, people can't apply them correctly," Gutmann said, adding usability is just as important as "having a bunch of crypto and let people figure it out from there".
Gutmann said the protocols were designed without usability and even if a user-friendly GUI could be put over it, it is unlikely the original developers would accept it.
"They would rather have 100 percent perfect software that's unusable than 99 percent perfect software that is usable," he said.
OpenBSD developer Ryan McBride, who works on packet filter and IPSec code, lashed out at intrusion detection systems, saying the technique has no way of detecting whether a virus is attacking a network.
"I do IDS work in a Fortune 50 company and it's a case of 'oh look, another box has a virus - go turn it off'," McBride said. "It's very hard to automate turning things off in security."
McBride said IDS isn't the place to solve the problem, but inside the software is.
University of NSW School of IT senior lecturer, Dr Lawrie Brown said when looking at modern software, part of the problem is the enormous body of un-safe software that people continue to use, which propagates vulnerabilites.
Brown said there is also a mindset within the general population that computers are relatively new and people are unaccustomed to the importance of information security.
German network security PhD student Tobias Eggendorfer seconded this by saying end users are not educated to deal with security threats.
"It will take 20 to 30 years to educate people about computer security," he said. "You wouldn't give your house key to someone, so why do the same with your password."
Computerworld Member Login
Prioritizing Services with IT Service Management (ITSM)
Computerworld Live Webinar
Wednesday 20th, August 2008
11:00am EST (Sydney, Australia)
To be repeated on:
Thursday 4th, September 2008
11:00am EST (Sydney Australia)
Sign up and receive a free copy of The Forrester WaveTM Service Desk Management Tools, Q2 2008 at the conclusion of the Webinar.
Attend and discover:
- How to deliver value to your business through ITSM
- Best practice ITSM implementation
- Why emphasis is changing from optimizing IT management processes to better servicing customers and demonstrating real dollar value
- If service-oriented ITSM is best for your business
- +
Computerworld Live Podcast #97: The Future of Enterprise Networking 25/07/2008 09:45:36
This week CW Live chats with Mark Thompson, global sales and marketing manager for HP ProCurve, on the future of the enterprise networking. Mark discusses the trends we can expect to see in the near future and how the right infrastructure can ensure your enterprise network is secure. - +
Computerworld Live Podcast #96: Security at the Edge 11/06/2008 09:22:22
CW Live speaks with Amol Mitra, HP ProCurve Director of Marketing for Asia Pacific and Japan. Today's topic: how enterprises are starting to shift away from simply controlling security via server logins, firewalls and moving to more adaptive security frameworks. - +
Data Management Edition #10: Multi-Petascale Systems 02/05/2008 09:12:33
This week we look at sustainability and the development of multicore technologies to build multi-petascale systems. - +
IT Security Edition #11: How to poison the Storm botnet 01/05/2008 08:51:55
This week CW Live presents a case study on how to poison the notorious Storm botnet . Plus we take a look at Cisco's plans for Ironport. - +
IT Security Edition #10: Cyber-battles fought and won 24/04/2008 11:09:47
Vendors bow to end user pressure to improve product security, and we take a look at the latest concepts shaping the cyber-battlefield of the future.
Tumbleweed appoints O2 Networks to its Australian Channel Partner Program 2008-08-29 12:31:00+10
HP ProCurve Brings Big Business Gigabit Switching Features to Small Businesses 2008-08-29 12:00:00+10
Nortel and LG Electronics are First in World to Demonstrate Mobile LTE Handover 2008-08-29 11:30:00+10
GlobalConnect Provides Treatment for Healthcare Provider’s Contact Support Requirements 2008-08-29 09:59:00+10
Sybase and Logica Partner To Mobilise The Supply Chain 2008-08-29 09:47:00+10
Top Tips for Email Security in 2008
E-mail security remains a difficult issue for IT managers, who are now faced with more malicious threats than ever before. So what's new in e-mail security in 2008? And what will work best for your business? Read on to discover & create your 2008 e-mail security goals.
