Wednesday, November 08, 2006

Open environments invite hackers

BANGALORE: Open and collaborative working environments help enterprises to scale up their operations and improve upon their productivity but also expose the enterprise networks to external world of hackers and crackers.

This was the stated by J. Pazhamalai general Manager, Information Risk Management and Policy Compliance, Wipro Technolgies. J. Pazhamalai was speaking at the Frost & Sullivan conference on advancements in technology behind Web security. The conference aimed to address the concerns of Indian CIOs towards threats emanating from the web.

“It has become mandatory for IT managers to provide an all pervasive networking environment for their employees. But that comes with an inherent risk of making company’s network vulnerable to disruptive elements, which can result in financial losses and legal liabilities for the enterprises” said Pazhamalai..

Pazhamalai added that the existing network security measures were very inadequate to take such risks, which also explained the spurt in web-based attacks.

“Antivirus solutions are reactive, not preventive; they are effective only against very specific threats, and they provide even this limited protection only after an attack has already occurred,” said Pazhamalai.

“ The way we are responding to the challenge is incorrect. Rather than taking reactive measures like putting high-end security solutions everywhere in the network, organizations should be filter the web content that employees were accessing,” he added.

Shedding light on the enormity of web-based threats, Surendra Singh, head, South East Asia and India, Websense, said the next-generation web-based threats were designed to invisibly capture both personal and company confidential information.

“As web-based attacks become more sophisticated in nature, companies need to protect themselves through automating their web security,” said Singh.

He added that with the motivation for attacks being financial, the lead organizations need to ensure they are aware of the security gaps that are to be plugged.

Alok Shende, director, ICT Practice, Frost & Sullivan, in his presentation, said organizations are responding to this challenge by deploying a combination of security products and services from different vendors.

“With increasing internet penetration and use of online transactions, there is a growing need to filter the web content, which employees are accessing for malicious codes and also objectionable content. However, web access control is still not seen as a critical issue in enterprise security management,” said Shende.

“The antivirus protection, firewalls, and intrusion detection systems, are generally excellent within their intended sphere, but they do not always provide sufficient protection from advanced blended threats. The problem gets complicated when employees are working remotely where they are not protected or managed by the organization’s perimeter security,” added Shende.


Source: http://www.ciol.com/content/news/2006/106110706.asp?nl=7_204540_Nov7

0 Comments:

Post a Comment

<< Home