http://networks.org/?src=reuters:2006-05-31T133801Z_01_N31454900_RTRUKOC_0_US-WEATHER-HURRICANES-GRAY
Author: admini
Euro Security Initiatives Proposed
The report calls for the EC’s European Network and Information Security Agency (ENISA) “to study the feasibility of a European information sharing and alert system to facilitate effective responses to existing and emerging threats to electronic networks.” Such a system would require the creation of a multilingual EU portal to provide detailed information on threats, risks, and alerts, the commission said.
Another proposal calls for businesses, users and government agencies to hold a “multi-stakeholder debate” on the balance between security and privacy, including the implications of RFID technology on end user privacy.
http://www.darkreading.com/document.asp?doc_id=96086&WT.svl=news2_3
Symantec Sets Out Roadmap
Prior to last summer’s acquisition, there had been plenty of speculation about who would buy the startup, which offers software for enforcing security policies across a range of devices. Burton also confirmed, in response to a question from an analyst, that Symantec will make more of its email and messaging management products available through an “on demand” pricing model in the future. The vendor, he added, is also planning to launch a new version of its Enterprise Vault messaging management product later this year, which will offer file system enhancements. “A couple of years ago, we would have been talking about hackers seeking notoriety,” he said. In contrast, hackers are now looking to surreptitiously install software on corporate desktops for purposes such as keystroke logging, which can steal critical data.
Security, however, was not the only topic of discussion today, and Symantec execs confirmed that they are preparing a major new release of the NetBackup product they inherited when they bought storage vendor Veritas for $13.5 billion last year.
Away from the enterprise, Enrique Salem, Symantec’s group president for consumer products, explained that the vendor has two major new products up its sleeve: Norton 360 (code-named Genesis) and Norton Confidential (code-named Voyager).
Symantec execs avoided any discussion of their current lawsuit against Microsoft during today’s call.
http://www.darkreading.com/document.asp?doc_id=96125&WT.svl=news1_1
Microsoft officially launches paid security product
Redmond-based Microsoft has previously said that its main focus for OneCare was the 70% of computer users who, according to Microsoft estimates, have no additional protection at all. But in an interview last week, Ryan Hamlin, general manager for the OneCare product, said the company also hopes to snag existing Symantec and McAfee customers.
“We’d love for those customers to use our product, and encourage them to, but there’s also 70% that don’t use anybody,” he said.
http://www.usatoday.com/tech/news/computersecurity/2006-05-31-microsoft-security_x.htm
Dell to Bundle Skype on new XPS Laptops
IT has been widely fearful of Skype’s architecture as users booting up Skype could compromise their corporate network. “IT is petrified that users will become a Skype SuperNode and forward unknown users through their enterprise PCs onto the corporate networks,” says David Passmore, research director at the Burton Group.
Skype for Business does little to address the major concerns for business.
http://www.networkingpipeline.com/news/188700450
Identity crisis – what crisis?
Furthermore it’s said that the average worker has to remember at least 15 user names and passwords, all with different expiry dates.
Fortune 1000 companies typically depend on around 200 databases, or directories, of user information to control access to their systems.
Traditionally, a human administrator managed each system through a paper-based trail to decide access to each application.
Along with data protection laws, this type of legislation addresses the rights of individuals when they interact with organisations, and requires organisations to make data available to their employees only on a need-to-know basis. However, organisations may find the costs of administering IT systems and ensuring compliance go through the roof unless a reliable IDM infrastructure is in place and the data quality is good enough.
In larger organisations ‘meta-directories’ aggregate all directories and other sources of information that enables a workflow engine to monitor data and business events across an organisation. They can generate massive economies of scale in comparison to more disjointed methods.
IDM also offers a number of associated benefits, and its introduction can be viewed as an excellent opportunity, particularly when a business is facing different regulatory controls, or is merging, restructuring or embarking on a new outsourcing project. Consistent and reliable records that can be accessed quickly cut the cost of collecting data and managing the audit trails demanded in a tighter regulatory framework. In addition, there is an instant benefit when it comes to launching new enterprise applications.
Hollywood has pushed the idea of biometrics in films like National Treasure where someone stole fingerprints from a computer keyboard to gain access to a vault, or Minority Report where Tom Cruise’s character had an eye transplant to foil an iris recognition system.
In the meantime, organisations need to look beyond the immediate need for an IDM solution and ensure that identity management is properly integrated with the organisation’s wider security needs and practices. Unless this is done, there is a risk that improvements to identity management may simply shift the security threat to a less protected area or create an unexpected new risk.
http://www.it-observer.com/articles/1145/identity_crisis_what_crisis/