Category: Trends

From the perspective of corporate security projects:
– The fastest growing project space is Authentication, Encryption and Intrusion;
– Security management is still just the leader but the trends show it deminishing over time;
– Wireless security is growing slowly as a priority item.

For entreprise software:
1. Directory Services with 30% percent of respondents consistenly stating that this has been their number 1 priority for the past 12 months.
2. ERP, which has taken over from CRM.
3. CRM
4. Groupware
5. Vertical industries
6. Document Management

For Web Technologies:
1. Web Service, showing very strong upward trending over the past 12 months.
2. Other
3. Site Development
4. Portals
5. E-Commerce
6. Content Management

Other charts showing the top ten security vendors and the October 2004 priorities.

Research comes from IDC and ZDNET.

http://news.zdnet.com/2100-9596_22-5429425.html?part=rss&tag=feed&subj=zdnet

But now employers are going further than ever, thanks to technology that can capture e-mail and instant messaging conversations, or record a worker’s every keystroke. Websense, a maker of Internet monitoring tools, has seen its stock price nearly double in the last year, though it saw some gains erased late last week. Other top players in the market include SurfControl and Secure Computing.

“I think all these companies are seeing great demand,” said Katherine Egbert, an analyst with Jefferies & Co. “Lately, regulatory compliance issues, and deadlines for meeting those regulations, have been driving sales.” The regulatory factors include financial reporting rules under the Sarbanes-Oxley Act and health care privacy mandates set forth in the Health Insurance Portability and Accountability Act, also known as HIPAA. Liability concerns regarding employee e-mails and IMs are also on the rise, as lawyers increasingly turn to computer records as evidence in sexual harassment suits and other legal actions involving the workplace.

Even tech luminaries, such as Microsoft Chairman Bill Gates, have used corporate networks to send e-mail that proved embarrassing in court.

“Productivity is a concern; loss of confidential information is still a concern; security breaches are a concern. Employers are afraid of being sued,” said Nancy Flynn, executive director of the ePolicy Institute, which, together with the American Management Association (AMA), recently published a survey on e-mail and IM surveillance in the workplace. “In almost every workplace lawsuit being filed today, e-mail is being subpoenaed as evidence,” Flynn said.

“IM will soon be subpoenaed on a regular basis as well.”

Aiming at IM According to the ePolicy-AMA survey, 60 percent of U.S. companies now use software to monitor incoming and outgoing external e-mail, while 27 percent of employers use software to track internal e-mail between employees. By contrast, employers have been relatively slow to monitor instant messaging, with just 10 percent of companies surveyed indicating they have taken steps to listen in on desktop chat. “Employers think IM is an emerging technology and they don’t have to monitor it yet,” Flynn said. “But if they have employees in their 20s, chances are (those employees) probably have been using IM since high school and view it as old technology.

And if a company doesn’t provide enterprise IM, (workers will) probably go out on the Internet and download a free version.”

IM giants America Online and Yahoo launched plans two years ago to offer corporate versions of their IM products, promising better security, along with regulatory compliance features not found in their free versions. Both have since scaled back those plans, but other companies have stepped in to fill the void, including industry titans such as Sun Microsystems and IBM, which are embedding their own IM products into their existing applications, and smaller companies such as IMLogic, FaceTime Communications and Akonix.

“Industry estimates say that by the end of 2005, IM in the workplace will surpass e-mail in the workplace,” Flynn said. “IM is coming on fast, and given that, employers need to take the necessary steps now with their policies and monitoring software.”

Monitoring software downloads is a top issue as well, industry observers and legal experts say.

In 2002, an Arizona company paid $1 million to settle a lawsuit with the recording industry that charged copyright violations involving MP3s stored on the company’s computer systems.

Customers such as PepsiCo and Ford Motor use Websense software to track and report employee Internet usage, block access to some Web pages, and set temporary access windows that limit the times some sites are available. Many corporations have adopted policies banning file-swapping software in the office and installed network traffic management software to track down potential violators.

Despite hot prospects, the industry has not seen a flood of new players. Instead, it has seen a rise in consolidation, particularly this year, Jeffries analyst Egbert said. Among recent deals, Blue Coat purchased Cerberian, CyberGuard acquired Webwasher, and Internet Security Systems bought Cobion.

Courts have generally found that employers have the right to monitor equipment that they own on their premises, including telephones and computer systems. Nevertheless, laws surrounding the monitoring of employees’ electronic communications are not as cut-and-dried as they appear, legal experts say. The law, on the face of it, looks like it’s illegal. But the courts have ruled that viewing stored e-mail is not considered a violation of the wiretap laws,” said attorney Philip Gordon, chairman of the privacy practice group for law firm Littler Mendelson. In one U.S. Court of Appeals case, the court further detailed how it is only considered a violation of the Wiretap Act if an e-mail is intercepted while it is traveling through the network pipe and is between two points.

http://news.zdnet.com/2100-1040_22-5423220.html?part=rss&tag=feed&subj=zdnet

The poll of IT network and security administrators in SMEs to determine how they persuade management to change security practice found that almost half of respondents admit to advocating the fear factor. Many respondents indicated that they have to present worst case scenarios involving confidentiality breaches, lost customers or liability charges to justify investments in information security technology.

The use of scare tactics may be prompted by the fact that, according to additional findings from the poll, more than one in four (29 per cent) network administrators claim that senior management rarely, or never, change standard practices in response to security recommendations alone.

However, an encouraging 30 per cent indicated that rational facts, including cost-based analysis, productivity statistics and industry articles, are sufficient to prompt a reaction.

Additionally, 51 per cent of respondents reported that senior management implement changes to security practices based on their recommendations most or all of the time.

“This survey shows that SMEs can vary greatly in their approach to security. Despite high profile attacks and regulatory pressure, a strong security-conscious culture is still not second nature to all organisations,” said Mark Stevens, chief strategy officer at WatchGuard. “While many organisations treat security as a priority from the top down, and are very proactive in their approach, others require more persuasion to implement and update secure practices. To protect against the threat of attack, executive sponsorship is critical. Organisations need to adopt an approach that incorporates not only technology solutions, but ongoing user education as well as development and enforcement of security policies.”

http://www.vnunet.com/news/1158895

Trend Micro and Computer Associates have both identified this niche, but some rivals question the immediate need for content filtering on cash points.

The new generation of Automatic Teller Machines (ATMs) are migrating from the IBM OS/2 operating system to Microsoft Windows and IP networks. This saves costs and enhances customer services. But it also means that ATMs are now at risk from computer worms, according to Trend Micro. “Previously isolated cash machines can now be infected by self-launching network viruses via the banks’ IP networks. Infections have the potential to bring down ATM machines, incurring downtime, customer dissatisfaction and increased costs fixing infected machines,” it warns.

Last August, the Nachi (Welchia) worm contaminated the cash machines at two financial institutions. When the Slammer virus hit the back end systems of the Bank of America in January 2003, 13,000 US ATMs became unavailable.

But never fear, Trend Micro is on hand to offer assistance. The Japanese-based firm is launching hardware-based network worm filtering technology specially designed for ATMs at a conference later this month. As well as launching its Network VirusWall 300 hardware, Trend will also be exhibiting at the annual ATM security conference (ATM Sec 4) in London on 25 and 26 October. Raimund Genes, European president of Trend Micro, said that 70 per cent of ATMs are based on either XP or embedded XP. “That’s the way manufacturers are taking the ATM and ticketing machine market,” he said.

Computer Associates offers a software development kit that can be applied to systems based on embedded XP.

Genes argued that producing AV systems for embedded XP terminals is far from straightforward: using existing enterprise content filtering gateways to protect ATMs would be “overkill”. Hardware-based network worm filtering, such as Trend intends to launch offers a better approach, he argued.

But other security vendors question the need for the technology.

Nigel Hawthorn, of security appliance firm Blue Coat Systems, said that ATMs commonly operate on a separate physical network, which is closed. “Sasser hit the back-end systems of banks, not ATM machines,” he said. David Emm, senior technology consultant at anti-virus supplier Kaspersky, agrees. “The threat to ATMs is related to how closely they are integrated with the outside world. Normally ATMS are kept on separate systems. Online financial (ebanking) systems are far more at risk,” he said.

Trend’s Genes said the barriers between the network used by ATMs and the wider Internet are been lowered as banks switch from older telecoms technologies to IP-based networks. He acknowledged that widely deployed AV technology alone is failing to protect enterprises from fast-spreading worms. But Trend’s worm filtering tech would prove far more successful in keeping cashpoints up and running in the face of viral onslaught, he says.

http://www.theregister.co.uk/2004/10/20/atm_viral_peril/

“The need for security is expanding beyond the PC,” wrote Jonathan Singer, an analyst with the Yankee Group, in an e-mail to TechWeb. “Mobile devices such as smart phones and PDAs, which are often used for business purposes without security integration, are opening new avenues for malicious code,” he added.

Early efforts by hacker to engage these devices were relegated to using them as entry points for viruses and worms delivered via e-mail, but as networked handhelds proliferate, tactics have changed. As other devices become networked–such as printers and copiers–and as voice over IP (VoIP) hardware grows in popularity, they’ll be targeted too, or used to launch additional attacks.

“Look for these types of attacks to become pervasive in the next 12 to 24 months,” Singer said.

Behavioral-based anti-virus protection doesn’t rely on one-to-one signatures to match against known malicious code, but examines possible malware for characteristics common to viruses and worms. Among their advantages are a theoretical ability to recognize unknown viruses–thus providing a defense against so-called “zero-day” attacks–less frequent updating, and smaller size.

“In the next two to four years, anti-virus software will migrate from signature recognition to a hybrid of signatures and behavioral recognition,” predicted Singer.

Enterprises should set policies on PDA and smartphone use, said Singer, to protect the network first, make handhelds productive second.

http://story.news.yahoo.com/news?tmpl=story&ncid=1211&e=10&u=/cmp/20041020/tc_cmp/50500906&sid=95609566

“The IPS market in Europe is a few quarters behind North America. But a couple of quarters ago is the time when IPS took off in the US,” said Kip McClanahan, chief executive of TippingPoint, speaking at the NetEvents gathering of networking analysts, vendors and press in Barcelona on Friday. He added that TippingPoint expected to see a “very significant” uptake in demand in Europe, Middle East and Africa.

Intrusion prevention systems conduct deep-packet inspection of the traffic moving across a company’s network. TippingPoint argues that IPS is a more sensible choice than an intrusion detection system, which will alert a network administrator of potential problems but not act against them.

Price tags of £50,000 are not uncommon — but in today’s security climate they can make sense for large companies, and organisations such as universities which can’t trust their end users to run their own security protection. Both TippingPoint and Internet Security Systems, another IPS vendor, are keen to point out that IPS products protect against vulnerabilities rather than just exploits. Both companies say that their customers were protected from the recent JPEG virus, because the vulnerability it took advantage of had already been identified.

Other security companies told the NetEvents audience that 802.1x, which places authentication on each network port, will play a big role in network security. But the IPS vendors say it isn’t enough to just put security on the perimeter. “If I’m a malicious employee and I want to run something bad on your network, then port monitoring won’t stop me,” said Marc Willebeek-LeMair, TippingPoint’s chief technology and strategy officer.

http://news.zdnet.co.uk/internet/security/0,39020375,39169783,00.htm