Category: Trends

CIOs should provision contingencies for business continuity and address the disaster recovery and continuous availability of systems to minimize the impacts of outages and to further ensure the IT organization’s credibility.

A note of caution, however: two-hour recovery time objectives (RTOs) are typically 10x regular operating costs.

Short-term vs. long-term compliance activities: Some CIOs will find it in necessary to provide for a longer implementation period in light of their organization’s respective risk profile, level of resilience, and unique business circumstances.

Bottom Line: CIOs must commit to robust recovery capabilities and prepare the ITO to respond to a wide-scale disruption by adopting sound BCP and DR practices.

META Group originally published this article on 29 October 2003.

More info: [url=http://techupdate.zdnet.com/techupdate/stories/main/Banking_on_IT.html?tag=tu.scblog.meta.6673]http://techupdate.zdnet.com/techupdate/stories/main/Banking_on_IT.html?tag=tu.scblog.meta.6673[/url]

Virus and hacker attacks have shot up by 20% in the first six months of this year, according to security experts.

With companies experiencing an average of 38 attacks a week, ensuring these vulnerabilities in systems are patched or fixed, is “critical” to their survival.

To protect themselves, companies and home users need to use a combination of protective safeguards.

More info: [url=http://news.bbc.co.uk/2/hi/technology/3154806.stm]http://news.bbc.co.uk/2/hi/technology/3154806.stm[/url]

In a presentation to the RSA Security Conference in Amsterdam, members of the Royal Mail, ICI and BT Global Services outlined their position on what defines a secure network and how they want to see it achieved.

“This isn’t pushing for a new BS7799 standard or anything,” said Paul Simmonds, global information security director at chemical manufacturer ICI.

The eventual goal is to shift the security market away from trying to keep networks pure from outside influences with a hardened perimeter, and concentrate on securing data access and enabling more business-to-business secure traffic.

He described Microsoft’s Rights Management Services (RMS) as interesting, but said that an ideal solution would see documents passed over a variety of operating systems and computing environments without sacrificing any degree of confidentiality.

Cisco has already been contacted and other large IT vendors are on the target list.

More info: [url=http://www.vnunet.com/News/1147499]http://www.vnunet.com/News/1147499[/url]

Last week’s elevated warning levels surrounding MiMail.C, a new, fast-spreading worm, gave IT departments time to brace themselves for a new round of attacks–but only barely.

The arrival of this new family of worms is not without attendant irony: MiMail.C arrived just as SoBig finally lost its spot at the top of the “Most Popular Virus” heap.

MiMail may or may not achieve a similar “status,” but the time between first deployment and release of refined versions spanned just a couple of months.

But those vendors–and all IT security professionals, for that matter–face an ongoing challenge of shortening the time between detection, alert announcement, and effective prevention and/or removal tools.

More info: [url=http://www.securitypipeline.com/showArticle.jhtml;jsessionid=Z2SCZM2ERD0ASQSNDBGCKHY?articleId=16000158]http://www.securitypipeline.com/showArticle.jhtml;jsessionid=Z2SCZM2ERD0ASQSNDBGCKHY?articleId=16000158[/url]

HP revealed this week that it had used the approach to protect thousands of machines on its network two days before the Blaster worm struck.

The code, developed by HP’s security research labs in Bristol, effectively saved the company from an infection that cost organisations around the world hundreds of millions of pounds to fix.

Although the technology is still at an early stage, HP sees it as a potential solution to the difficulties companies face ensuring all the machines on their network are patched, often at short notice, against the latest vulnerabilities.

Martin Sadler, lab director at HP laboratories in Bristol, said, “Tracking kit in any large corporation is difficult.

HP has 250,000 devices connected to its network that we know of.

But we do not necessarily know where everything is.”

HP began developing the technology two years ago, when it deployed virus-like code to protect its IT systems from the Nimda virus.

The code delivered a pop-up message to every unpatched machine on the firm’s network, urging the user to take action.

In the case of Blaster, instead of a pop-up warning, the security labs arranged for a code to be pumped out to every IP address on the company’s network that shut down any machine that had not been patched.

Some users were upset but the code protected HP from infection.

Sadler said the technology was still at an early stage, and there were still many questions that had to be resolved before the technique could be used commercially.

Companies using the technology would have to weigh-up the risk of virus-like code designed to protect against new vulnerabilities falling into the wrong hands and being used to develop malicious code with devastating payloads.

More info: [url=http://www.computerweekly.com/articles/article.asp?liArticleID=126146&liArticleTypeID=1&liCategoryID=2&liChannelID=22&liFlavourID=1&sSearch=&nPage=1]http://www.computerweekly.com/articles/article.asp?liArticleID=126146&liArticleTypeID=1&liCategoryID=2&liChannelID=22&liFlavourID=1&sSearch=&nPage=1[/url]

802.1X requires support in the client via the operating system or a third-party software application; in the access point, through the ability to accept EAP (extensible authentication protocol) messages and hand them off to a RADIUS or other authentication server defined in some area of the access point’s configuration; and an authentication server that can respond with the right information to initiate the keying process after credentials are accepted.

None of these requirements is a high bar.

Windows XP has shipped with an 802.1X client for some time, although it only supports a couple of flavors of secured EAP, in which the credential exchange is encrypted within tunnels.

And virtually all mainstream RADIUS and similar servers are now equipped to talk 802.1X/EAP using various secured EAP methods.

The client is the weak point, because until last week, only Windows XP had a built-in 802.1X client.

Mac OS X 10.3 (Panther) now includes 802.1X support, and they feature all of the EAP types, including PEAP, LEAP, EAP-TLS, EAP-TTLS, and MD5.

(Because it’s a Mac, if you’re using a certificate-based EAP method, like EAP-TLS, you just drag a certificate from email into the Keychain program, and that’s that.)

Other platforms and other versions of operating systems aren’t out of luck because they can turn to Meetinghouse, which supports flavors of Windows and Mac OS X (before 10.3), as well as Linux 2.4 and Solaris.

WPA has driven this process faster, it seems to me, because WPA solves the key-changing problem.

With WPA, an 802.1X system could change keys every few minutes — or weeks or years potentially — without any reduction in the level of security even with the TKIP key that’s available as part of the WPA standard.

Another element driving 802.1X adoption is that it reduces VPN costs.

If you’re using a wireless-outside-the-firewall approach that requires a VPN client on the local network to tunnel through, you can completely eliminate the VPN client and per-seat server costs.

More info: [url=http://wifinetnews.com/archives/002434.html]http://wifinetnews.com/archives/002434.html[/url]