Monthly newsletter Weekly news roundup Breaking news notification    
Hackers' heaven…

Get free weekly news by e-mailCorporates still leaving security back doors open...

End point security which is a key component in the information security defences of organizations, is being totally overlooked by a significant number of organizations, according to a survey released by Secure Computing Corporation.

A fifth of organizations do not have any form of end point security which means that their corporate networks and data are potentially exposed to hackers and criminals who can access sensitive information from unprotected access points.

In addition 49 percent of organizations do not even use desktop firewalls for end point security, this is the most basic and fundamental level of security that should be deployed to prevent unauthorised access to sensitive information.

Protecting the operating system by ensuring it has the latest available patches installed is a further area that needs improvement with over a third (37 percent) of organizations not keeping their operating systems up-to-date.

Anti virus software which is one of the most fundamental IT security defences is not used at the end points of 20 percent of organisations, which is a shocking statistic given that the survey was carried out amongst 227 information security professionals at Infosecurity Europe 2006.

The survey questioned further on views about identity and access management, 46 percent of organizations are very exposed as they are still only using passwords, 40 percent are now using hardware tokens, 10 percent are using smartcards and 5 percent biometrics, a few organizations (2 percent) are not using any access control.

Nearly four out of ten (38 percent) security experts believe that two-factor authentication is now the solution to phishing and identity theft. It is well known that hackers use many effective tools to compromise users' passwords. Such tools include sniffing, brute force attacks, dictionary attacks, personal information gathering, and social engineering (sneaky efforts to get someone to reveal their password). Hackers install keystroke-grabber software on public Internet terminals. Network sniffers steal passwords over wireless networks. Using these attacks, a password is just as vulnerable if it's "johndoe" or "gIw$H1#5W."

A third of respondents believe it takes at least 24 hours for a signature to be developed to protect against an exploit after it appears in the wild and a further 17 percent believe it takes a week. Hence the need for ‘zero hour’ defences that protects a network against unknown threats. Only 16 percent thought that it took an hour and 17 percent thought that it takes two hours. The majority of people (70 percent) do not believe that signature based security is sufficient in itself to protect an organization.

Unknown attacks are quickly becoming the next great information security challenge for today’s organizations. In the first half of 2005, over 10,800 new virus and worm variants were identified for the Win32 platform alone, representing an increase of 48 percent over the prior six-month period. As the window of time between the disclosure of a new vulnerability and the emergence of unique threats that operate against it continues to diminish, so does the effectiveness of many conventional countermeasures, including patch management.

When questioned on what they considered to be the elements necessary for complete content security management, Anti virus (78 percent) is judged to be the most the most important element closely followed by URL Filtering (75 percent) and anti spam (74 percent). Elements that are not considered to be as important to complete content security management are Content protection (59 percent), IM Filtering (54 percent), and SSL Scanning (53 percent).


A firewall (11%) is the most popular choice as the first line of defence against worms, malware, and phishing attacks, user education and awareness is the second choice at 9 percent and anti virus is 8 percent. The best form of defence that an organisation can put in place against worms, malware, and phishing attacks is a defence in depth approach which includes provision against both known and unknown forms of attack and incorporates best of breed solutions for content security management; identity and access management; threat management and data encryption. A security aware culture and user education also have an important part to play as technology can only go so far in defending organisations against hackers.

http://www.securecomputing.com

Date: 6th July 2006• Region: UK/World •Type: Article •Topic: ISM
Rate this article or make a comment - click here



Copyright 2006 Portal Publishing LtdPrivacy policyContact usSite mapNavigation help