PC and Internet Security: Sometimes There Can Be Too Much Innovation

Over the past three months I have attended two events where PC and Internet security issues were the theme along with a Google presentation on cloud computing where security issues certainly were an underlying theme. While we’re not talking here about the security surrounding Skype conversations, these presentations each provided some key information about keeping your PC ready such that they don’t impact your ability to handle Skype calls.

Mathew Glotzback, a Product Manager in Google’s Enterprise group talked about the vulnerability of end points — and it’s not the technology that makes them vulnerable: laptop theft (10% within the first 12 months of purchase), handling of USB thumb drives and other removable memory devices; according to their research, 60% of corporate data resides unprotected on PC desktops and laptops. Of course, Google’s answer is cloud computing where all the data resides securely on the "cloud’s" servers and not on the remote devices.

A few weeks later I attended a breakfast presentation by David DeWalt, CEO of McAfee; of course this was all about PC and Internet security. His themes:

  • biggest issue today: over 750 new threats are being seen daily on average
  • the sophistication of cybercrime has reached the point where the US Air Force is seeing cyber defense as its second key mission after air space defense — the Pentagon itself has become a key target of cybercriminals.
  • data protection: expanding on Mathew’s theme, David talked about security standards (in reality, the lack thereof), variability of intellectual property law and the need for not only modernization of law around cybercrime but also the international co-operation required as the Internet liquidates political borders, as well as the development of security as a service models.

McAfee has recently acquired Safeboot (enterprise data protection and encryption) and ScanAlert (commerce and website security) to expand its enterprise security services. In the latter case they are continuously scanning websites to ensure they are "HackerSafe".

But from a Skype user’s point-of-view, Dave’s most striking comment about consumer vulnerability: the failure to renew anti-virus and Internet security software subscriptions. There is a need to educate consumers that, with over 750 new threats per day, the moment that initial subscription expires, you’ve become vulnerable. He also spoke about the vulnerability of SIP as an insecure protocol creating new vulnerabilities and how VMWare’s partitioning architecture can also provide the ability to share malware.

Finally, I recently attended a presentation by CheckPoint’s Canadian manager where the discussion came back to the issues of enterprise data vulnerability. Here we have a company that is developing enterprise security services that deal with the issues of ensuring security while not impacting employee productivity and flexibility. USB drives, cache memories, iPods and employee education are all issues taken into account in their enterprise offerings. Most important is the need to have CxO’s recognize the need for an active policy approach through identification of the costs of data loss and random, inappropriate exposure.

For the consumer CheckPoint is launching its Zone Alarm ForceField to protect against phishing, spyware, keylogging, and "dangerous" downloads as well as to erase your "surfing tracks" and to provide additional security related to banking and e-commerce activities. The primary consumer packages: McAfee’s Internet Security Suite and CheckPoint’s Zone Alarm.

Most important, make sure you’re using an Internet security offering, not just for Skype activities but for optimizing your overall Internet experiences. In fact, Rogers Internet service sees this issue as so important to their customer service and support operations that all Rogers Internet subscribers have Symantec security software included as a free component of their subscription.

And, if you still need convincing about new threats: I provide volunteer PC support for a local non-profit where I am "webmaster" and manage the mail accounts, some of which are forwarded to my personal email account (info@, webmaster@, etc.). We have a Postini subscription for our mail servers as I do also for my personal account. There has recently evolved a threat, called "spoofing", where someone tries to take over your domain name for sending out spam email; I was receiving all the "Delivery Failure" notices as a result. But they were infrequent enough not to worry. But about three weeks ago I came down to find over 50,000 of these notices had been rejected over an eight hour period by my Postini, yet 3,000 still got through. The hosting service provider for the non-profit told me this was a new threat they were seeing; they had just developed the experience required to mitigate this threat. They made their changes to our account management; I made some changes and now my spam is very infrequent. Sometimes innovation comes at a cost to the rest of us.

Tags: Google, cloud computing, McAfee, CheckPoint, Zone Alarm, Force Field, Postini

Powered by Qumana

About Jim Courtney

Bringing over thirty years' experience in the sales, marketing and management of cutting edge technology businesses.
No comments yet.

Leave a Reply

This site uses Akismet to reduce spam. Learn how your comment data is processed.