Print
Discuss
Send to friend
RSS feedsThe adjective "virtual" is perhaps used too widely in the IT world these days without a clear explanation of what exactly it is supposed to mean. We have virtual servers, virtual memory, and now the virtual enterprise. So what does the virtual enterprise mean? Well, one definition quoted to me recently is the line from the old Martini adverts - anytime, anyplace, anywhere.
According to this interpretation of the virtual enterprise, you should be able to connect from anyplace at anytime with any device, and the whole shebang will run seamlessly once you have typed in your username and password.
I've talked with several security vendors recently and most of them agree that most attacks are now inside jobs, although one of my colleagues maintains that this has always been the case, but in the past it was typically disgruntled employees who were the main culprits.
Imagine the following scenario: one of your employees is out on the razzle overseas; they get back from a fairly hefty night out with clients/ vendors/friends, empty the mini-bar and decide to have a late night surf online and maybe check their email.
In this case, the way the company manages their mobile systems could have a big impact on security. Even if the firm employs a virtual private network (VPN), they might not have a system that deals with all the threats. So when the employee next connects to the LAN, they could be introducing malicious programs. Viruses and worms are the dangers that immediately spring to mind.
What about spyware? This type of threat doesn't seem to worry managers as much as viruses and worms, but the effects can be worse.
Perhaps spyware should undergo some sort of name change to reflect its potential to damage systems, perhaps to something like leechware?
In fact, recent research by anti-spyware vendor Webroot in collaboration with ISP Earthlink, found when PCs were scanned with a spyware audit tool, an average of 26 pieces of spyware were on each PC.
How should a firm protect itself? Well, many security vendors seem to be thinking along the same lines. On attempting to connect, the client system should be "sandboxed", until the state of the system is determined. Are the latest antivirus updates there? Are the latest patches in place?
If the system is found to comply with policy, it's allowed in. If it fails it can be directed to a server that can feed it updates until it does comply, or can perhaps connect with reduced privileges.
The vast majority of desktops still run Windows, which has acknowledged security problems, so a strict security policy is increasingly important. Nowadays, if firms neglect such safeguards they might not be in business for much longer.
See what other readers are saying in our Letters blog - and add your own comments instantly.
del.icio.us
Digg this
reddit!
