Article

Expert: Good security tools 10 years away

Margie Semilof

IT security staff need to learn how to batten down the hatches more quickly, because it doesn't look like software security will get better any time soon.

The reality for IT security professionals for the foreseeable future is patching and preparing to deflect the next vulnerability. According to security expert Scott Blake, who is also a vice president of information security at BindView Corp., Houston, there is no end in sight to the invasion of worms and viruses.

"I would say we are five to 10 years away from the underlying technology getting to where we can begin to stop worrying about this stuff anymore," Blake said.

"Even Microsoft submits that any nontrivial software will have flaws, and the best you can do is try to minimize [the flaws] so it fails more gracefully. Complex, as any good security person will tell you, is the opposite of secure."

Blake said that most IT administrators already know how to secure their systems. For large enterprises, however, it remains a challenge to deploy patches, though most organizations have some sort of software-distribution system.

IT professionals are reluctant to send patches out before they are tested, because the quality of patches is often inconsistent. Blake recommends setting up a lab so patches can be tested quickly and pushed out. Untested patches don't always cause problems, but the risk is much greater where there is a high degree of customization in the enterprise. "People

    Requires Free Membership to View

with homegrown applications are at a higher risk than someone with a standard Microsoft environment," he said.

Blake recommends a few tips for building fail-safe networks. First, a good set of firewall rules will help, as will good antivirus software. But at the end of the day, there will always be some systems that don't get managed properly by IT departments and, depending on the environment, that will be a great or small problem, he said.

"If you let people come in on dial-up or VPN access, and those systems are personal, those will be difficult to manage," he said.

Unfortunately, most worm or virus writers are usually just average mischief makers. "In most cases, we are not talking about someone who is coming out to create terror or financial gain," he said. "What is harmful is that they don't consider it to be their problem."

FOR MORE INFORMATION:

Article: Admins have to sell the boss on security

Article: Microsoft jumps on the security cert bandwagon

Best Web Links: Security


There are Comments. Add yours.

 
TIP: Want to include a code block in your comment? Use <pre> or <code> tags around the desired text. Ex: <code>insert code</code>

REGISTER or login:

Forgot Password?
By submitting you agree to receive email from TechTarget and its partners. If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States. Privacy
Sort by: OldestNewest

Forgot Password?

No problem! Submit your e-mail address below. We'll send you an email containing your password.

Your password has been sent to: