e-Security Research Pavilion
Welcome to the e-Security research pavilion. Below you will find information from case studies, articles, demos, web links, brochures and white papers to assist you research and locate the best solution for your organisation. Check also the iStart Diary for local seminars on this subject. All vendors showcased below will be glad to assist with your enquiries.
Overview
Unscrupulous people who think it's cool to let loose destructive code on the internet or pry into corporate databases to steal or damage data, or hijack bandwidth are forcing computer security issues to the front line of business concerns.
With the increasing sophistication of computer-based crime, companies should assume that their IT systems and information assets are vulnerable and establish security counter-measures that can be updated to cope with the latest threats.
Common Threats
- Hackers or Crackers: Unauthorised visitors to other people's computers or networks. Many hackers are content with simply breaking in and leaving their mark, others maliciously crash entire computer systems, stealing or damaging confidential data, defacing web pages, and ultimately disrupting business.
- Viruses: Computer programs designed to replicate themselves and infect multiple computers. Some are relatively benign, while others may delete files or cause system crashes.
- Trojan Horses: Programs delivered with email or web pages which can delete data, mail copies of themselves to e-mail address lists, and open up computers to additional attacks.
- Phishing: A perpetrator gains unauthorised access to network or internet banking passwords through bogus websites or fraudulent requests for information.
- Denial of Service (DoS): These attacks flood applications or servers with traffic in order to deny access to legitimate users.
- Spam: Unsolicited mail which is usually harmless but can clog up email systems.
- Internal threats: While most security programs are focused on the outside world, internal threats such as disgruntled employees should also be considered.
A company security policy should specify how information should be stored and protected and who should have access to it. If you don't have such policies in place along with firewalls, anti-virus scanners and intrusion detectors you may not even know that your systems have been attacked and compromised.
Articles/Industry Reports
Understanding the security challenges of mobile devices Microsoft Executive Circle Webcast: Security360 with Mike Nash: Understanding the Security Challenges of Mobile Devices. Getting a tight grip on wireless within the enterprise As enterprises start to adopt wireless technology and begin to pursue the many promises that wireless LANs, PDAs and smartphones represent, security for the enterprise network needs to be addressed. The behaviours and tools of todays hackers These days, it doesn't take a computer expert to become a hacker. There are over 30,000 hacking-oriented sites on the Internet, offering easy to use click-and-hack programs and scripts for anyone to download. These easily accessible hacking tools have opened the door for a multitude of new exploits. Symantec explains importance of 'layered security' As hackers' tools become more sophisticated, and instances of network intrusion become more widespread, every enterprise must strengthen their security measures. Symantec outlines the case for a layered approach to security. Detecting and recovering from a virus incident - Part 1 Virus attacks are on the rise and only look set to get worse in the future. With the reliance of most organisations on IT, this is becoming an issue for all levels of company management. In this guide to virus attacks, John Stone, a principal security consultant for Symantec Security Services, explains how best to assess, research, contain the attack. But first up, how to find out if it really is a virus. Detecting and recovering from a virus incident - Part 2 In part 1 of this series, John Stone, a principal security consultant for Symantec Security Services, explained how best to assess, research, contain virus attacks. In this part he discussed how to purge the infection from your company and how to plan to prevent future such costly attacks. Survey highlights corporate e-security concerns A newly-published report from internet security firm Symantec indicates that the number of online corporate security breaches grew significantly between the first and second halves of 2003 from just one-sixth of companies to one-half. The report identifies which industries are most likely to be attacked and the impact security is having on the emerging mobility market. Symantec Insights: The changing threat landscape Given that the newest threats are spreading too quickly for any response-based security mechanism to stop, and that future threats could make even the Slammer worm seem slow by comparison, it's clear that enterprises must find new ways to protect themselves. Securing the (increasingly) mobile client Enterprise deployments of notebook PCs, tablet PCs, and PDAs continue to grow by leaps and bounds. In fact, researcher Gartner Inc. recently predicted that, by the year 2010, 80 percent of key business processes will involve the exchange of real-time information involving mobile workers. Small wonder, then, that ensuring the security of these miniature powerhouses has emerged as Priority No. 1 at so many organisations. This Symantec article explains specifically why mobile devices are such a threat and what can be done about it. White Paper: Straight Talk About VPN How is a VPN used, Is it right for every business, what to watch for when implementing. Secure remote control and your mobile workforce As researcher Gartner observed in a recent report ("How New IT Support Models Will Affect Vendors and Users," May, 2004), more users are working remotely from their offices or using handheld devices to access corporate data than ever before. Not surprisingly, Gartner noted, remote support for these users has become more complex, because there are more potential causes of problems. This article looks at the ways in which a robust remote control application can enhance a help desk's ability to resolve critical mobile end-user issues quickly and at minimal cost. Free guide: Securing your Intranet and Extranet As intranets and extranets have become more widely deployed, new security challenges have emerged many of which lay unrecognised and unaddressed. These and other issues are reviewed in VeriSign's Guide to Securing Intranet and Extranet servers. Your complimentary copy is available now. Getting fleeced the internet way New look, same old scams; the Internet is attracting plenty of cheats and conmen. Mark Wright looks at the in's and out's of electonic crime - e-fraud, get rich quick schemes, credit card scams and more. Secure communication - Encryption, SSL, PKI explained Opening up the corporation or business with electronic communications has not only created opportunities for closer relationships with customers and partners it has also presented the very real threat of prying eyes getting access to sensitive information. The house of secure e-commerce Building effective online security is like building a house; each component must meet expected standards or the whole edifice will collapse. A good model for planning your organisation's security is the "House of e-Commerce", as explained here in this free white paper. Are you who you say you are? Hi, I'm Marty Verry, from iStart ... at least, that's who this article says I am. Of course, on the Internet, I could be anybody pretending to be Marty Verry. That's one of the biggest barriers to doing business on the web, which is a pity because the web is such an efficient way to deal with most of your company's enquiries and often sales. How to gain people's confidence so they interact with your company online is covered in this free 9-page guide from security specialists VeriSign. e-Commerce on the up, but don't get caught Phishing VeriSign reports the first half of 2004 has been a good one for its customers. Customers have experienced a rise in e-commerce over the first half of this year, so too have they had an uptick in online security events (with phishing events growing particularly fast). VeriSign Secured Seal - get people trusting your site Amid the daily flood of warnings about online scams and fraud it can be difficult for consumers to know what to trust when shopping online or submitting personal information. But not with a VeriSign Security Seal.
READ MORE
READ MORE
READ MORE
READ MORE
READ MORE
READ MORE
READ MORE
READ MORE
READ MORE
READ MORE
READ MORE
READ MORE
READ MORE
READ MORE
READ MORE
READ MORE
READ MORE
READ MORE
