Knocking off the nasties

SAFEGUARDING DATA Dealing with data leakage is another problem gaining recognition. According to EMC Asia-Pacific and Japan software managing consultant, Paul Ricketts, information security shouldn't just be about protecting the network perimeter.

"Perimeter-based security isn't the be-all and end-all in protecting info," he said. "It is necessary, but the real value comes in introducing info-centric security which recognises the value of the information." Traditional solutions missed the real issue, Ricketts said, because they assumed content was static. "Content has a lifecycle; information is in constant motion, so we need to protect confidentiality and integrity," he said. "Information-centric security protects the info as it moves throughout its lifecycle. It helps apply the right policy at the right time." EMC is one of several vendors looking to secure data through information rights management (IRM). The technology uses business rules around access and content to protect data. Ricketts said IRM was driven by the growing incidence of executive communication leaks, intellectual property theft, the loss and theft of sensitive customer data, and email protection and discovery.

"We're building rings around the information to keep the bad guys out," he said. "We're also assuming the bad guys are already in an organisation. It might be a hacker or a c-level employee who has no common sense."

Websense country manager, Joel Camissar, agreed data leakage was a hot opportunity for resellers. He cited global IDC figures which predicted solutions catering to the market would grow from $US194 million in 2007 to $US434 million by 2009.

Websense plans to launch product to address this category early next year. These will feature access and control, as well as fingerprinting technologies, to ensure document protection.

"Australian organisations are concerned about losing intellectual property," he said. "We need to deal with the loss of data on every single end point of the network."

THE INSIDER THREAT

Part of this equation was ensuring businesses consider the risks within their four walls, as well as build a perimeter-based fortress approach to protect the enterprise. According to industry experts, insiders are four times more likely to be the cause of data breaches than outsiders. The portable media boom has also made the enterprise perimeter more porous than ever because remote workers are using enterprise equipment outside the relative safety of the workplace. Newbase's Cartwright said customers are now making information security a top priority. "In the past few years we've seen a real change in mindset and a strong need to protect data and customer info," he said. "People are now conscious about things such as identity theft, and want to make sure the information and access to it is not misused."

The demand for remote access is fuelling the data leakage discussion, Cartwright said. The Reef Hotel, for example, plans to take advantage of Sophos' licence and extend protection to the home PCs of its employees.

"It's important to sort out who can access the systems and how you manage it," he said. "Secure remote access is generating interest as more organisations extend their reach to give staff access from home or on the road."

MICROSOFT JUMPS IN

Microsoft's move into the secure content management game (SCM) this year highlighted another shift in security thinking. The software giant released its OneCare consumer security suite in the US in June. The automatic and self-updating PC care service aims to help consumers protect and maintain their PCs. Local rollout is not yet confirmed, but expected next year, according to Microsoft Australia chief security advisor, Peter Watson.

Symantec has traditionally been the goliath of SCM. Other players include Trend Micro, McAfee, CA and Sophos. New products which have been launched in response to Microsoft's OneCare play include McAfee's Total Protection subscription-based service, and Symantec's forthcoming Norton 360.

"Microsoft's push into security has future implications on commoditising some of the SCM point products," IDC's Bihammar said.

Symantec's Donovan said Microsoft's move to jump into the ring would make waves in the SCM space. But McAfee's Struthers said the software giant's security push had been expected. "They are just another player. The current offerings are at the consumer end. With enterprise, it is a waitand- see approach," he said.

Microsoft has also revitalised security policies for its forthcoming OS release, Windows Vista. The improvements stem from its security development lifecycle (SDL) process which sees the company's software and solutions built from the ground up to reduce security risk.

Developments include new anti-spyware (Windows Defender); Windows firewall; a malicious software removal tool; hardware-enabled data protection (BitLocker Drive Encryption); USB protection; and smartcard-log-on authentication.

On the USB front, Windows Vista enables IT administrators to use Group Policy to manage or block the installation of unsupported or unauthorized devices, Bihammar said. Other security moves include building security into its applications (for example, phishing filter in Internet Explorer 7), and releasing a range of identity and access management offerings.

Sophos' Forsyth predicted Microsoft's moves would boost market security awareness in general. "Microsoft's entry into the market is a positive step," he said. "If an OS manufacturer focuses on security, it will decrease the number of vulnerabilities that exist in its product set."

Whatever the outcome, it would be an interesting battle, IDC's Bihammar said.