RE: Is VMS losing the Financial Sector, also?
- From: "Main, Kerry" <Kerry.Main@xxxxxx>
- Date: Sun, 8 Jul 2007 09:07:40 -0400
-----Original Message-----
From: Paul Raulerson [mailto:paul@xxxxxxxxxxxxxx]
Sent: July 8, 2007 7:41 AM
To: Main, Kerry; Info-VAX@xxxxxxxxxxxx
Subject: RE: Is VMS losing the Financial Sector, also?
-----Original Message-----
From: Main, Kerry [mailto:Kerry.Main@xxxxxx]
Sent: Sunday, July 08, 2007 6:11 AM
To: Info-VAX@xxxxxxxxxxxx
Subject: RE: Is VMS losing the Financial Sector, also?
[lots of good stuff snipped...]
And remember all of those employee laptops, PDAs which just camefrom
home, airports, conferences, hotels etc and are now plugging*directly*
into your internal network loaded with the latest "buggies"looking for
known security holes in servers.
Are you still finding major shops practicing this form of slow
suicide? Good
grief, this requirement is one of the reasons we moved to terminal
servers -
any laptop on the network has to be plugged in OUTSIDE the
firewalls. No
exceptions, not even for the CEO.
-Paul
Anyone who uses a personal device externally (laptop, PDA, memory stick
at home, airport, hotel, conference) and then brings it in to work at
the office (including the CEO).
This likely applies to about 20-30% of today's typical workforce. And
this number is getting higher as companies move to adopt "flex work"
strategies that states flex workers do not have a dedicated cubicle.
Instead, when in the office, they use one of the common workstation area
that is shared among x workers. The concept is 10 shared WS areas can
support 25-40 Sales, Consultants and other Cust facing employees as most
are not in the office at any given time. More often than not, the
employee is expected to use a company provided laptop instead of a local
WS.
Key here is that the dedicated WS is rapidly shrinking in favour of
mobile laptops - and that includes senior Execs who like being able to
pick up their laptop with all their important files/emails and just go
wherever they have to go (home, airport, hotel, conference).
And new PDA's (crackberries etc) have Bluetooth and other wireless
access, so when in the office, their favourite PDA can access the local
network directly. While laptops will have personal FW/AV sw installed,
how many of these PDA's (miniature laptops) are running anything like
Norton or McAfee?
None. I like to compare these PDAs with wireless access to cigarettes
with no filters. (For those to young to remember, these were reaaaallly
bad for your health).
[Fwiw, I use a laptop personal FW/AV on my company laptop, but when I
run Ad-aware or Spybot, they always seem to find stuff that needs to be
deleted anyway]
Course, when mobile employees get back into their office, they simply
plug these personal devices (laptops, PDAs etc) in to the local office
internal network, pickup a DHCP supplied address and away they go -
accessing internal applications and systems on the "secure" side of the
external firewall with all the buggies they picked up externally happily
crunching away in the background on these devices.
This is an issue faced by all Cust's and vendors today.
Note - there are ways to minimize (not eliminate) these risks, but very
few companies are really tackling this issue head on.
:-)
Its also why well documented and known security holes that are not
addressed on the server side are so potentially damaging to any company.
Especially when attacks are getting much more sophisticated i.e. you may
not even know that sensitive data is quietly migrating from some
internal system to some external competitor or bad guy.
In the past, the hackers would brag, perhaps an external web site was
modified, there would be a public fuss, the hole would get closed and
everyone went back to business as usual.
Today, you hear nothing, but data is quietly migrating away and the
recipients do not brag or tell anyone but their closest buddies so the
data gets used in ways which likely is not in the best interest of your
company or Govt dept. Banks and stock exchanges etc are likely the
biggest target, but other markets like medical, telecommunications,
manufacturing etc are also at risk big time.
As I mentioned before, the Internet is often the least of your worries.
So, think about this when you consider implementing a server platform
that has 5-20+ security patches released each and *every* month. (RH
Linux had 71 in May, June of this year alone).
Regards
Kerry Main
Senior Consultant
HP Services Canada
Voice: 613-592-4660
Fax: 613-591-4477
kerryDOTmainAThpDOTcom
(remove the DOT's and AT)
OpenVMS - the secure, multi-site OS that just works.
.
- Prev by Date: Re: RAID (was: Is VMS losing the Financial Sector, also?)
- Next by Date: Re: XML for VMS
- Previous by thread: Re: Is VMS losing the Financial Sector, also?
- Next by thread: RE: Is VMS losing the Financial Sector, also?
- Index(es):
Relevant Pages
|
