ITWeb’s
annual BI conference is the meeting place for anyone in BI. Hear
from international decision management expert James Taylor,
plus 8 case studies, including FNB, Standard Bank, Shoprite and SARS.
Don't
miss out on THE annual meeting place for all those involved in the BI
space.
Secure your
place
today!
[Johannesburg,
9 March 2006] - Vendors are at
fault for not allowing IT departments to monitor their own networks
and for trying to sell unnecessary technology to make profit. This
has contributed to security problems within companies.
This is according to Fred Baumhardt, Microsoft security
technology architect, speaking at the ITWeb Security Summit in
Bryanston this morning.
Photo: Jacque Cochrane
The
security industry is like a bunch of Band Aid vendors trying
to treat a cancer patient, says Fred Baumhardt, Microsoft
security technology architect.
“The IT world has not been architecturally changed for the last 20
years, and IT as an industry has an architectural problem.”
Baumhardt said it was a major problem that 20-year-old
architecture was expected to sustain newer technologies such as
mobile technologies and SMTP protocol, which he described as
fundamentally flawed.
“Our networks are open,” he warned. “Most security
technologies offered are reactive rather than proactive.”
Baumhardt also pointed a finger at vendors, noting that security
is a business, and vendors often try to manufacture a need to sell a
solution.
He said vendors like Microsoft, Sun and Oracle have not allowed
users to monitor what is going on in their networks 24x7,
contributing to security problems. “We are running blind,” he
said, referring to IT departments' inability to monitor their own
networks.
The problem with the IT world today is that we are not attending
to the root causes of what's hurting. “The security industry is
like a bunch of Band Aid vendors trying to treat a cancer
patient,” he said.
He also noted that faster networks mean faster spread of
infection.
Discussing Microsoft's own security, Baumhardt said it has
‘de-perimeterised' its networks for better security.
“We at Microsoft have ‘de-perimeterised' our network,
everything is DMZs [demilitarised zones or perimeter network areas
between an organisation's internal network and an external
network].”
He said virtual private networks have, along with wireless
networking, essentially caused the disappearance of the traditional
concept of a network perimeter.
“Traditional packet-filtering firewalls block only network
ports and computer addresses, but most modern attacks occur at the
application layer – thus invalidating many defences.”
Baumhardt said external threats are far from the only security
problems in companies, citing as an example employees bringing
laptops into the organisation with whatever they have downloaded
from the Internet at home.
Organisations cannot focus only on perimeter control, he noted.
“It would be like SA tripling border controls but scrapping the
police force.”
According to Baumhardt, some of the major network security
threats are posed by poor network security equipment, legacy
architecture and thinking; high privilege among users; poor
management and an understaffed IT department; and poor monitoring of
the network.
