[ISN] Security concerns top Comdex agenda

From: InfoSec News (isnat_private)
Date: Mon Nov 12 2001 - 23:47:21 PST

  • Next message: InfoSec News: "Re: [ISN] Linux snares security tool"

    By Ephraim Schwartz, Brian Fonseca, Dan Neel, Stephen Lee, and
    Jack Mccarthy 
    November 12, 2001 1:01 am PT
    VENDORS WILL ATTACK key security problems from various directions this
    week in response to peaking interest in new methods for protecting
    corporate assets.
    As enterprises re-evaluate their needs, a myriad of options are coming
    to the fore, ranging from full-service managed security to point
    solutions that employ cutting-edge technology, according to industry
    analysts and enterprise users.
    In a telling initiative, consulting giant EDS will use Comdex to
    announce a comprehensive security program that includes cybersecurity,
    physical security, business continuity, emergency management planning,
    and privacy. The company will also unveil cybersecurity tools and
    launch a new effort to deliver a comprehensive package of security
    services to airlines and airports. EDS is among the companies pursuing
    a fast-growing security consulting model.
    IBM Global Services, another leader in security consulting, will make
    available this week four expanded managed security offerings for its
    Web hosting customers. They include an IDS (intrusion detection
    system), firewall, vulnerability assessment and prevention
    consultation, and verification services for customers to automate
    monitoring of internal systems, according to a company representative.
    Narrowly focused security vendors McAfee and Kaspersky Labs will
    announce new personal firewalls and anti-virus packages, respectively.
    Smart cards, previously the rage in Europe, are gaining ground in the
    United States, and companies such as Infinion and ActivCard will
    demonstrate technology at Comdex to enhance employee authorization,
    computer access, purchasing clearance, and building security.
    Biometrics is also gaining attention with vendors such as LG
    Electronics, Griffin Technologies, and Siemens Biometrics announcing
    new authentication products at the show.
    Security has also become a pressing concern at the network level,
    particularly with respect to VPNs and wireless networks. Most notably,
    Cisco will announce a set of enhancements to its Aironet 350 wireless
    LAN security suite. Although not planning to provide a demonstration
    at the show, 3Com reports it is readying a strategy to embed security
    functions in network access cards that is due for launch in January
    Full-service security
    The upswing for IT outsourcing companies such as EDS, KPMG, and
    PricewaterhouseCoopers is that enterprises are turning to them to
    implement security services amid the complexity and variety of
    security offerings, explained Peter Lindstrom, senior analyst for
    security strategies at Framingham, Mass.-based Hurwitz Group.
    As a result, EDS hopes to tap customer interest at the show, unveiling
    three risk-assessment tools: a security-assessment tool, a
    privacy-assessment tool, and a third tool designed for insurers to
    manage and gauge the level of risk associated with a company's
    Web-based data, company officials said. The tools will use current
    security and privacy benchmarks created by governmental and academic
    organizations to measure compliance. The company will also unveil at
    the show additional security services for airlines as well as for
    Dick Brown, EDS chairman and CEO, will set the tone for Comdex with a
    keynote address on security. Calling on companies to "decentralize
    globally," Brown will tell attendees that it is no longer wise to pool
    either key employees or technologies in a few locations. Brown will
    also recommend that companies build continuous, parallel applications
    and create either mirror sites or parallel processing, especially for
    time-sensitive data, company officials said.
    "[Post-Sept. 11] security concerns come from more of the senior
    management level," said Al Decker, director of privacy and security
    services at EDS in Plano, Texas.
    In response, EDS will announce at Comdex a CxO-level workshop on
    security tailored for specific industries and companies. The company
    is also adding a security curriculum for CxOs on its Cyber Security
    Web site. "Since Sept. 11, we're getting CxOs calling us directly,"
    said an EDS representative.
    During Brown's keynote, the company will also demonstrate its Entry
    kiosk project to speed the identification of travelers entering and
    leaving the country.
    Currently used at Ben Gurion Airport in Tel Aviv, Israel, the
    biometric device matches the bone structure of a traveler's hand with
    the bone-structure data previously recorded and stored on a smart
    card. When entering the country, a traveler places his or her hand in
    the device, and the data is matched to the smart card and is linked to
    the country's immigration system.
    Many enterprises have not made a move to the full-service security
    model. From an enterprise IT perspective, the full-service offerings
    from companies such as EDS, Unisys, or IBM have to be put in the
    corporate context of what already exists within the company, according
    to J.R. Bibb, innovation advisor for Shell Oil's IT International
    group in Houston.
    Security concerns may have been somewhat "heightened" at Shell since
    Sept. 11, but Shell is always in a state of heightened security, Bibb
    said. From an enterprise IT perspective, full-service offerings have
    to be put in the corporate context of what already exists within the
    Anti-virus innovation
    Meanwhile, McAfee.com will use Comdex to introduce its new personal
    firewall. Created using graphical visual tracing technology from its
    NeoWorx acquisition early this year, the service will be delivered by
    the ASP model, company officials said. Available in December, the
    personal firewall will offer IDS and access to the hackerwatch.org
    database and will provide end-users with increased interaction
    features such as MSN pop-up alerts, said Sam Curry, security architect
    at Sunnyvale, Calif.-based McAfee.com.
    Reminding customers that e-mail spread damage wrought by the Nimda,
    Code Red I, and Code Red II viruses, Moscow-based anti-virus vendor
    Kaspersky Labs will unveil its new SMTP gateway product at Comdex.
    Kaspersky Anti-Virus for SMTP gateways is a software system
    administering anti-virus scanning and filtering of all incoming and
    outgoing traffic at the SMTP protocol level before it reaches the
    e-mail server, according to company CEO Denis Kaspersky.
    Getting smart about smart cards
    Smart card companies such as ActivCard and Infinion Technologies will
    also have representatives at Comdex discussing the importance and
    timeliness of the credit-card-size security technology.
    The onset of the war on terrorism is generating more interest in smart
    cards, according to Rod Stuhlmuller, the vice president of corporate
    communications at ActivCard, in Fremont, Calif.
    Infinion Technologies will be at Comdex talking about its
    fingerprint-sensor technology as much as about its smart card
    technology, said Don Malloy, the senior marketing manager for security
    integrated circuits at Infinion, in San Jose, Calif.
    Infinion provides advanced fingerprint-sensor technology to companies
    that then integrate the technology into a wide range of PDAs, laptops,
    office devices, and even smart, secure computer mice, Malloy said.
    "The early interest is more in the public sector than with private
    companies," Malloy said.
    Meanwhile, in the biometric space, Munich, Germany-based Siemens
    Biometrics will show off its ID Mouse Professional. The device
    requires a perfect fingerprint match to provide users with network
    ISN is currently hosted by Attrition.org
    To unsubscribe email majordomoat_private with 'unsubscribe isn' in the BODY
    of the mail.

    This archive was generated by hypermail 2b30 : Tue Nov 13 2001 - 02:14:59 PST