Lenovo ThinkCentre A51 IDC white paper titled "The Coming of Age of Clien - Page 5
T H E A D V E N T O F E C O ME R C E A N D T H E R I S E I N T H E, V A L U E O F D A T
View all Lenovo ThinkCentre A51 manuals
Add to My Manuals
Save this manual to your list of manuals |
Page 5 highlights
And even with the best of intentions, IT departments do not always upgrade all their systems with the latest security patches, sent out by application, antivirus, and operating systems companies when they discover flaws that allow outside penetration. The hacker community knows about these flaws and cruises the Internet, looking for systems that lack the updates. Once inside the network via a vulnerable client node, a hacker with malevolent intent has all the privileges accorded the legitimate user of that client: access to files, programs, system resources, and, potentially, other users' PCs. And if the hacker is sufficiently sophisticated, he may be able to grant himself privileged status and get at the most sensitive areas of the network, turning computer after computer into a captive resource. From this position, he can destroy or alter files, corrupt programs, erase nonvolatile storage devices, and co-opt system resources to carry on further mayhem. Thus, even if other security measures - such as physical access control, firewalls, network security, software security, database encryption, and server-level intrusion detection - have been instituted, the client node may represent a weak point in the corporation's armor. Improved authentication on all nodes would help mitigate this situation. No network is safer than its least-secure node. A full security perimeter necessarily involves a solid defense at the client level. THE ADVENT OF ECOMMERCE AND THE RISE IN THE VALUE OF DATA Why should client security matter more now than it has in the past? Until recently, few organizations had a need for systematic data security. Banks and other financial institutions had to ensure end-to-end security for storing and moving money around over wires. Certain government agencies could only operate in an impregnable data fortress. But the volume of valuable data being stored and transmitted by most firms was relatively low. All that is being changed by the advent of electronic commerce. A tremendous amount of value is already flowing through the Internet. And far more is coming. IDC estimates that the value of Internet commerce was $50 billion in 1999, and this figure will grow by several orders of magnitude to $1.7 trillion worldwide in 2003 (see Figure 1). This value takes many forms. For individuals, the stakes range from credit card number loss to identity theft. But for corporations and governments, the value of the intellectual property inside the computer can be astronomical and, as in the Microsoft case, sometimes incalculable. However large the threat is to individuals, it is far greater to corporations. In the corporate world, there are a host of values to be lost - money, first and foremost. Fraudulent actions can be enormous, in the tens of millions of dollars in a single transaction. Value is also represented by nonfinancial assets, such as intellectual property, business plans, and strategic documents. Pilferage of corporate secrets could lead to a loss of competitive advantage, potentially condemning a firm to death by slow strangulation. Once inside the network via a vulnerable client node, a hacker with malevolent intent has all the privileges accorded the legitimate user of that client: access to files, programs, system resources, and, potentially, other users' PCs. ©2003 IDC #3577 5