Lenovo ThinkCentre A51p IDC white paper titled "The Coming of Age of Clie - Page 4

secured. Good mainframe security implementations, particularly at the procedural

Get Lenovo ThinkCentre A51p PDF manuals and user guides View all Lenovo ThinkCentre A51p manuals
Add to My Manuals
Save this manual to your list of manuals

Page 4 highlights

and a denial-of-service attack on the Internet's 13 root servers successfully crippled traffic on the Internet as recently as October 2002. This attack has been connected to cyberterror, and IDC is expecting at least one major cyberterror attack on the Internet infrastructure in the not-too-distant future. In addition, as wireless installations, home networks, and hotspots become more common, the opportunities for client penetration are only increasing. Many users don't even turn on the encryption available on their wireless connections. Picking traffic out of the air is commonplace, albeit mostly harmless. Nonetheless, on occasion, the crown jewels are exposed. Of course, awareness and concern about security issues have risen among corporate executives since September 11, but a steady drumbeat of increasing Internet fraud and identity theft has been rising in the background as well. The multiple directions from which cyberdanger can come are among the main worries of IT managers. Access control and authentication are key for enterprises with remote employees. Physical security remains a hot topic, particularly as devices are becoming smaller and more mobile. Although IDC surveys show that IT executives in companies engaged in ebusiness activity have always led others with respect to security, awareness and implementation are beginning to become more mainstream for enterprise networks. Security has moved from the global realm of total systems, such as the public key infrastructure (PKI), which require cooperation and trust among multiple entities, and focused on the more immediate task of authenticating users at the point of entry and encrypting local files. While at the highest level most of the attention to security is focused on protecting the information of greatest value to the corporation - financial, personnel, and proprietary technical data - whether it lies in the mainframe, on the network, or in clients, at the low level of client protection most of the focus has shifted to ensuring that the cordon sanitaire is unbroken at the access point and that user files are secured. Good mainframe security implementations, particularly at the procedural level, have been in place for a long time. Network security, which makes use of techniques such as intrusion detection and firewalls, is primarily concerned with availability and integrity. Client security is now extending from antivirus products and limited password controls to robust authentication methods and protection of intellectual property. THE IMPORTANCE OF THE CLIENT TO OVERALL SECURITY INFRASTRUCTURE Security in a networked environment is achieved by deployment of a full set of protective measures. These measures include software-based perimeter defenses and antivirus software, which, deployed on both servers and clients, help protect computing assets from destruction, and hardware-based authentication and encryption tools, which guard against privacy loss, identity theft, and data tampering. Almost all clients now have user log-ins and passwords, but these limited protections are sometimes left unchanged by the user from the manufacturers' uniform settings - often common words such as "user" and "password" or just plain blank. And if the password has been set properly (i.e., to a longish string, say, of at least eight characters, of mixed letters and numbers that do not make up any common words), a malicious hacker can still enter the system using a "hammering" algorithm such as L0PHT, which, by trying a multitude of combinations of characters in rapid fire, can crack open a standard corporate PC password like a coconut in less than a minute. More primitive client password schemes - still used in Windows 95 and 98 installations - can simply be bypassed by hitting the Escape key. 4 #3577 ©2003 IDC

  • 1
  • 2
  • 3
  • 4
  • 5
  • 6
  • 7
  • 8
  • 9
  • 10
  • 11
  • 12
  • 13
  • 14
  • 15
  • 16
4
#3577
'2003 IDC
and a denial-of-service attack on the Internet’s 13 root servers successfully crippled
traffic on the Internet as recently as October 2002. This attack has been connected to
cyberterror, and IDC is expecting at least one major cyberterror attack on the Internet
infrastructure in the not-too-distant future.
In addition, as wireless installations, home networks, and hotspots become more
common, the opportunities for client penetration are only increasing. Many users don’t
even turn on the encryption available on their wireless connections. Picking traffic out
of the air is commonplace, albeit mostly harmless. Nonetheless, on occasion, the
crown jewels are exposed.
Of course, awareness and concern about security issues have risen among corporate
executives since September 11, but a steady drumbeat of increasing Internet fraud
and identity theft has been rising in the background as well. The multiple directions
from which cyberdanger can come are among the main worries of IT managers.
Access control and authentication are key for enterprises with remote employees.
Physical security remains a hot topic, particularly as devices are becoming smaller
and more mobile.
Although IDC surveys show that IT executives in companies engaged in ebusiness
activity
have
always
led
others
with
respect
to
security,
awareness
and
implementation are beginning to become more mainstream for enterprise networks.
Security has moved from the global realm of total systems, such as the public key
infrastructure (PKI), which require cooperation and trust among multiple entities, and
focused on the more immediate task of authenticating users at the point of entry and
encrypting local files.
While at the highest level most of the attention to security is focused on protecting the
information of greatest value to the corporation ° financial, personnel, and
proprietary technical data ° whether it lies in the mainframe, on the network, or in
clients, at the low level of client protection most of the focus has shifted to ensuring
that the
cordon sanitaire
is unbroken at the access point and that user files are
secured. Good mainframe security implementations, particularly at the procedural
level, have been in place for a long time. Network security, which makes use of
techniques such as intrusion detection and firewalls, is primarily concerned with
availability and integrity. Client security is now extending from antivirus products and
limited password controls to robust authentication methods and protection of
intellectual property.
THE IMPORTANCE OF THE CLIENT TO OVERALL
SECURITY INFRASTRUCTURE
Security in a networked environment is achieved by deployment of a full set of
protective measures. These measures include software-based perimeter defenses
and antivirus software, which, deployed on both servers and clients, help protect
computing
assets
from
destruction,
and
hardware-based
authentication
and
encryption tools, which guard against privacy loss, identity theft, and data tampering.
Almost all clients now have user log-ins and passwords, but these limited protections
are sometimes left unchanged by the user from the manufacturers’ uniform settings
° often common words such as "user" and "password" or just plain blank. And if the
password has been set properly (i.e., to a longish string, say, of at least eight
characters, of mixed letters and numbers that do not make up any common words), a
malicious hacker can still enter the system using a "hammering" algorithm such as
L0PHT, which, by trying a multitude of combinations of characters in rapid fire, can
crack open a standard corporate PC password like a coconut in less than a minute.
More primitive client password schemes ° still used in Windows 95 and 98
installations ° can simply be bypassed by hitting the Escape key.