Security, the Way It Should Be

[InfoSec News <isn () C4I ORG>]

http://www.computerworld.com/cwi/story/frame/0,1213,NAV47_STO46810,00.html

July 10, 2000
BY DEBORAH RADCLIFF

Today, security is often provided by patched-together, reactionary
defenses, which many see as an inhibitor to business. In order to take
their rightful place as a business enabler, security systems must
provide distributed, real-time, flexible defenses against attacks.

What if IT managers discovered a magic way to shield e-commerce from
all things illegal, such as online credit-card heists,
denial-of-service attacks, Web page destruction, viruses and data
thefts?

Achieving all that doesn't take a magic wand. What it does take is
changing how your organization thinks about security so that the lines
between security and business processes no longer exist.

It also takes an evolutionary restructuring of the security
infrastructure. The goal: proactive, scalable and flexible security
that can easily accommodate new applications, mergers and network
changes.

"The vast majority of network plumbing gear in use today is
misconfigured. We see it all the time with our clients. They bring a
wire from the Internet to a switch that carries traffic to both the
internal LAN and the Web server," says Stefan Jon Silverman, master
technologist at Scient Corp. in San Francisco, which builds e-commerce
applications for clients.

"But if you get it right - access control lists and rigid enforcement
of traffic routing - nobody from the Web server can see into the
internal machines," he says.

What do information security professionals want in this replumbed,
business-enabling security model?

[...]

ISN is hosted by SecurityFocus.com
---
To unsubscribe email LISTSERV () SecurityFocus com with a message body of
"SIGNOFF ISN".