Security concerns top Comdex agenda

[InfoSec News <isn () c4i org>]

http://www.infoworld.com/articles/hn/xml/01/11/12/011112hncomdexwrap.xml

By Ephraim Schwartz, Brian Fonseca, Dan Neel, Stephen Lee, and
Jack Mccarthy 
November 12, 2001 1:01 am PT

VENDORS WILL ATTACK key security problems from various directions this
week in response to peaking interest in new methods for protecting
corporate assets.

As enterprises re-evaluate their needs, a myriad of options are coming
to the fore, ranging from full-service managed security to point
solutions that employ cutting-edge technology, according to industry
analysts and enterprise users.

In a telling initiative, consulting giant EDS will use Comdex to
announce a comprehensive security program that includes cybersecurity,
physical security, business continuity, emergency management planning,
and privacy. The company will also unveil cybersecurity tools and
launch a new effort to deliver a comprehensive package of security
services to airlines and airports. EDS is among the companies pursuing
a fast-growing security consulting model.

IBM Global Services, another leader in security consulting, will make
available this week four expanded managed security offerings for its
Web hosting customers. They include an IDS (intrusion detection
system), firewall, vulnerability assessment and prevention
consultation, and verification services for customers to automate
monitoring of internal systems, according to a company representative.

Narrowly focused security vendors McAfee and Kaspersky Labs will
announce new personal firewalls and anti-virus packages, respectively.
Smart cards, previously the rage in Europe, are gaining ground in the
United States, and companies such as Infinion and ActivCard will
demonstrate technology at Comdex to enhance employee authorization,
computer access, purchasing clearance, and building security.
Biometrics is also gaining attention with vendors such as LG
Electronics, Griffin Technologies, and Siemens Biometrics announcing
new authentication products at the show.

Security has also become a pressing concern at the network level,
particularly with respect to VPNs and wireless networks. Most notably,
Cisco will announce a set of enhancements to its Aironet 350 wireless
LAN security suite. Although not planning to provide a demonstration
at the show, 3Com reports it is readying a strategy to embed security
functions in network access cards that is due for launch in January
2002.

Full-service security

The upswing for IT outsourcing companies such as EDS, KPMG, and
PricewaterhouseCoopers is that enterprises are turning to them to
implement security services amid the complexity and variety of
security offerings, explained Peter Lindstrom, senior analyst for
security strategies at Framingham, Mass.-based Hurwitz Group.

As a result, EDS hopes to tap customer interest at the show, unveiling
three risk-assessment tools: a security-assessment tool, a
privacy-assessment tool, and a third tool designed for insurers to
manage and gauge the level of risk associated with a company's
Web-based data, company officials said. The tools will use current
security and privacy benchmarks created by governmental and academic
organizations to measure compliance. The company will also unveil at
the show additional security services for airlines as well as for
airports.

Dick Brown, EDS chairman and CEO, will set the tone for Comdex with a
keynote address on security. Calling on companies to "decentralize
globally," Brown will tell attendees that it is no longer wise to pool
either key employees or technologies in a few locations. Brown will
also recommend that companies build continuous, parallel applications
and create either mirror sites or parallel processing, especially for
time-sensitive data, company officials said.

"[Post-Sept. 11] security concerns come from more of the senior
management level," said Al Decker, director of privacy and security
services at EDS in Plano, Texas.

In response, EDS will announce at Comdex a CxO-level workshop on
security tailored for specific industries and companies. The company
is also adding a security curriculum for CxOs on its Cyber Security
Web site. "Since Sept. 11, we're getting CxOs calling us directly,"
said an EDS representative.

During Brown's keynote, the company will also demonstrate its Entry
kiosk project to speed the identification of travelers entering and
leaving the country.

Currently used at Ben Gurion Airport in Tel Aviv, Israel, the
biometric device matches the bone structure of a traveler's hand with
the bone-structure data previously recorded and stored on a smart
card. When entering the country, a traveler places his or her hand in
the device, and the data is matched to the smart card and is linked to
the country's immigration system.

Many enterprises have not made a move to the full-service security
model. From an enterprise IT perspective, the full-service offerings
from companies such as EDS, Unisys, or IBM have to be put in the
corporate context of what already exists within the company, according
to J.R. Bibb, innovation advisor for Shell Oil's IT International
group in Houston.

Security concerns may have been somewhat "heightened" at Shell since
Sept. 11, but Shell is always in a state of heightened security, Bibb
said. From an enterprise IT perspective, full-service offerings have
to be put in the corporate context of what already exists within the
company.

Anti-virus innovation

Meanwhile, McAfee.com will use Comdex to introduce its new personal
firewall. Created using graphical visual tracing technology from its
NeoWorx acquisition early this year, the service will be delivered by
the ASP model, company officials said. Available in December, the
personal firewall will offer IDS and access to the hackerwatch.org
database and will provide end-users with increased interaction
features such as MSN pop-up alerts, said Sam Curry, security architect
at Sunnyvale, Calif.-based McAfee.com.

Reminding customers that e-mail spread damage wrought by the Nimda,
Code Red I, and Code Red II viruses, Moscow-based anti-virus vendor
Kaspersky Labs will unveil its new SMTP gateway product at Comdex.
Kaspersky Anti-Virus for SMTP gateways is a software system
administering anti-virus scanning and filtering of all incoming and
outgoing traffic at the SMTP protocol level before it reaches the
e-mail server, according to company CEO Denis Kaspersky.

Getting smart about smart cards

Smart card companies such as ActivCard and Infinion Technologies will
also have representatives at Comdex discussing the importance and
timeliness of the credit-card-size security technology.

The onset of the war on terrorism is generating more interest in smart
cards, according to Rod Stuhlmuller, the vice president of corporate
communications at ActivCard, in Fremont, Calif.

Infinion Technologies will be at Comdex talking about its
fingerprint-sensor technology as much as about its smart card
technology, said Don Malloy, the senior marketing manager for security
integrated circuits at Infinion, in San Jose, Calif.

Infinion provides advanced fingerprint-sensor technology to companies
that then integrate the technology into a wide range of PDAs, laptops,
office devices, and even smart, secure computer mice, Malloy said.

"The early interest is more in the public sector than with private
companies," Malloy said.

Meanwhile, in the biometric space, Munich, Germany-based Siemens
Biometrics will show off its ID Mouse Professional. The device
requires a perfect fingerprint match to provide users with network
access.


 

-
ISN is currently hosted by Attrition.org

To unsubscribe email majordomo () attrition org with 'unsubscribe isn' in the BODY
of the mail.