Security News > 2000 > July > Security, the Way It Should Be

Security, the Way It Should Be
2000-07-11 06:51

http://www.computerworld.com/cwi/story/frame/0,1213,NAV47_STO46810,00.html July 10, 2000 BY DEBORAH RADCLIFF Today, security is often provided by patched-together, reactionary defenses, which many see as an inhibitor to business. In order to take their rightful place as a business enabler, security systems must provide distributed, real-time, flexible defenses against attacks. What if IT managers discovered a magic way to shield e-commerce from all things illegal, such as online credit-card heists, denial-of-service attacks, Web page destruction, viruses and data thefts? Achieving all that doesn't take a magic wand. What it does take is changing how your organization thinks about security so that the lines between security and business processes no longer exist. It also takes an evolutionary restructuring of the security infrastructure. The goal: proactive, scalable and flexible security that can easily accommodate new applications, mergers and network changes. "The vast majority of network plumbing gear in use today is misconfigured. We see it all the time with our clients. They bring a wire from the Internet to a switch that carries traffic to both the internal LAN and the Web server," says Stefan Jon Silverman, master technologist at Scient Corp. in San Francisco, which builds e-commerce applications for clients. "But if you get it right - access control lists and rigid enforcement of traffic routing - nobody from the Web server can see into the internal machines," he says. What do information security professionals want in this replumbed, business-enabling security model? [...] ISN is hosted by SecurityFocus.com --- To unsubscribe email LISTSERV () SecurityFocus com with a message body of "SIGNOFF ISN".


News URL

http://www.computerworld.com/cwi/story/frame/0,1213,NAV47_STO46810,00.html