Welcome Guest. | Log In| Register | Membership Benefits
News In Review

February 15, 1999

More Options For Tighter Security

By Bob Violino with Amy K. Larsen and Beth Davis

The four companies:
  • First Union: Rigorous Standards

  • E-Trade: An Absolute Priority

  • Equifax: Who Goes There?

  • Catholic Healthcare West: Healthy Security
    • I T and security managers have an ever-growing selection of tools and services from which to choose. Some are already effectively protecting databases, Web sites, networks, and other company assets, while tools in development show promise.

    Public key infrastructure technology uses digital certificates to authenticate users and encrypt messages. Encryption "is an extremely powerful tool for protecting an enterprise where systems are inherently open," says Doug Graham, a partner with KPMG Peat Marwick's E-commerce practice in New York. Public key infrastructure technology ensures that the right individual is getting the proper level of access to data.

    Intrusion-detection technologies analyze network use over time, compute metrics about the network, and determine whether an intrusion is occurring based on what is known about normal conditions. These systems can be used for a variety of hardware platforms and different applications. Similarly, vulnerability-detection software scans network firewalls to find weaknesses.

    Operational security products scan networks to make sure all devices and systems adhere to business security standards. They detect hacking systems, such as IP spoofing tools, in real time-when they're infiltrating the network. These products also find systems and devices on the network that don't adhere to security policies. Products that will marry security scanning and network-management collection techniques with data mining technology are also being developed.

    Single sign-on and access-control systems provide users with one ID and password for all their applications. They eliminate the sloppiness inherent with multiple user logons, such as users leaving passwords on monitors. This has become a problem because of the proliferation of client-server applications that require user IDs and passwords.

    Virtual private networks establish secure communications tunnels over private and public networks based on IP. Data moves over what appear to be private networks, with encryption and authorization to provide secure links so users can communicate with business partners.

    Smart cards-essentially very small computers that can hold an extensive amount of information on matters such as access rights-have been slow to catch on, partly because of the high cost of card readers and the lack of industry standards. Some analysts say more companies will use smart cards for network access this year as prices drop.

    Biometric devices that confirm a user's identity based on fingerprints, iris scans, or voice prints are widely viewed as security technologies of the future. The high cost of biometric readers and scanners has slowed adoption, as have protests that the technology is intrusive. Still, many companies are testing products and expect biometrics to be a part of their future security platforms.

    Keyboard ballistics, a technique that identifies users based on their typing rhythms, is particularly promising, says KPMG's Graham.

    "It's not as intrusive as some other biometric methods, and you don't need extra equipment such as a fingerprint reader."

    Return to main story, "Security: An E-Biz Asset."




    Back to This Week's Issue

    Send Us Your Feedback

    Top of the Page