informa
/
1 MIN READ
News

Gartner IDs 'Over-Hyped' Security Threats

Some of these security threats have made companies unnecessarily hesitant to roll out new technologies, such as Internet telephony and wireless networks.
Over-hyped security threats have made companies unnecessarily hesitant to roll out new technologies, such as Internet telephony and wireless networks, a research firm said Wednesday.

With Internet protocol, or IP, telephony, the system can be secured with very similar methods used in securing a data-only environment. IP telephony eavesdropping is the most over-hyped threat, since the attacker would have to be inside the company and on its local area network, Gartner analyst said during the firm's IT Security Summit in Washington, D.C.

"Enterprises that diligently use security best practices to protect their IP telephony servers should not let these threats derail their plans," Gartner analyst Lawrence Orans said in a statement. "For these enterprises, the benefits of IP telephony far outweigh any security risks."

On the use of wireless Internet access through Wi-Fi, Gartner said enterprise can equip and educate mobile workers with the tools and knowledge to mitigate the threats and increase productivity via hot spot usage.

Employee also can use client-based software, such as from AirDefense, AirMagnet and T-Mobile's Connection Manager, to validate the access point's identity and thereby reduce the risk of connecting to a hacker's access point.

"Mobile uses in hot spots should utilize their corporate (virtual private network) connection to protect traffic as it travels through the Internet," analyst John Pescatore said. "Mobile users in hotspots should use personal firewalls and turn off file/print sharing to protect their endpoints from data theft."

Editor's Choice
Samuel Greengard, Contributing Reporter
Cynthia Harvey, Freelance Journalist, InformationWeek
Carrie Pallardy, Contributing Reporter
John Edwards, Technology Journalist & Author
Astrid Gobardhan, Data Privacy Officer, VFS Global
Sara Peters, Editor-in-Chief, InformationWeek / Network Computing