Lenovo ThinkPad R40 Summary of IDC white paper titled "The Coming of Age - Page 1
Lenovo ThinkPad R40 Manual
View all Lenovo ThinkPad R40 manuals
Add to My Manuals
Save this manual to your list of manuals |
Page 1 highlights
The Coming of Age of Client Security Technology The Need to Secure the Network's Point of Entry - the Desktop or Notebook Client - Becomes More Visible to Executive Management Analyst: Roger L. Kay A lthough security technology has progressed tremen- unknown proportions - the degree of penetration was dif- dously over time, awareness of the need for security on the ficult to assess - a hacker from St. Petersburg, the intel- part of people who use computers - both consumers and lectual seat of the old Soviet Union, broke into Microsoft's businesspeople - has not in general kept pace. Essen- network and absconded with a large number of important tially, there is plenty of technology on hand, but the under- files, including, purportedly, an unknown quantity of Win- standing of what it does and how to use it has lagged. dows source code files. Naturally, Microsoft never adver- However, much has changed since the attacks of Septem- tised the extent of the damage - if, indeed, it is actually ber 11th. CEOs and IT managers everywhere drew known. And if a company at the epicenter of the informa- lessons from the differing tion technology business is fates of companies that had vulnerable (and by infer- backup and restore procedures and those that didn't. Lunchtime Attacks ence should know better), truly, no company is safe Data recovery is, of course, The Microsoft intrusion was a so-called "lunchtime from attack. only one piece of the security pie, but as political tensions have increased on the macro level, this and other security concerns have risen in visibility with top managers. "To what degree is our data - and therefore our business - safe?" CEOs are now asking in ever greater numbers and with increasing vehemence. "Just where are we with security?" they want to know of their CIOs. attack," named for the archetypical scenario in which an employee goes out to lunch, leaving his or her computer on, and an intruder simply sits down at the absent worker's desk to feast on whatever privileges that user enjoys, including access to files, programs, and services. Without having to resort to social engineering, a lunchtime attack can be thwarted quite easily by a variety of authentication methods based on client-level hardware encryption. For example, the operating system can be set to lock out access after a short period of time if it receives no further input and be reactivated only via biometric recognition, a proximity badge, or both, eliminating the need for passwords, which can be forgotten or stolen. If the network had been able to interrogate the The security threat is growing in several dimensions at once. The amount of value flowing across the network - in the form of actual money, but also business plans, intellectual property, and strategic documents - is rising by leaps and bounds. And value is at risk in less obvious ways. A reputation can be damaged irreparably by an attack, business can be lost as a result of down time, and the This shift in attitude repre- remote client to find out whether or not it was autho- trust on which ebusiness is sents an evolution from the rized, Microsoft would likely have been able to prevent based can be destroyed pre-September 11th state, the attack. Had appropriate fail safes been in place, the permanently. Identity theft, which was characterized by hack would likely not have been successful. which has become a verita- a vague awareness of some ble cottage industry, must subset of security issues, be added to the growing list but a misunderstanding of the complete security picture of imaginative crimes. In addition, malicious hackers are and a widespread lack of adoption and deployment. getting more sophisticated. Malevolent programmers are not only figuring out more effective ways to harm busi- Now managers are beginning to assess their vulnerability nesses and individuals, but they are also publishing their and to ask what their alternatives are. tricks on Web sites for other less creative, but perhaps In most corporations, the security infrastructure is still more vindictive, people to find and use. inadequate and full of holes. Even the most sophisticated organizations are vulnerable. In one incident, widely reported in the press, that had an impact of major but In this environment, client security can be one of weakest links in the chain. Despite the availability of operating systems with improved security features, desk- 5 Speen Street • Framingham, MA 01701 • Phone (508)872-8200 • Fax (508)935-4015