Analysts at Gartner symposium discuss top security issues
MARCH 27--Many companies are trying to find products that will suit their security/surveillance needs, according to Gartner Inc. (Stamford, CT; www.gartner.com)at its Gartner Symposium/ITxpo 2003, taking place this week in San Diego, CA. While companies try to determine their security priorities, Gartner analysts have identified top security issues for 2003. They include
-- Web services security--Web services will lead to discontinuities in how new applications will be secured. Companies should take a cautious approach to Web-services deployment across the enterprise perimeter in 2003.
-- Wireless LAN security--Insecure wireless LANs represent a serious point of potential failure for company networks. A minimovement to find and mark free wireless Internet access locations primarily causes theft of service.
-- Identity management and provisioning--Identity theft is a rampant cybercrime mostly accomplished via pedestrian means, but directory network service, social engineering, and denial-of-service attacks remain threats that companies must address.
-- Role of security platforms and intrusion prevention systems--Intrusion detection systems (IDS) continue to evolve, particularly in correlation technologies to improve alerts, but also in an evolution toward prevention and forensics.
-- Correlation of events for reporting/monitoring/managing consoles--It's important to know what's going on and determine if an attack or a problem occurring on one portion of the network is related to a problem on another network segment.
-- Instant messaging security--The ubiquity of this basic collaborative tool is creating worrisome "holes." Seeking any open port, instant messaging and other peer-to-peer programs can put networks and information at risk.
-- Homeland Security (industry-specific)--The impact of homeland security in the United States has not yet been felt in many industry sectors.