|
Industry
Note
The
Insecurity of Network Security
As corporations
grow more dependent on technology, the concern for the state
of network and Internet security also grows. Corporations
today rely on their "always on" networks for everything
from housing confidential and corporate information to the
connecting of mobile users, to running business-critical operations.
As a result, IT administrators are put in the position of
guarding and maintaining the very livelihood of the corporation--Hardly
an easy task when faced with skeletal IT departments, limited
budgets, resistant users, and unsatisfactory applications.
A
recent survey of IT professionals revealed that only 8% of
them were "extremely confident" in the security
of their networks with a majority rating their confidence
as "somewhat". With corporate networks possessing
the very fate of an organization, I would think keeping it
secure and having absolute confidence in that security would
occupy the highest priority, and it seemingly is.
Every day companies are making investments in the security
of their network through the purchase and deployment of solutions
addressing particular security concerns. The problem arises
when they only secure areas that have caused problems in the
past and do not provide proactive protection for the others.
This reactive method to network security has a tendency to
only result adequate protection for a single area and an extensive
collection of "stand-alone" solutions that can result
in compatibility problems and manageability annoyances such
as administering to multiple consoles and different points
of contact for technical support.
True Internet and network security is found through a combination
of proficient administration and a defense in depth strategy.
Solution wise, network security is a process of layers. Each
network layer needs to not only work together cohesively but
do so in the most secure manner possible. If not implemented
correctly, however, this can result in cumbersome security
processes (i.e. multiple authentication requirements), consistent
updates of all security components, (which if made by different
vendors can ensue compatibility problems) and scalability
issues. Further it is of the utmost important that IT administrators
have the resources they need to sufficiently maintain the
system. Overworked administrators have to re-prioritize essential
security activities such as checking logs or keeping up with
the latest security patches, which results in easily avoidable
vulnerability being unseen and exploited.
With fears of viruses, malicious code and hackers keeping
administrators up at night, the network security plan for
many of today's largest corporations is in desperate need
of an overhaul. The best solution for these organizations
would be to find a comprehensive platform providing all the
security and productivity requirements of the corporations
in a cohesive, easy to manage, system. Replacing a series
of complex, vendor-specific, security applications with a
single streamlined system will succeed in providing higher
network and administrator efficiency resulting in the minimization
of debilitating and often overlooked security threats.
Dave
Wreski, CEO Guardian Digital, Inc.
| At
a Glance
Content and Policy Enforcement
Center
 Guardian
Digital Content and Policy Enforcement (CAPE) Center
is a unique multi-tiered, email defense system. Distinctive
in its approach, CAPE brings together the most technologically
advanced open source developments, a multitude of standards-based
security solutions, and the ingenuity and security expertise
of Guardian Digital. Providing bulletproof system defenses
from blended email threats and corporate policy violations,
Guardian Digital CAPE Center is a critical component
to Guardian Digital Secure Mail Suite. Comprehensive
spam, virus, and corporate policy protection at each
application layer presents organizations with all the
tools they need to continually keep email communications
productive while at the same time delivering greater
system efficiency, consistently higher levels of protection,
and dramatically reduced operational costs.
Learn
more about Guardian Digital Content
and Policy Enforcement Center
Processor.com:
Policies, Procedures & Products: Finding the Right
Security Mix
Guardian
Digital's CEO Dave Wreski shared his expertise with
Processor editor Douglas Schwartz on the state of security
today and the best way to defend corporate networks.
Read
Full Article
|
..... |
Guardian
Digital Mailbag
Q.
I know passwords are a first line of defense to
ensuring privacy, how can I chose a hard to crack password?
A. Most people chose passwords
that are easy to remember, however, when choosing a
simple password such as a pets name or favorite sport
team, the chances of someone else figuring out that
password increase greatly. A strong password should
consist of a combination of numbers, letters and symbols.
It is important to avoid using passwords that contain
any part of your name, initials, user name, or any other
personal information that could easily be guessed. Also
try to avoid words from dictionaries, and using numbers
in sequence order, as common words and number sequences
can be easily identified. Instead try using special
characters, mixed with numbers and upper and lower case
letters.
Although a strong password is important, it is equally
important to create a password you can remember. Try
using acronyms or an easy to remember non-sense words
as the basis for your password.
The
Behind the Shield editors encourage their readers to
submit questions. The most frequently asked questions
will appear in future issues. We look forward to answering
all your inquiries! Email us at info@guardiandigital.com
Guardian
Digital In the News
Linuxsecurity.com: Linux and National Security
The May 2004 Behind the Shield Industry Note written
by Guardian Digital CEO Dave Wreski was chosen as a
feature story by Linuxsecurity.com editors this past
month.
Read
Full Article
|
|
. |
Hints
& Tips from Experts
DNS
Security
Domain
name services (DNS) is a vital web application allowing the
translation of domain names to IP addresses. Although a seemingly
simple function, DNS servers are vital to the proper operation
of web services, making it a prime target for hacker attacks.
Unfortunately many corporations do not secure DNS servers
as adeptly as they should, leaving it open to some of the
most common and easily exploitable network vulnerabilities.
Protecting your DNS server with some simple tips will help
mitigate security vulnerabilities and help eliminate successful
server attacks.
- Keep
your DNS version current by implementing vulnerability patches
the moment they become available.
- Apply
the standard sever security procedures to DNS servers including
removing unnecessary services and keeping security patches
current.
- Place
your DNS server in your DMZ and make sure it is provided
the full protection of the firewall to block unwanted traffic
before it can pose a threat.
- Restrict
operations that may be performed on your server to only
those that are necessary.
- Utilize
diversified DNS servers to minimize the effectiveness of
denial of service attacks. If resources permit, have multiple
servers positioned in various locations to ensure a single
attack does not affect both servers so that vital operations
are not fully effected.
Guardian
Digital is pleased to provide Behind the Shield readers with
informative expert advice on what network security really
means. Each month a new topic of interest will be chosen to
supply you with useful tips and information not offered elsewhere.
This month we will have a brief discussion DNS security.
Partner
Profile 
Through national and multi-national partners like Code 511
in France, Guardian Digital is able to provide their productivity
and security solutions to customers worldwide.
Code
511 is France's premier source for computer security solutions
and consulting services. Catering to a wise-range of industries,
with clients in defense, banking, and insurance, Code 511
works with partners from all over the world to deliver powerful
computer security solutions, fitting to the individual needs
of each and every customer. With 10 years of security expertise,
Code 511 found Guardian Digital to be an ideal partner based
on their unique and highly effective strategies to Internet
and network security and their dedicated focus to partner
and customer support.
For further
information on Code511, please visit their website at: www.code511.com |
As
reported a few months ago, Guardian Digital is
assisting in providing secure FTP and DNS services
to the Chicago Stock Exchange and their customers.
Implementing EnGarde Secure Linux throughout their
organization, Chicago Stock Exchange is pleased
with the results. "Systems in the DMZ must
remain secure, Guardian Digital's comprehensive
security solutions not only kept our network protected
but also supplied ease of management, saving us
valuable time," states David Coder, manager
of network services for Chicago Stock Exchange.
Guardian
Digital recently announced the development of a new
corporate division focused entirely on the growth and
maintenance of sales partners. Promising a structured
program policy and resources dedicated explicitly to
the professional growth and guidance of all authorized
partners, this division is aimed at resulting in the
ability to better cater to overseas and cross-country
clients, stronger relationships with partners, and the
presentation of effective solutions to worldwide corporate
Internet security concerns.