Gartner slams over-hyped security threats

9 Jun 2005

Gartner, the IT analyst firm, has said security threats associated with several new technologies have been exaggerated and are unnecessarily preventing companies from investing in those technologies as a result.

According to Gartner, the five most over-hyped threats are: internet protocol (IP) telephony is unsafe; mobile viruses will cause widespread damage; so-called Warhol worms will make the internet unreliable for business traffic and virtual private networks (VPNs); complying with regulations equals security; and wireless hotspots are not secure.

Gartner analysts claimed many businesses have delayed rolling out technologies that could make them more productive — for example, wireless local area networks (LANs) — because there has been so much hype about potential threats. John Pescatore, vice-president and Gartner fellow, said: “We’ve also seen the perceived need to spend on compliance reporting for Sarbanes-Oxley Act, 2002, hyped beyond any connection with the reality of the legislation.”

Gartner claimed security attacks are rare for IP telephony. Similar measures for securing a data environment can be used to protect an IP telephony environment. It classed the risk of IP telephony eavesdropping as unlikely as attackers must be inside the company for the hack to work — they have to be on the same LAN as the IP telephone that is subject to the eavesdropping attack.

Mobile malware will be a niche nuisance in the foreseeable future in most cases, Gartner said, partly because the number of people using smart phones or PDAs with wireless capability is very small. “Antivirus vendors see huge potential profit opportunities in selling security solutions to billions of mobile phone and PDA users,” said Pescatore. “In particular, the antiviral industry sees mobile phones as the way to grow sales outside of a flat, commoditised PC market.”

Device-side antiviruses for cell phones will be “completely ineffective”, Pescatore added. “The most effective approach to blocking mobile malware will be to block it in the network,” he said.

A Warhol worm is said to infect all vulnerable machines on the internet within 15 minutes. Although the SQL Slammer worm had a strong impact on the internet two years ago, it is the only recorded example of such a threat.

Gartner said complying with regulations is often a useful tactic for obtaining a budget for important security initiatives before incidents occur, but most regulations lead to more reporting rather than increased levels of security. Lawrence Orans, principal analyst with Gartner, suggested organisations would be better off building stronger security processes and then documenting them to demonstrate regulatory compliance.

Lastly, Gartner advised businesses to equip and educate their mobile workers with the tools and knowledge to mitigate the threats from wireless hotspots so they can be used safely. Mobile users should seek out 802.1X protected access points because these allow encryption between the mobile device and the access point. Another option for greater security would be to use software on the device that can validate a genuine hostpot’s identity and thereby reduce the risk of connecting to a rogue access point.
Mobile users in hotspots should use their corporate VPN connection to protect traffic as it travels through the internet, Pescatore suggested. They should also use personal firewalls and turn off file/print sharing on their machines to avoid having data stolen.

By Gordon Smith