Security not a black and white issue

26 Jul 2005

Between the years 1990 and 2000 it was possible to count on the fingers of one hand the number of big security challenges per year. Unfortunately for beleaguered IT managers, the same no longer applies.

Speaking at a Hewlett-Packard-organised conference on IT security in Dublin last month, John Roese, chief technology officer of Enterasys Networks, asked rhetorically: “How many problems have you had in the past six months? Probably more than in the past decade.” He put forward the view that a new approach is needed to handle all of the issues involved.

“Guest networking is a new security challenge because it’s important to the business,” he said. This means validating end systems. In other words, the computers used to log on to company resources must have up-to-date security and the latest software patches.

New computing devices are multiplying by type and number at a rate of knots, Roese added. Where before there were desktop PCs running Windows on the network, now there are laptops, PDAs, even internet protocol-enabled printers and copiers.

“With this endless diversity, security challenges are exponentially increasing,” said Roese. “There’s a density issue: how big is your network and how many devices are on it?” He spoke of people now being “hyperconnected” that is, where there is no longer a one-to-one ratio of people to computers. “Now it’s more like one to 10,” he said.

All of this brings security into sharp focus because the old approach won’t work any more, said Roese. “Historically we thought of security as a problem, so we bought a product. What happens if there are hundreds of products at the same time? We buy loads of products.”

The new approach put forward by Roese involves looking at the problem one layer removed from single products. He suggested a kind of intelligent network that can automate many of the repeated security processes. For example, users logging on could be placed in a quarantine area if the system detects that their software is not up to date. The problem is, most networks currently don’t do this but it’s an impediment to business if users logging on remotely are simply met with a ‘stop’ sign.

“How do you correct an issue [such as not having up-to-date antivirus] if they’re not allowed back on to the network?” he said. “It’s not a black and white issue. Those colours have nothing to do with security these days. It’s always grey.”

Warming to his theme, he added: “There are too many problems out there to solve with point solutions. Don’t use the technology of the day to solve the problem of the day. Find the five or 10 problems you’re dealing with and see which solution will solve most problems rather than one problem. That’s a better solution, long term.”

He said networks are doubling in size at three-year intervals, with more computing devices. “You can’t solve it with the status quo, you’ve got to look at your architecture. Adding new core capability to the IT system solves the broader issues.”

By Gordon Smith