SMB - Security futurists shun perimeter, antivirus systems

Outsourcing, grid computing, and hacker professionalism are trends that will dramatically impact on IT security for business

Outsourcing, grid computing, and hacker professionalism are trends that cannot be stopped, and the sum total of those factors will have a dramatic effect on the way businesses attempt to protect their IT system in the future, researchers and analysts agree.

The intersection of groundbreaking new IT architecture and previously unparalleled levels of professionalism among writers of malware attacks will result in an increasingly challenging electronic business environment, according to speakers at the ongoing Source Boston 2008 conference.

And while such estimations are sometimes characterized as fearmongering set in motion by an IT security industry dependent on the presence of new attacks to keep its coffers full, the assembled experts appeared to suggest as many answers as they proposed potential problems that need to be solved.

Each technological step forward should present its own array of security challenges and create new opportunities that force companies to continue to reassess their defenses, the presenters said.

Even mature IT trends such as outsourcing are having a significant impact on the changing manner in which businesses address security today.

"The reality is that we will be outsourcing some security functions," said Rich Mogull, an industry analyst with Securosis. "Organizations need to both take advantage [of outsourcing] where it makes sense and integrate outsourced security opportunities. At the same time, companies can't transfer all of their risk by handing off responsibilities to someone else; just because someone is handling your credit card information, customers won't let you off the hook if something goes wrong."

Companies will increasingly apply a mix of on-premise IT defenses and "in the cloud" security services to maximize their ability to thwart attacks and to adjust their protection to account for other outsourced operations, the analyst said.

"Companies will have a mix of outsourcing and in-sourcing," said Mogull. "For security, especially for things like firewall management, outsourcing absolutely makes sense. You'll also have companies outsourcing workstation systems management, and eventually they will outsource antivirus management as well."

And just as attackers have leveraged the potential of grid computing via botnet systems that some experts estimate to be as powerful as the world's largest supercomputers, the IT security industry must likewise tap into distributed processing power to better protect customers, the presenters said.

With the bad guys already getting deep into grid computing, it will be crucial to fight firepower with firepower, they said.

"Companies will be distributing security [capabilities] to help figure out ahead of time where anomalous things are occurring; technologies will take advantage of distributed [sensors], virtualization, and grid computing to garner data using the herd mentality," said Chris Hoff, chief architect of security innovation at Unisys. "When you think about infrastructure in 10 years, instead of thinking about where virtualization gets us in terms of consolidation, [think] about distributing [security] processes to pools of memory and computing power."

Based on those major trends and other new paradigms, including virtualization, SaaS (software-as-a-service), and SOA, companies will also have to consider new ways to address the issue of maintaining less concrete perimeters for their networks and IT systems.

As evidence that major security vendors already understand this emerging shift, the experts highlighted the fact that more than 20 such companies immediately signed on to help support new systems-defense tools from virtualization market leader VMWare, even though the technology being pitched is still under development.

"The concept of re-perimeterization will involve taking the [existing] perimeter and making it stronger, condensing it in places, and adding all sorts of little internal perimeters," said Mogull. "It's not that the perimeter will disappear soon, but it will consolidate. Companies don't have a choice about this; with remote workers and virtualization, this is already happening today."

However, perhaps the biggest shift in IT security is one that is already transpiring around information protection, as companies shift their primary focus away from systems defense to safeguarding their valuable data.

Join the PC World newsletter!

Error: Please check your email address.
Keep up with the latest tech news, reviews and previews by subscribing to the Good Gear Guide newsletter.

Matt Hines

InfoWorld

Most Popular Reviews

Follow Us

Best Deals on GoodGearGuide

Shopping.com

Latest News Articles

Resources

GGG Evaluation Team

Kathy Cassidy

STYLISTIC Q702

First impression on unpacking the Q702 test unit was the solid feel and clean, minimalist styling.

Anthony Grifoni

STYLISTIC Q572

For work use, Microsoft Word and Excel programs pre-installed on the device are adequate for preparing short documents.

Steph Mundell

LIFEBOOK UH574

The Fujitsu LifeBook UH574 allowed for great mobility without being obnoxiously heavy or clunky. Its twelve hours of battery life did not disappoint.

Andrew Mitsi

STYLISTIC Q702

The screen was particularly good. It is bright and visible from most angles, however heat is an issue, particularly around the Windows button on the front, and on the back where the battery housing is located.

Simon Harriott

STYLISTIC Q702

My first impression after unboxing the Q702 is that it is a nice looking unit. Styling is somewhat minimalist but very effective. The tablet part, once detached, has a nice weight, and no buttons or switches are located in awkward or intrusive positions.

Latest Jobs

Shopping.com

Don’t have an account? Sign up here

Don't have an account? Sign up now

Forgot password?