The proliferation of hacking tools openly available via the Internet is causing IT managers to reassess security measures. The traditional defence against hackers has been to implement firewalls and virtual private networks (VPNs), but in many cases these alone are no longer enough.
VPNs establish private point-to-point links via the Internet using encryption, but once they are breached, a hacker can gain unobstructed access to data stored on central systems. While firewalls protect the network's points of access from external hackers, they do not prevent unauthorised snooping by people accessing the network from within. Research firm IDC recently concluded that about 81 percent of data security breaches come from inside companies. V 'Most firms consider that installing a firewall is job done. That's not the case at all, especially if the attacks are going on from inside the firewall,' said George Sanger, commercial marketing director for security solutions provider Xpert Systems.
'IT managers may now have a secure tunnel, but what if somebody gets on that tunnel by stealing a PC, or obtaining another user's password by stealth, for instance?'
Sanger believes firms need to re-evaluate network security, and look beyond the VPN and firewall to measures such as application-level security and strong authentication.
Application-level security involves running tools that require users to provide the correct identification and password before they can use a program  a policy that can also help to ensure that software licences are properly controlled. It needs the presence of some type of packet analysis tool able to identify and monitor the data that is being sent and received by any one application.
According to Don Czubek, president of US analyst firm Gen2 Ventures, many IT managers are unaware of the programs their employees are using. 'When I go into corporate accounts I see exactly the same thing. Most network managers don't know what applications are running and it's only when they run monitoring tools like Packeteer that they suddenly find out,' he said.
Application-level security tools can also help to ensure that employee productivity is not reduced because users are surfing the Internet, and it can prevent users from downloading inappropriate or illegal material. Xpert's Sanger pointed out that though many firms are aware of the vulnerabilities in their network architecture, they are often ignorant of the fact that they can be held legally responsible for content downloaded by staff.
He warned that security can become difficult to manage if many disparate security elements are deployed across the network. As a result, he favours a more centralised approach. 'Rather than having a whole raft of measures, firms should have only one security policy,' he said. 'IT managers firstly need to identify what it is they're trying to protect and then pull in the requisite tools.'
However, security vendors such as Xpert may face difficulties in persuading corporate buyers that better centralised security is needed. One problem is that firms are often reluctant to admit they have been the victim of attacks for fear of losing custom as a result. BT spokesman John Doherty said, 'The perpetrators usually get fired and their firms don't publish it. An organisation I know of recently saw 12 of its employees disappear overnight'.
