The vulnerabilities in home
processes"> Bob, as part of the National Institutes of Health, youre in an environment where the independence of research is a real part of the culture. Do you find that users acceptance of configuration management and what you do with their systems has increased as the occurrence of various attacks and other vulnerabilities has become greater? Rosen: A little bit. There are still a lot of people who cant stand it and dont want it and wont have it. But when they get personally hit, that seems to make all the difference in the world. When, all of a sudden, theyre inconvenienced or their work is shut down or lost or whatever, they become much more amenable to having us keep their systems up-to-date.Do you find that your need to do basic end-user training and support is on the decline at all as more people start to come into the work force having worked with technology since they were high-school age or even younger? Gunnerson: I would say yes. Standard applications are known well enough that people can do their jobs. But what were seeing is that, as threats arise, there needs to be education about the vulnerabilities in home processes, especially if you have a VPN. People are having a problem with their kids getting adware all over their systems, for example, and they want to know how to fix it. Those are the kinds of things we try to deal with proactively. Thats been something that all of you have focused on, right? People working from home or other remote environments and needing to be sure the remote nodes are configured as well as office systems are? Calabrese: Yes. Weve put a Bose-owned asset in their homea Bose-owned laptop or a Bose-owned desktop and the access rights and permissions and the security levels and such are all preset on those machines. Theres no deviation. eWEEK Labs tests of four SSL-based VPNs showed the technology is a sensible alternative to IPSec for securing remote access to enterprise resources and data. Click here to read the reviews. And those are the only devices allowed to connect, even through a VPN? Calabrese: Yes. Now, there are some challenges, again because of the education of the users. People understand, "Gee, I can connect this to my home network, and I can take advantage of resources on my home network. I know I can, so why are you preventing me?" We have to address those issues. We have to address why you cant load the software that the hotel gives you in order to connect to the hotels broadband network, or why you shouldnt add the software that your DSL provider gives you but that you should go out and buy a router. We have a policy, and we adhere to the policy. Im not necessarily saying its the best policy. It certainly is not cost-effective to outfit everyone who needs access to the corporation with a corporate-owned asset. It either means a more expensive laptop device, or it means two PCs and two licenses for everything. It would be far more convenient if we could leverage this ubiquitous computing thing and allow many of the things that we dont by policylike access from handhelds, like access from Starbucks. But, right now, our security model is such that those are just things that we cant absorb yet. Next page: Outsourcing and open source.
Gunnerson: Were seeing conversions one Trojan at a time.