Security Is Shaping IT Pros Roles - ' The vulnerabilities in home ' (
Page 3 of 6 )
processes">
Bob, as part of the National Institutes of Health, youre in an environment
where the independence of research is a real part of the culture. Do you find
that users acceptance of configuration management and what you do with their
systems has increased as the occurrence of various attacks and other vulnerabilities
has become greater?
Rosen: A little bit. There are still a lot of people who cant stand
it and dont want it and wont have it. But when they get personally hit, that
seems to make all the difference in the world. When, all of a sudden, theyre
inconvenienced or their work is shut down or lost or whatever, they become much
more amenable to having us keep their systems up-to-date.
Gunnerson: Were seeing conversions one Trojan at a time.
Do you find that your need to do basic end-user training and support is
on the decline at all as more people start to come into the work force having
worked with technology since they were high-school age or even younger?
Gunnerson: I would say yes. Standard applications are known well enough
that people can do their jobs. But what were seeing is that, as threats arise,
there needs to be education about the vulnerabilities in home processes, especially
if you have a VPN. People are having a problem with their kids getting adware
all over their systems, for example, and they want to know how to fix it. Those
are the kinds of things we try to deal with proactively.
Thats been something that all of you have focused on, right? People working
from home or other remote environments and needing to be sure the remote nodes
are configured as well as office systems are?
Calabrese: Yes. Weve put a Bose-owned asset in their home—a Bose-owned
laptop or a Bose-owned desktop— and the access rights and permissions and
the security levels and such are all preset on those machines. Theres no deviation.
eWEEK Labs tests of four SSL-based VPNs showed the technology is a sensible alternative to IPSec for securing remote access to enterprise resources and data. Click here to read the reviews.
And those are the only devices allowed to connect, even through a VPN?
Calabrese: Yes. Now, there are some challenges, again because of the
education of the users. People understand, "Gee, I can connect this to my home
network, and I can take advantage of resources on my home network. I know I
can, so why are you preventing me?" We have to address those issues. We have
to address why you cant load the software that the hotel gives you in order
to connect to the hotels broadband network, or why you shouldnt add the software
that your DSL provider gives you but that you should go out and buy a router.
We have a policy, and we adhere to the policy. Im not necessarily saying its the best policy. It certainly is not cost-effective to outfit everyone who needs access to the corporation with a corporate-owned asset. It either means a more expensive laptop device, or it means two PCs and two licenses for everything. It would be far more convenient if we could leverage this ubiquitous computing thing and allow many of the things that we dont by policy—like access from handhelds, like access from Starbucks. But, right now, our security model is such that those are just things that we cant absorb yet.
Next page: Outsourcing and open source.
