Security Web Digest: Internet Attacks Up, Secure Web Servers, Oracle and the TSA ... and More
VPNs and Wi-Fi a perfect match... WS-I security standards on the way... Oracle to provide transportation security software... and more from around the webEnterprise The number of security incidents and confirmed attacks detected by businesses rose by 37% in the first three months of the year according to a report made public on Monday by Internet Security Systems. In the same time frame, the total number of reported security events, which range from relatively minor activities such as automatic probing to full-scale onslaughts by worms, jumped tenfold over the previous three months, according to ISSs quarterly "Internet Risk Impact Statement." ISS pointed out that worms increasingly are able to cause dramatic damage worldwide with a minimum of effort on the part of the attacker. WholeSecurity on Monday announced Web server software designed to prevent remote-access Trojans or eavesdropping software from penetrating networks during e-commerce or employee interactions over the Internet. The company says its Confidence Online helps guard against identity theft and network compromise by detecting and blocking any action by harmful Trojans such as BackOrifice and Subseven, as well as legitimate remote-administration tools such as Symantecs PCAnywhere. The goal is to prevent any potential entryway from desktops into corporate networks during interaction over the Web, says Tony Alagna, founder of WholeSecurity.
Barry Fougere, president and CEO of Colubris Networks, says VPN technology is the best solutiuon to Wi-Fi security. "This is because the market is comfortable with VPN technology, which has come as a result of common practices in more wired settings," he said. "People use VPNs to access the corporate network from the road or from home over their broadband connections, so this is a technology with which network managers are becoming increasingly comfortable in wireless settings. Using VPNs is a proven method for securing networks, unlike proprietary systems, in which you are only taking the vendors word that its product is secure,"he said.