Answering the Need for Secure Systems
As e-mail is celebrating its 30th birthday, paper mail has become not only an annoyance but also a potential menace. E-mail had its start in 1971 when Ray Tomlinson, principal engineer at BBN Technologies, in Cambridge, Mass., developed a system for electronically mailing users on the ARPAnet. Since that time, e-mail has blossomed into a productivity marvel by being able to be easily mailed to anyone in the world and a productivity curse by being able to be received from anyone in the world.
And if wed all been alert, the difficulties of securing e-mail might have tipped us off about the prospects of a terrorist being able to use physical mail as a way to transport a hazard-laden message. As e-mail blossomed, so did the viruses and worms that twisted techies concocted. Today, the IT manager has an array of defenses, including packet sniffers, firewalls and quarantine areas where suspicious e-mail can be held pending identification. A physical counterpart of those digital security products sounds like a good choice these days.
And it is in the coordination between those trying to secure the physical world and the cyber-world where the real value of ITs lessons from securing the enterprise become valuable, although sometimes it requires thinking in reverse. Today, it is easy to use one of the express shipping services to address and track a package that you ship. Tomorrow, you will want to be able to use reverse tracking to make sure the package in your mail room actually came from the company on the return address. Today, the airlines do a great job at being able to schedule flights and adjust fares based on passenger load. Tomorrow (today, actually), you want that same computing intensity to focus on making sure that the ticketed passenger in the seat next to you has passed a security check. See Caron Carlsons article for ways that companies are addressing the many facets of IT security.
This weeks issue continues our focus on how IT execs are not only being called on to make their companys infrastructure secure but are also playing an increasing role in the governments cyber-security campaign. Building a secure network, devising identification directories and ensuring database vulnerabilities are corrected have all been part of the private-industry IT agenda in the past. The urgency, accountability and public/ private cooperation that went into the Y2K remediation process is a good starting point for developing a methodology to make sure security is part of every companys and agencys agenda.
E-mail developed in an era when the United States needed to develop secure networks capable of withstanding a nuclear attack. The technologists of that era answered that need with systems that today provide the worldwide communications infrastructure. Now it is up to the public and private technologists of today to develop the systems capable of withstanding the current terrorist threat.