The IT community has developed checklists of must-have technologies and accepted best practices for solid protection, but even the most vigilant enterprise IT professionals have been forced into reactionary postures by ceaseless new vulnerabilities, increasingly sophisticated hacker tools and heightened threats of cyber-terrorism. Security in depth is critical to business continuity and customer trust, but challenges to that level of security can seem insurmountable.
The goal of this eWEEK Special Report is to provide a leg up. We gathered security experts from the research and vendor communities—The SANS Institute, Microsoft Corp., Oracle Corp., Sun Microsystems Inc. and Symantec Corp.—for a roundtable discussion that examined the relative securability of Web-based computing and the role of the vendor community and enterprise IT in creating or magnifying risks. Oracle put "unbreakable" in perspective and advocated working with and not against hackers, while Microsoft addressed the "Is it a feature or a bug?" question. Symantec and Sun focused on end-user responsibility, while SANS addressed the practical problems of system configuration. The complete transcript of the roundtable will be available soon at www.eweek.com, as will audio highlights of the conversation.
Anne Chens article reminds us of past network attacks in the hopes of preventing future recurrences. But as enterprise computing gets more sophisticated, so, too, do the hacker tools and the hackers themselves. The security experts Chen spoke with warned of attacks on the wireless infrastructure and SNMP, as well as the potential for denial-of-service strikes on an increasing number of systems. Checklists developed by eWEEK Labs analysts for hardening wireless LANs, operating systems and applications in general are also at www.eweek.com.
Finally, when asked about the allusion he was making in the headline for his story on the yawning void in Web services security, eWEEK Labs Tim Dyck said, "Old maps. Map makers would put Here be dragons in places that were uncharted." Nuff said.
eWeek Labs Executive Editor Debra Donston can be reached at firstname.lastname@example.org.
Special Report Table of Contents
- Security Roundtable
- Here Be Dragons: Web Services Risks
- Threats to Come
- Trail of Destruction: The History of the Virus
- Community Builds Security: Labs Answers Your Security Questions
- WLAN Hardening Checklist
- Application Hardening Checklist
- Operating System Hardening Tips