Feeling Insecure - Page 5

Download the authoritative guide: The Ultimate Guide to IT Security Vendors

WANs Pose Ongoing Risks

Enterprises getting their first professional audit are finding out that their WANs are particularly vulnerable to single points of attack.

When vital traffic leaves the LAN, its in the public network for great distances, no longer controlled by the company. Encrypting the data and taking other measures to create a VPN help. But companies also should secure their physical networks by having two separate routes to the public network - routes that go to separate central offices and that dont merge at one carrier hotel, experts said.

"There is a fundamental lack of understanding out there when it comes to the gravity of security breaches," said David Schatsky, senior analyst and research director of Jupiter Media Metrix. Every day, firms are surprised by audits that find their redundant networks arent as effective as they thought they were, he said.

Enterprises are turning in great numbers to the business assistance divisions of blue-chip companies such as AT&T and IBM for outsourcing of business recovery services, said John Lawler, an Infonetics Research analyst.

"The whole business continuation market is being relegated to the big boys," Lawler said.

In lower Manhattan, customers of AT&T Business Solutions were up and running in a couple of days following the Sept. 11 attacks because AT&T knew its networks so well. Many of those without business continuation contracts are still struggling.

Sending data to multiple storage centers and data centers will reduce the damage done by geographically isolated terrorist attacks. Data center companies like Digital Island and Exodus Communications own innocuous buildings that would not be obvious targets, but two centers are always better than one.

"People want to spread their risk a bit," Lawler said. "Theyre saying, Lets spread it over two facilities."

Many large organizations are reluctant to put sensitive applications in Internet data centers, because individual servers that belong to different customers are often not restricted from "talking" to each other. Some I-managers - Calabrese is one of them - have never warmed to Web hosting for that reason.

"This is a decision that the management made and I think this is a mistake," Calabrese said about his companys decision to outsource Web hosting to a service provider. "We can get seriously nailed on this one."