Click here to receive your FREE subscription to Campus Technology
News
Symantec: Online Security Concerns Growing in the Workplace
4/14/2008
In the world if IT security, it's a well known secret that end users in Windows processing environments put themselves at risk whenever they check their MySpace and Facebook pages, or shop for plane tickets, computers and other goods and services--all while at the workplace.
Now, a pair of reports from Symantec Security Response--including the 13th annual "Global Internet Security Threat Report" (available as a PDF here), released on Tuesday--reveal that such actions may imperil some enterprise environments, especially given the rise of browser-based hacking and concerns about security in the Web 2.0 era.
Symantec culled its findings from several sources, including data gathered from network-monitoring software in the hundreds of countries where the security software consultancy does business. Symantec also relied on research gleaned from third-party sources such as other security firms, exploit research sites and its own security monitoring blogs. The report covers statistics gathered for the period between July and December of 2007
"What we find increasingly is that these attacks, using the Internet as a vector, leverage three things: a mature underground economy for hackers, client-side attack toolkits such as bots, and the wildcard: human behavior in the workforce," said Ben Greenbaum, senior research manager for Symantec Security Response. "And it's unfortunate but true that there is no security patch to block the vulnerabilities of social engineering."
Among the key findings in Symantec's "Global Internet Security Threat Report" are some staggering numbers, including the 711,912 new threats discovered in 2007, compared to just 125,243 in 2006. That's an increase of 468 percent.
The report also highlighted several enterprise system weakness trends which are germane to IT pros looking to balance the new work/life spillover in their IT administration space. According to the report, 58 percent of respondent-documented vulnerabilities in the third and fourth quarters of last year affected Web-based software or applications. Of those vulnerabilities, 72 percent were deemed "easily exploitable."
The report also found from its respondents that between Apple, Sun Microsystems and Microsoft, it was Redmond that had the shortest security patch research and turnaround time with a six-day flip. On the other hand, Sun's average patch development lead period last year was 157 days.
Here's another development from the report that may foster immediate concern in some IT shops: Of all the patches rolled out by Sun, Microsoft and Hewlett-Packard which were deemed either medium or critical (high-severity), more than 50 percent were intended to fix either Web browser or client-side vulnerabilities in the OS and related applications, or both.
Recommended Reading
- Fixed-Mobile Convergence: Dartmouth Beefs Up Cell Coverage, Cuts Costs
Problems with cell phone coverage aren't uncommon on college campuses. There are two main reasons: The beefy structure of historic buildings can block cellular reception within walls, and, on more remote campuses outside cities, signal coverage can be light.
- Thompson Rivers U Deploys Unified Digital Campus for ERP
Thompson Rivers University (TRU) in British Columbia has selected SunGard Higher Education's Banner Unified Digital Campus (UDC) to integrate its ERP systems.
- DV Kitchen Web Video Publishing System Released
DVcreators.net has released DV Kitchen, a new video encoding and publishing application for Mac OS X designed specifically for creating materials to be posted on the Web.
- NEC Debuts 4 Education Projectors
NEC this week debuted four new projectors targeted toward education applications, along with a new MultiSync LCD display. The new NP-series projectors are entry-level models started at $899 but are designed to provide high light output, support for closed captioning, and built-in networking capabilities.
- Security Researchers Uncover Spring Framework Vulnerability
Software frameworks are enjoying enormous popularity these days among a range of developers. It's popularity well earned; frameworks provide powerful tools for building more flexible and less error-prone applications. They generally enhance developer productivity with out-of-the-box functionality. And they can free developers to focus on features instead of common coding tasks.
- 3PAR Server Arrays Integrate Fat-to-Thin Processing
Utility storage provider 3PAR has announced the release of the 3PAR InServ T400 and T800 Storage Servers. The new hardware is built on the company's third-generation InSpire architecture, featuring the 3PAR Gen3 ASIC with integrated fat-to-thin processing.
