archives  If you want an RSS feed try this xml rss V0.91 feed

Tuesday, November 25, 2003

Wanted: reasoned thought

Robert Campbell AuthorOpinion Having spent two days last week mixing it at the NEFF with various members of the police force and various fraud specialists form a wide variety of industries and public sector bodies including the National Audit Office and security specialists from the several of the high street banks. I'm even more paranoid than I was before, if that were possible.
I was especially impressed with the afternoon's discussion on the second day headed by Colin Wittaker of APACS on e-commerce fraud. I was, however, equally very depressed with the technical session on corporate security where at least one participant told the amazed audience his answer to the problem of email viruses was to only allow one PC, not connected to the corporate LAN, to be attached to the Internet.
There seems to be plenty of evidence that real criminals are getting more organised and the risks are increasing every day for all of us, as individuals and companies alike. Yet the willingness of otherwise well educated decision makers to enter into meaningful discussions regarding investment in multi-level security measures is woefully lacking, staggeringly so in my opinion.
Why is this ? There are probably many facets to the answer to that question, but as technologists we have a responsibility to adjust our responses and participate in the bigger debate as grown ups and not continually snipe at the most obvious without thinking first. Like adolescent school kids with half formed ideas or brainwashed middle class left wing pinkos with shallow reasoning and single issue politics, 7/10th of our industry seems to think nirvana can be obtained if we just dumped Windows and Bill into the Pacific.
Thank god for people like Tim Mullen a reasoned analyst if ever there was one.
Related Links
Busting the Worm Writers
Microsoft's hacker bounty is wasted money
Proposed: a Bounty for Bugs
The Flaw of Security Through Diversification by Mark Burnett
The 7 Top Management Errors that Lead to Computer Security Vulnerabilities
posted by Robert Campbell 8:44 PM

Exchange 2003 and OWA concerns

Concerns seem to be appearing over the latest version of Exchange and Outlook Web Access. In an article over at ZDnet by Matthew Broersma posted yesterday he reports that Microsoft's initial explanation relates to the use of the Kerberos authentication mechanisms. This is just the latest in a series of issues that have affected the OWA component, and while remote access to one's Exchange server is a highly desireable thing doing it with Exchange, IIS and OWA alone is asking for serious trouble and cost. Using BorderWare's MXtreme can easily put most of these risks behind you.
Related Links
MXtreme and OWA

posted by Robert Campbell 5:45 PM


Powered by Blogger Pro™