The only publication dedicated to OSS     Volume 1, Issue 5 - September 2004
Current Issue
  Cover Page
  IP Applications
  Built on Trust
  Generation
  Syndesis
  KPN
  Telcordia
News Brief
Subscribe
About Us
Archives
Ed-Opps
Ad-Opps
Advertisers
Sponsors

Download and print this article
download & go

Tracking the Elusive "IP Application" (cont'd)

Security Management
With people moving around, and in and out of network environments with a range of devices, security risks skyrocket. Corporations are already struggling to manage things like anti-hacker, anti-virus and anti-user-who-ignores-all-rules security, plus basic management of accounts, policies, permissions and corporate protocols. The cost, as with all other IT areas, is escalating along with the volume of events, the types of vulnerabilities and number of things that require security.

IM alone opens networks to viruses and worms, identity theft, firewall tunneling, data security problems where users may communicate trade secrets over unsecured channels, and “spim” – instant messaging spam that already makes up 5 to 7 percent of IM traffic, according to Network World (June 28, 2004). These are primarily network and policy security issues – in other words, users are accessing unsecured network services. If prevented from using public services, but given access to secure alternatives, users can be sated and these problems largely avoided.

IP AppsSecurity vulnerabilities are also created by desktop PCs, laptops, and devices that move between public and corporate network environments. Too often users fail to adhere to security protocols – like updating their Windows software – and create holes for hackers, worms or viruses. Corporations are spending money for management systems that automate patch updates, and intelligent security measures that quarantine vulnerable systems when they try to access network resources. They are also looking to software to provide vulnerability scanning on an ongoing basis; most companies only scan a few times a year, if at all. These capabilities are repeatable, commonly needed, and commercially available – prime candidates for valuable IP services enterprises need.

Identity Management
Another significant challenge IP presents for enterprises is in managing and protecting user identities. With more information that is network accessible, be it corporate, or personal and financial in nature, the greater the risk of fraud. Identity theft is already an escalating social problem, and it is perhaps easier in the electronic world. The law is still catching up with electronic identity theft though, so there is plenty of room for fraudsters to invent scams for which they can avoid prosecution. While Dr.Evil is not likely to take over GE's email infrastructure any time soon, some companies do fear corporate saboteurs stealing an executive's identity and sending damaging emails in his name to major customers – surprisingly, there's no real law against this as of yet.

Identity management is critical, however, in business environments where people work with multiple suppliers' systems, or multiple web interfaces in general. Single sign-on across partner domains, for example, is a key productivity feature on which networked applications rely. This kind of capability can't be shot down, so it must be secured against identity theft. Corporations are just beginning to turn to technologies like biometrics, thumb prints, and various automated password reset and encryption features to insure users are who they claim to be. These technologies are critical but often inaccessible to a range of businesses for financial or expertise reasons, and thus another area where service providers can provide a staple support service while offloading cost and complexity for their best customers.

In the end, this is what IP applications are all about – taking away the growing complexity and management burden associated with communications and recognizing that IT is part of it all. Enterprises are already spending billions on basic IT infrastructure that is, in function, common to them all. There is a clear economy of scale to be created here, and one that ASPs are trying their best to accommodate. In the end, however, it's the telcos that have the experience with scale, reliability and security to deliver what enterprises need in their core operations. What telcos have lacked thus far is direction and a realistic set of examples to follow from their advisors and suppliers.

 

 

Subscribe   About Us   Archives   Editorial Opportunities
Advertising Opportunities   News Brief   Advertisers   Sponsors

© 2004, All information contained herein is the sole property of Pipeline Publishing, LLC. Pipeline Publishing LLC reserves all rights and privileges regarding the use of this information. Any unauthorized use, such as copying, modifying, or reprinting, will be prosecuted under the fullest extent under the governing law.