From: InfoSec News (isnc4i.org)
Date: Fri Jul 27 2001 - 04:27:33 CDT

• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

http://news.zdnet.co.uk/story/0,,t269-s2091983,00.html

Thursday 26th July 2001
IT Week staff

Only two out of 50 firewalls at a leading Swiss bank were configured
correctly -- just one instance of security that is all that it should
be

Network security is being overestimated by IT managers because they
are failing to manage protective software properly, according to a
security expert.

Norbert Pohlmann, a director at Internet security specialist Utimaco
and author of a new book entitled Firewall Systems, said the
mismanagement of software is putting firms at risk. "We recently found
that only two of 50 firewalls at a leading Swiss bank were functioning
as they should, while the rest were configured incorrectly," said
Pohlmann. "IT managers still don't seem to understand the risks. They
spend money on security products and fail to manage them. Companies
need to understand security at a conceptual level to reduce risk, as
there are so many threats out there such as viruses, hackers and so
forth."

Pohlmann recommended that the management of security systems should
only be carried out by trusted personnel or outsourced to specialists.
"The deployment of [security products] requires that the users be
trained properly," he said.

In a recent survey of 445 IT directors attending the IT Directors'
Forum 2001, just under half said firms should appoint a dedicated
digital security expert, compared with 31 percent who opposed this
approach.

Analysts said IT managers find some products particularly difficult to
configure and control, and manageability rather than price should be
the main concern when buying a firewall product. Jos Lpez, lead
analyst for European network security at industry watcher Frost &
Sullivan, said, "IT managers should not base their choice of firewall
on price, but should test products to find the right one for their
organisation. Firewalls are something you must get right from the
beginning." Lpez also criticised a number of manufacturers for their
emphasis on functionality. "Some vendors focus on adding competitive
capabilities to firewalls over ease of management," he said.

There are a number of security-policy management solutions available
to simplify the provisioning and management of firewalls, switches and
routers.

-
ISN is currently hosted by Attrition.org

To unsubscribe email majordomoattrition.org with 'unsubscribe isn' in the BODY
of the mail.

• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]