Business should beware of using emerging technologies to
cut costs in the economic downturn without considering the security
implications.
This warning comes from Tim Mather, chief security strategist at
RSA Conference.
Technologies such as
voice over IP (VOIP) and
virtualisation are still immature and could expose companies to
security risk, he said in an interview at the RSA Conference Europe
2008 in London.
According to Mather, the
lack of proven security around VoIP is one of the main reasons
the technology has been limited to use within organisations.
However, he said it is likely that tougher economic conditions
will push some companies into adopting VoIP for outside
communication to cut costs, even though it is not secure.
Similarly, businesses will adopt and expand their use of
virtualisation technology, but Mather said this was risky because
there is still no way to ensure and prove such systems are
secure.
"It will be difficult to assure [compliance] auditors that
virtual machines are properly secured when it may not even be clear
where a virtual machine is running at any given time," he said.
There are still
questions about the security of virtual systems such as how
anti-malware is administered and firewalls work, he added.
Mather said at the very least businesses should conduct a
thorough risk analysis based on proper test data in a production
environment before deploying VoIP or virtualisation to cut
costs.
Businesses should also find out as much as they can from their
peers about what works and what does not in making these
technologies more secure.
"Like all new technologies, it will take time for these to
mature and there will be failures before effective security
measures are found," he said.
VoIP: an essential guide for IT professionals >>