Cutting costs in downturn could open firms to security risks, warns RSA

News

Cutting costs in downturn could open firms to security risks, warns RSA

Warwick Ashford

Business should beware of using emerging technologies to cut costs in the economic downturn without considering the security implications.

This warning comes from Tim Mather, chief security strategist at RSA Conference.

Technologies such as voice over IP (VOIP) and virtualisation are still immature and could expose companies to security risk, he said in an interview at the RSA Conference Europe 2008 in London.

According to Mather, the lack of proven security around VoIP is one of the main reasons the technology has been limited to use within organisations.

However, he said it is likely that tougher economic conditions will push some companies into adopting VoIP for outside communication to cut costs, even though it is not secure.

Similarly, businesses will adopt and expand their use of virtualisation technology, but Mather said this was risky because there is still no way to ensure and prove such systems are secure.

"It will be difficult to assure [compliance] auditors that virtual machines are properly secured when it may not even be clear where a virtual machine is running at any given time," he said.

There are still questions about the security of virtual systems such as how anti-malware is administered and firewalls work, he added.

Mather said at the very least businesses should conduct a thorough risk analysis based on proper test data in a production environment before deploying VoIP or virtualisation to cut costs.

Businesses should also find out as much as they can from their peers about what works and what does not in making these technologies more secure.

"Like all new technologies, it will take time for these to mature and there will be failures before effective security measures are found," he said.

VoIP: an essential guide for IT professionals >>


Email Alerts

Register now to receive ComputerWeekly.com IT-related news, guides and more, delivered to your inbox.
By submitting you agree to receive email from TechTarget and its partners. If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States. Privacy
 

COMMENTS powered by Disqus  //  Commenting policy