Time to put security first

With each new generation of software, it seems that designers introduce yet more challenges for IT security - usually in the name of "usability" or "productivity".

With each new generation of software, it seems that designers introduce yet more challenges for IT security - usually in the name of "usability" or "productivity".

Hackers are ready to target every new release, and suppliers are working hard to batten down the hatches. The official launch of Vista last week will offer a gauge of whether things are getting better.

The operating system is more secure than its predecessors, says Microsoft. But built-in picture, movie and music file-sharing may be targeted by the bad guys. In many cases, the easier it becomes to share information, the easier it may become to distribute viruses, steal identities and copy confidential information.

This means that every user needs to devote time and energy to ensuring that any e-mail they receive does not represent some kind of threat.

Research from Yankee Group claims that anti-virus software is getting less effective, which means that suppliers need to develop ever more intricate ways to protect users. VeriSign, for instance, has developed technology that highlights secure e-commerce sites to combat phishing attacks. And PayPal is trialling two-factor authentication.

Why, then, is it still so easy to register fake websites and send out mass-mailings?

Another weakness lies in wireless. It seems obvious, but if designers of wireless routers enforced the configuration of password and encryption keys before the router was connected, networks would be far more secure.

The trouble is, such configuration is a barrier to ease of use, so plug-and-go is the preferred option.

This type of approach is widespread, but in this connected world, usability and new functionality surely need to play second fiddle to security.

Read David Lacey’s security blog

Link to Microsoft Windows Vista

Comment on this article: computer.weekly@rbi.co.uk

This was first published in February 2007



Enjoy the benefits of CW+ membership, learn more and join.

Read more on Antivirus, firewall and IDS products



Forgot Password?

No problem! Submit your e-mail address below. We'll send you an email containing your password.

Your password has been sent to:




  • Dissecting the Hack

    In this excerpt from chapter three of Dissecting the Hack: The V3RB0TEN Network, authors Jayson E. Street, Kristin Sims and Brian...

  • Digital Identity Management

    In this excerpt of Digital Identity Management, authors Maryline Laurent and Samia Bousefrane discuss principles of biometrics ...

  • Becoming a Global Chief Security Executive Officer

    In this excerpt of Becoming a Global Chief Security Executive Officer: A How to Guide for Next Generation Security Leaders, ...