Untitled Document
www.expresscomputeronline.com WEEKLY INSIGHT FOR TECHNOLOGY PROFESSIONALS
13 March 2006  
Untitled Document
Sections

Market
Management
Technology
 Technology Life
Columns

Between The Bytes

Specials

HMA Bankbiz
UPS Batteries

Services
Subscribe/Renew
Archives
Search
Contact Us
Network Sites
Network Magazine India
Express Hospitality
Express TravelWorld
feBusiness Traveller
Express Pharma
Exp. Healthcare Mgmt.
Express Textile
Group Sites
ExpressIndia
Indian Express
Financial Express

Untitled Document
 
Home - Technology - Article

Vendor Accent

Secure mobility

Network defense has to evolve beyond protective firewalls and desktop and application level software to security that’s embedded deep within the network at the service provider or carrier level, says Sanjay Jotshi

Today’s working environment is changing rapidly. A large number of companies are finding that meeting the demands of customers requires the workforce to be available anytime, anywhere. This distributed workforce of road warriors, mobile workers, teleworkers and remote office workers needs to be able to access the same tools and interact with the same level of presence as their colleagues in the corporate office.

The solution is called ‘virtual enterprise,’ where work is no longer a place you go to, but something you do. By making work a flexible activity and not just a defined destination, companies empower their people to operate as a connected team—and a truly virtual enterprise—regardless of how, when and where they access the corporate network, and no matter which device they use. Most importantly, these people need to have complete trust in the security of their communications.

Security breaches that threaten data privacy and protection are among the top three business issues identified by corporate chief information officers in a recent survey by market research firm Gartner—and for good reason. For example, the MyDoom e-mail virus of January 2004 quickly spread to computers all over the world, causing an estimated $22.6 billion loss in just three days.

Because threats to the network aren’t going to go away, defending against them has to evolve beyond the current protective firewalls and software at the application level and desktop, to security that’s embedded deep within the networks at the service provider or carrier level.

Security must be end-to-end

There’s a general misconception that information on wireless networks is more vulnerable because it’s being transmitted through the air rather than over a fixed wireline network. But it’s not the way information is transmitted that is creating today’s higher levels of risk—it’s the proliferation of devices, access points, information sources and the need to be connected. When devices such as laptops, PDAs or cell phones are always on, wirelessly connected to the network and ready to receive or send any kind of information from any location, security must also be always on. Security must be end-to-end, protecting all layers of the network, without exception.

This misconception that wireless communications are open to interception is rooted in older analog wireless networks. First-generation wireless systems used analog technologies to transmit voice conversations in individual radio channels that were easy to decode and often vulnerable to eavesdropping with a special scanner.

Today’s digital wireless networks use complex authentication and encryption techniques to securely lock voice and data information as it flies through the air between a user’s device and a network. Users are identified by unique coded signatures that ensure the network recognises them as authentic subscribers and blocks out others who might be intruders.

The open-air transmission of information between a wireless device and the service provider’s network—called the air interface—has high levels of security such as encryption and authentication built right into the transmitting technology. But many other wireless network elements—like cell phones, PDAs, routers, servers or databases that hold confidential client information within service provider networks—also need to be secured to ensure full end-to-end protection against attacks.

While new wireless technologies such as Bluetooth and Wi-Fi expand to enable access to communication services, they also increase the complexity of protection against hackers, viruses and worm attacks. Split-second vigilance—with security in each layer of the network and across every point of access—is essential for a high level of protection anywhere, anytime.

Two main layers are involved in a complete network security solution: the infrastructure and application layers. The application layer handles transport, application and perimeter security issues, and involves such security products as firewalls and software to detect viruses and protect Internet servers. In security implementation procedures to date, this is where the major focus has been. But virus detection software packages, for instance, are only as useful as their definitions, and the firms that offer these packages wage a daily war against the latest infections. Complete network security can only be realised when locking-down the infrastructure layer receives as much focus as security products do today.

Companies need to shift their focus away from security products and move towards a complete security model which encompasses the infrastructure and application layers.

Taking a layered approach

A layered approach ensures that all mobile communications are protected as wireless providers add new types of voice, data services and devices to their networks. This means enterprises have to protect the integrity of the underlying network—the devices, the applications, and personal information—securing all of it against vulnerabilities such as viruses.

It is imperative to secure all layers of the network and its many elements through switching, firewalls, appropriate authentication options, virtual private networks, endpoint security compliance, and intrusion detection and prevention technologies. The strategy should include universal access portals that seamlessly support secure sockets layer security and client-based, IPSec-based remote access for voice and multimedia traffic. By using a friendly interface, users do not see this taking place in the background and no longer need to be technical or aware of the networks around them.

Network security is an issue of trust, and an organisation should do everything possible to ensure that its networking solutions reinforce that trust. Service providers and enterprises both rely on wireless communications for their business needs, and trusting an impenetrable network security is essential for wireless communications.

However, effective security is not achieved through a one-off initiative. Just as business policies and practices change, so do the techniques employed by hackers and virus developers. Sound security requires continuing watchfulness and an ongoing readiness to respond to a changing security climate. And security in the network DNA is precisely the place to begin.

The author is Director, Vertical Market Initiatives & Marketing, Nortel.
He can be reached at jotshis@nortel.com

 


UNSUBSCRIBE HERE
Untitled Document
© Copyright 2001: Indian Express Newspapers (Mumbai) Limited (Mumbai, India). All rights reserved throughout the world. This entire site is compiled in Mumbai by the Business Publications Division (BPD) of the Indian Express Newspapers (Mumbai) Limited. Site managed by BPD.