Microsoft's vision of simplicity in security includes the company's upcoming "network access protection" for ensuring that devices looking to connect into a network are free from viruses or other contaminants. The feature can place PCs and laptops running Windows Vista and connected to servers running Microsoft's upcoming Windows Server software code-named Longhorn, into special "quarantine zones" until they're furnished with updates that bring them into compliance with a company's PC-health policies. Another technology that's key to Microsoft's vision of "trustworthy computing" is the InfoCard, which stores user information on the PC and can be used to authenticate that user during online transactions. Multi-factor authentication needs to be "built down into the system itself," Gates said.
Yet companies need to figure out the specific level of authentication required for a particular transaction. Can a user remain anonymous to the system, or should their identity be verified in depth? Or can a "pseudonymous" identification be employed to reduce complexity while at the same time providing acceptable levels of security?
Not a fan of a one-size-fits-all approach to authentication, RSA Security Inc. president and CEO Art Coviello said during his Tuesday keynote, "Businesses need to embrace an adaptive approach to authentication." He likens the online world to a "crime-ridden neighborhood" that requires companies conducting business there to stay ahead of their adversaries.
Smaller transactions can be protected using passive authentication methods that simply compare a user's behavior, i.e., the transactions they're initiating, with past behavior. Any anomalies can trigger alerts to a security team or shut down a transaction before it can be completed. Larger transactions require active authentication in the form of tokens, smart cards, and USB-pluggable devices that contain information used to authenticate the user to the transactional system.
Such a proactive approach to security is necessary because "the opponent is not standing still," Gates said. Businesses have to move to smart cards, InfoCards, and support for standards. "We're really at the beginning of this trust ecosystem," Gates said, who added that he is seeing progress. More and more users are updating their Windows systems regularly to get the latest features and security components. In fact, 80% of Windows users take advantage of regular Windows updates, compared with only 50% a couple of years ago.
Network automation is gaining momentum. Here's how you can drive this powerful technology to its full potential.
Subsea cable alternatives can provide a level of comfort for those concerned about disruptions. Realistically, they will continue to play a small, but critical role in the short term.
Maintaining existing network infrastructures often incurs huge technical debt before newer technologies are adopted over time.
