In my Dec. 17, 2010 post I outlined a number of security trends to watch. I’m going to expand upon this a bit and talk about a few additional things to monitor:
Viruses: zero day vulnerabilities will continue to be one of the biggest threats to small to midsize enterprises as the majority of anti-virus vendors take around five hours to provide solutions to new threats. Companies will have to investigate how protection can be provided faster. The continued use of multiple anti-virus engines at the gateway and the desktop is one way of bridging this and fast updating technologies provide improved protection. Additionally, new technologies are being provided that can generate protection in under a minute.
Increased scrutiny will be required as viruses become more subtle, hiding more effectively. Scanning internal and external networks for installed malware will be more common, identifying malware that attempts to be unobtrusive. An example of this is the Conficker worm that sat quietly on infected systems but responded on TCP port 445 enabling companies to remove the threat before it became active.
Mobile devices like tablets and smart phones will infiltrate the network. IDC predicts that by year end, mobile device shipments of new units will have increased by 55% and Gartner estimates that in the same year, 1.2 billion people will be using phones with rich web capabilities.
Increasingly, these are the devices that sales and business use to keep all their contacts, one contact point. They need to integrate with the desktop to transfer diary, address and back up which is the vulnerable moment for companies. The architecture of these systems is going to be critical, not all will have the push technology of phones like Blackberry which can keep the systems secure and this must be a concern going forward despite the number of viruses for mobile devices currently being low.
As always, any questions/concerns, call me at (832) 242-5757 or send an email to firstname.lastname@example.org.