Financial Daily from THE HINDU group of publications
Monday, Jul 04, 2005
eWorld
Features
Stocks
Port Info
Archives

Group Sites

 eWorld - Interview
Info-Tech - Security


Grow savvy on security

Sumeet Kaul

Spyware, adware, phishing... these are no vague threats in cyber space. They are real, so sharpen your security measures, says Symantec.


Brian Foster

SECURITY in cyber space hits the headlines almost every day - be it in its observance or breach. eWorld caught up with Brian Foster, Senior Director, Product Management, Symantec Corporation, on developments on the security front.

What are the latest security threats individual users and firms are facing?

Spyware and adware are becoming a top concern for IT operations as well as security managers. Cleaning clients loaded with spyware or adware can represent 20 per cent or more of IT help-desk effort.

Spyware and adware are two different things. Spyware is a program installed on a computer that can capture personal information — such as passwords, log-in details, account numbers, etc — in addition to content on the computer and Internet usage, and relay it back to a third party.

Adware is a program installed on a user's computer to deliver advertising content and to capture Internet usage to build up a user profile that, in turn, is relayed to a third party to be used for marketing purposes.

The significant and growing risk of spyware and adware has created the need for comprehensive protection and removal capabilities for these security risks. Combating spyware and adware, like combating viruses and malicious code, requires a solid solution and a dedicated research and response mechanism to track new spyware risks and provide timely updates as the threat landscape evolves.

What is phishing? What protection does Symantec offer against phishing?

Phishing is a threat that uses `spoofed' e-mails and fraudulent Web sites designed to fool recipients into divulging personal financial data such as credit card numbers, account usernames and passwords, and social security numbers. And the number of these attacks continues to climb.

Often arriving through e-mail, phishing scams appear to come from a legitimate organisation and entice users to enter credit card or other confidential information into forms on a Web site designed to look like the legitimate organisation.

By way of protective action, consider who is sending the information and determine if it is a reliable source. The best course of action is to simply delete these types of e-mails.

What can firms do to protect themselves from malicious virus attacks? What products does Symantec offer companies to combat e-mail attacks?

Firms can:

  • Ensure they have set up and maintain strong consistent security policies within their company that includes user authentication, password management, traffic filtering, etc.

  • Deploy a multi-tiered or layered security solution within their environment — gateway security, server security and desktop security. This is important even in a small network. We often find that small companies have a few well-protected systems, but other machines on their networks are wide open to attacks, as they are not managed.

  • Keep up-to-date with security patches and fixes for their critical systems.

    Ensuring their security devices and systems are kept up-to-date with the latest content or policies such as IDS or antivirus solutions.

    With regard to e-mail threats: For the consumer, Symantec has spyware and adware detection and removal capabilities in Norton Internet Security AntiSpyware edition.

    For the enterprise, detection and removal capabilities are in Symantec Client Security 3.0 and Symantec AntiVirus Corporate Edition10.0.

    What security threats do mobile phone users face? How can they be countered?

    According to the recent Symantec Internet Security Threat Report, malicious code has been developed for mobile devices, namely a worm called Cabir.94.

    As cell-phones and PDAs (personal digital assistants) become more sophisticated and mobile connectivity increases, the potential for more malicious code that affects them increases as well. Only smart phones, such as those running Windows Mobile (Windows CE/Pocket PC), Symbian OS or Palm OS appear vulnerable to misuse. The key difference is that they are more `open' because new applications can be loaded onto them. Normally these would be programs such as productivity tools, utilities or games. This also means that the applications can take a malicious form.

    sumeetkaul@thehindu.co.in

    Article E-Mail :: Comment :: Syndication :: Printer Friendly Page

    • Stories in this Section
    Spilling ink on an inkjet printer

    Problem pile-up
    `Growing' the farmer
    Trouble with CD-ROM drive
    Niche and nippy
    Grow savvy on security
    Winds of change...
    Quiz
    Stored data is doubling every nine months

    The Hindu Group: Home | About Us | Copyright | Archives | Contacts | Subscription
    Group Sites: The Hindu | Business Line | The Sportstar | Frontline | The Hindu eBooks | The Hindu Images | Home |

    Copyright © 2005, The Hindu Business Line. Republication or redissemination of the contents of this screen are expressly prohibited without the written consent of The Hindu Business Line