Business Daily from THE HINDU group of publications
Monday, May 26, 2008
ePaper | Mobile/PDA Version | Audio
Business Daily from THE HINDU group of publications Monday, May 26, 2008 ePaper | Mobile/PDA Version | Audio |
|
|
|
|
|
|
|
eWorld
-
Security Info-Tech - Books Towards whitelist technology 
Shamshad Ahmed L.N. Revathy Edward Yourdon has pointed out in his book Byte Wars how companies and government agencies still pursue security strategies as if ‘we are in the mainframe era of 1975’. They forget that “we are now living in a world with literally millions of powerful personal computers with high speed always-on cable/DSL connections to the Internet, owned and operated by technologically naïve consumers.” The National Vulnerability Database report has revealed identification of 24 new vulnerabilities every day; and more than half of these are considered dangerous enough to warrant immediate remediation by IT departments. According to Indian Computer Emergency Response Team (CERT-IN), the maximum cases handled by the organisation in 2006 were of phishing and network scanning. In the early days, when there were not this many viruses, the traditional blacklist solutions, such as anti-virus and anti spyware software, helped block known threats. The blacklist solutions, experts say, are gradually giving way to a far more effective IT security technology based on ‘whitelist’ solutions. Does it mean that anti-virus will not be there? “I have my reservations on this. AV as a solution will be a part of the portfolio,” says Shamshad Ahmed, Regional Director (India and SAARC), Lumension Security. “When a new virus becomes known, the anti-virus companies create a defence against it and provide that update to their users. The entire philosophy of antivirus is they block the ‘known bad’ attack. However, for any new virus, the solution will have no signature. Vendors will have to write a signature. The solution therefore works in the reactive mode. Further, the modular designs of blacklist solutions are expensive and difficult to set up and maintain,” Shamshad explains. Using a blacklist (reactive response to viruses or malware) solution essentially means that users give control of their networks to a third-party vendor. Whitelist technology, on the other hand, helps administrations tackle unknown events. Since it requires no virus or spyware definition updates, the systems are always protected from day-zero virus attacks and no executable file that is not on the whitelist, such as a chat program, P2P, spyware, or Trojans, will ever install or run. Surendra Singh, Regional Director (India and SAARC), Websense, feels whitelisting technology is getting more relevant from a security point of view. “Given the interactive nature (Web 2.0 sites) of the Web and the increasing threat levels, one cannot expect a user to manually download and upload a blacklist on a daily basis. Going ahead, solutions providers are creating solutions that take care of the root cause rather than just the problem,” says Surendra. More Stories on : Security | Books
Article E-Mail :: Comment :: Syndication :: Printer Friendly Page
|
Stories in this Section |
 |
|
The Hindu Group: Home | About Us | Copyright | Archives | Contacts | Subscription Group Sites: The Hindu | The Hindu ePaper | Business Line | Business Line ePaper | Sportstar | Frontline | The Hindu eBooks | The Hindu Images | Home |
Copyright © 2008, The
Hindu Business Line. Republication or redissemination of the contents of
this screen are expressly prohibited without the written consent of
The Hindu Business Line
|