Home   |   Contact   |   Deutsch    deutsch_flag
spacer
spacer
Call: +44 (0) 1483 227600 
Email: info@wickhill.com

spacer
spacer
spacer
company
products
services
support
knowledgelibrary
partners
training
spacer
arrow
   Home > Company > Press
spacer

Company
Company Profile
Contact
Recruitment
Press
Press Releases
Features
Pictures
WEEE

callback_request



Feature

KEY ISSUES IN ENABLING E-GOVERNMENT

By Ian Kilpatrick, chairman Wick Hill Group, specialist in secure infrastructure solutions

The pace of enabling e-government continues to accelerate and security continues to be a key element.

Remote access - threats and solutions

One of the major challenges facing the public sector today is the growth of wireless, remote and mobile computing with the spread of laptops and PDAs, and the security issues these raise. The risks include: -

* Identity Theft

Even though the danger of identity theft has high visibility, it is clear that the message has not noticeably affected users' security awareness. Recent research by the Federal Trade Commission 1noted that damage and loss resulting from ID theft and cyber crime among American adults has increased to nearly $50bn annually.

* Wireless

The growth of wireless deployment has been phenomenal, but according to the Department of Trade and Industry (DTI) survey 2 one in five wireless networks is completely unprotected, while a further one in five is not encrypted. Furthermore, two-fifths of companies that allow staff to connect via public wireless hotspots do not encrypt the transmissions.

* Security drift

Another major threat from remote access is that the defence levels of anti-virus and personal (or hardware) firewalls may not be updated to deal with current threats. This is particularly prevalent where machines are used by family members and where government IT department standards are not being adhered to.

* Unauthorised software

The installation of unauthorised software not only increases vulnerability but also moves mobile devices outside the perimeter of IT department threat awareness. Some recent examples include Macromedia, Google search bar and web accelerator, Instant messaging (IM), and Skype, all of which have had security issues. Also, the use of peer-to-peer for music and film downloads has a range of legal and security implications.

Solutions

- Passwords and authentication

Static passwords are woefully inadequate for remote and mobile users, with huge identity theft risks (particularly for wireless). The answer is to deploy strong two- factor authentication. Companies such as VASCO provide low-cost, token-based solutions that can be easily deployed for remote users.

Physical device authentication (as part of a multi-factor authentication approach) is another powerful component, which ensures that the device accessing the network is the one that is authenticated. This can be done with products such as Phoenix Trust Connector.

- Encryption

Many laptops and PDAs are lost every year. These may contain confidential government information or provide access to the government network. It is critical that all mobile devices should have their disks encrypted, so even if they fall into the wrong hands, confidential data cannot be accessed. Encryption is easily done and products, such as those from Utimaco, provide hard disk security while still allowing easy operation for authorised users. Government local area networks should also be encrypted to protect data.

- Compliance

Compliance is another key issue and IT security solutions should meet all relevant regulations. For example, when choosing security systems such as firewalls or unified threat management solutions, you need to ensure they are both EAL4 and RoHS compliant.

Companies such as WatchGuard provide public sector firewall and unified threat management solutions which provide both these facilities. Bear in mind that many cheaper remote firewalls are incapable of dealing with application level attacks. A key requirement for remote firewalls, wireless or static, is to be able to deal with current and future threats, which include packet and, increasingly, application level attacks.

For unauthorised network software such as peer-to-peer ( e.g. Skype), Instant Messaging (IM), Google Search, etc, solutions such as FaceTime provide comprehensive blocking and management facilities.

With regard to facilitating provisions for the disabled, there are solutions available from companies such as VASCO, whose range includes strong authentication solutions suitable for the visually impaired.

- SSL VPNs

Consider using encrypted SSL VPNs, alongside or instead of IPsec VPNs, as SSL can provide lower cost, easier to manage connections for large numbers of remote users. This is a growing area and there are a wide range of effective, secure solutions from Array, WatchGuard, Check Point, etc.

- Wireless protection

Ensure that all traffic is over VPNs and is encrypted. Companies such as WatchGuard and Check Point provide remote, centrally manageable IPsec and SSL VPN solutions. Don’t use Wired Equivalent Privacy (WEP) for encryption because it is poor, insecure and weak. Use WPA or WPA2 (also known as 802.11i) and ensure that users always operate with it switched on - the default for devices is with it switched off.

Last, but by no means least, the public sector IT department needs to be vigilant for new virus threats. Recent research by Australia’s Computer Emergency Response Team (AusCERT) 3 found that threat authors are specifically targeting popular anti-virus packages. Tests by AusCERT showed that top-selling anti-virus solutions let in 80% of new malicious code, while Kaspersky Anti-Virus kept out 90%. It’s important, therefore, that a layered AV defence, with one product on the gateway and a different one on the desktop, should take this into account.

ENDS

(1) Federal Trade Commission

http://www.scmagazine.com/uk/news/article/526700

(2) 'DTI Information Security Breaches Survey 2006'

www.security-survey.gov.uk

(3)Information on testing by Australia’s Computer Emergency Response Team (AusCERT) taken from two articles by Munir Kotadia on ZD Net Australia

July 21 st 2006 “Why popular antivirus appliances ‘do not work.’”

July 19 th 2006 “Eighty percent of new malware defeats antivirus”

http://www.zdnet.com.au/news

About Wick Hill

Established in 1976, VAD (value added distributor) Wick Hill specialises in secure infrastructure solutions. The company's portfolio covers security, performance, access, services and management. Wick Hill sources and delivers best-of-breed, easy-to-use solutions through its channel partners, providing customer support, implementation, training and technical services.

For reader queries, please contact Wick Hill on 01483 227600, web www.wickhill.com.



top




  © Copyright 2006 Wick Hill Ltd. All rights reserved. Errors and omission excluded.
  All deals, offers and specifications subject to availability and subject to change without notice		 Home  |  Contact
blog stats