How To Plug 5 Big Security Holes

By Deborah Gage Print this article Print

It's what you don't know about the security problems of operating systems and web applications that can kill you. Here are five new technologies that may change your relationship with your data.

Security has been the bugaboo of information technology for years—certainly since the advent of the Web in the mid-1990s. And the risks have risen as technology has made workers more mobile and businesses more able to communicate using their computer systems. Can I secure my data? It's a question that has robbed many technologists of sleep.

In this report, Baseline offers a snapshot of five up-and-coming technologies whose security implications are crucial to your business.


The Technology
Microsoft's latest Windows operating system.

Deployment and Use
Just starting. Many large companies, especially those that skipped Windows XP, will start rolling out Vista by mid-year, according to Manny Novoa, a security strategist at Hewlett-Packard. Departments such as engineering, where employees are comfortable using computers, will get Vista first, although some information-technology teams may mix in less technical users to get a better idea of how Vista will work across the company.

Microsoft says Vista is its most secure operating system ever, but at least one new security feature in Vista will make it harder to manage. Companies using BitLocker, a feature that encrypts the hard drives on laptops and PCs, will need to keep track of decryption keys—a non-trivial task.

The Vulnerability
Because they are ubiquitous, Microsoft operating systems have always been prime targets. Vista is no exception. Security researchers have been banging away at it for months. Serious hackers—the ones who attack for profit—probably won't bother with Vista until enough people are using it so "the time is right financially," says HP's Novoa.

Vista's holes are offset by some new security features, including more controls for administrators over what users can do in the operating system. Deployed correctly, Vista is expected to make Windows safer from malicious attacks than it was before.

What To Do
Operating-system security is less a problem to be solved than a process to be continuously addressed. Indeed, as they start adding Vista systems, information-technology teams shouldn't relax their efforts to secure legacy versions of Windows and Office.

With Vista, Novoa says, companies should be using extra antivirus software, intrusion detection software, and personal firewalls for employees who plug their laptops into hotel networks. Smart cards can prevent anyone but a computer's owner from booting it, so using them may make sense as well.

Next page: Web Applications

This article was originally published on 2007-02-16
Senior Writer
Based in Silicon Valley, Debbie was a founding member of Ziff Davis Media's Sm@rt Partner, where she developed investigative projects and wrote a column on start-ups. She has covered the high-tech industry since 1994 and has also worked for Minnesota Public Radio, covering state politics. She has written freelance op-ed pieces on public education for the San Jose Mercury News, and has also won several national awards for her work co-producing a documentary. She has a B.A. from Minnesota State University.

eWeek eWeek

Have the latest technology news and resources emailed to you everyday.