The Weakest Link

• By Lafe Low
• 11/01/2006

The National Survey on the Detection and Prevention of Data Breaches (get a copy of the survey from the Ponemon Institute at www.ponemon.org) surveyed 853 randomly selected information security professionals about their data-protection practices. Despite numerous stories in the media about credit-card numbers and the personal data of thousands of government workers floating about in the ether, attitudes about the state of data security range somewhere between hopeless and abysmal. The study revealed that:

• 63 percent believe they cannot prevent a data breach
• 59 percent believe they can effectively detect a data breach
• 68 percent believe they could detect a large data breach (more than 10,000 files)
• 51 percent believe they are likely to detect smaller breaches (fewer than 100 files)
• 41 percent of companies surveyed do not believe they're effective at enforcing data security policy

The main reason these security professionals gave for failed enforcement? You guessed it -- lack of resources. There were 35 percent of respondents who stated that leak-prevention technologies are simply too expensive. One other interesting note from the survey was that 16 percent of companies surveyed believe they're invulnerable to a data breach. Ignorance must surely be bliss.

Secure in the End
Security is always topic No. 1. These days, it seems like folks only discuss security on days that end in "Y." The focus of the conversation has changed, though. It's less about firewalls that block off your network like a digital Great Wall of China and more about specific point solutions -- especially endpoints. ScriptLogic and Centennial continue to strengthen their endpoint lockdown tools.

A convenience for users often hides a nightmare for administrators. USB drives, flash drives, thumb drives, whatever you want to call them -- they're a perfect example of that. Desktop Authority 7.5 adds USB and port security to prevent data theft with removable devices. The new version gives you greater control over MP3 players, digital cameras, flash drives and removable CD devices. It lets you control when a certain lockdown policy should be applied based on a range of criteria.

DeviceWall Version 4.5, the latest iteration of Centennial Software's endpoint security tool, begins by assessing how these devices are typically used, then implements policies to manage and secure that usage and tracks the movement of data in the event of a theft.

Virtually Improved
Virtual PC has its issues, but Virtual Server is a solid contender (see the October 2006 Reader Review of Virtual Server and this month's on Virtual PC here). At least Microsoft seems intent on improving Virtual Server. Beta 2 of Virtual Server 2005 R2 Service Pack 1 (SP1) is ready for download. SP1 adds support for hardware-assisted virtualization, better backup services and offline manageability. It will support both AMD Virtualization and Intel Virtualization Technology, so interoperability and performance for non-Windows guest operating systems should be much improved. Now how about some help for Virtual PC?

On a related note, about a month after announcing a recall, Microsoft just re-released the code for SBS 2003 R2 to OEMs. Both Dell and HP were expected to start pre-installing SBS 2003 R2 by the end of September.