Diversifying Security

Anti-virus vendor Tumbleweed has released its findings on the five pressing security threats that will emerge or continue to plague IT security in 2007. As anticipated, data leakage concerns and continued growth of profit-driven spam will top the list this coming year.

Dr Taher Elgamal, chief technology officer at Tumbleweed, says the spam problem will continue to grow and be increasingly profit-driven.

“Spammers will continue to exploit new ways to circumvent spam filters, such as using video and audio files to avoid detection. We will also see data leakage become the biggest issue in 2007,” he says. “Most organisations do not realise how much data is travelling outside the enterprise, usually via unsecured methods.

“As a result, desktop encryption will become a mainstream defence mechanism and content security will become more sophisticated
to address this shift towards data protection, monitoring both inbound and outbound traffic for multiple protocols.”

Most spam will be focused on the categories with the highest potential for profit. For example, 60 percent of spam at the end of 2006 was for stock tips or drugs – areas where there is a clear profit motive – and this will continue to grow in 2007.

Recently Australia was hit by a fake political spam announcing Prime Minister John Howard was having a heart attack. Then another spam announced the Australian cricket team was fighting for One Day rankings, proving that spammers will continue to find new ways to circumvent spam filters. For example, spammers will seek to randomise images to evade spam filters to penetrate inboxes.

Set to gain more steam in 2007, the ‘logo gibberish’ spam is a recent example that uses legitimate graphics within the email to confuse filters.

This year will see hackers and spammers also trying to take advantage of audio and video files, using them to deliver viruses, mask and deliver spam messages and generally avoid detection by conventional spam filters.

Botnets are armies of hijacked computers used to deliver spam and these will remain an issue in the coming year. The botnets allow spammers to deliver thousands of messages while avoiding reputation filters that block known spammers.

With this type of threat evading all areas of an organisation, resellers need to look at which solutions best suit their customers to prevent an attack occurring. General consensus in the industry seems to be that there is no one solution that will protect the network and the desktop.

“To sell security, resellers need to keep the IT systems together and forming a big puzzle,” says Tom Piotrowski, managing director of niche security distributor Unixpac. “Keeping constantly educated on how new technologies interlock with others is relatively easy to follow.”

Lagis Zavros, COO of Internet reporting software vendor Webspy, believes resellers need to take a more holistic view of the whole security market. The Internet and its tools like instant messaging and YouTube have taken the issue of compliance to a board level. Managers have become much more responsible, especially with compliance and mitigating risks.

“There is a trend towards being able to report to provide evidence with what has happened for legal compliance. Internet-based communication like frame relay, ATM and Internet-based VPNs for VoIP has opened a lot more holes for organisations. There is a trend for vendors to come up with newer products,” Zavros says

Changing face of security
Dominic Whitehand, managing director of Whitegold Solutions, believes one of the biggest things that niche distributors might see is a lot of the resellers in deals were they provide a multi-tiered portfolio to their customers. These resellers will look at an organisation’s gateway and offer customers one product then go with a completely different anti-virus vendor across the whole network.

“These resellers will typically go into security and ask networking people like Whitegold which vendors are complementary to each other. We have vendors working with us that offer multiple solutions including Secure Computing, with a whole range of products from UTM to URL filtering, Barricuda and Fortinet,” Whitehand says.

Joel Camissar, managing director of anti-virus vendor Websense, says it is “very interesting” how things work out in the security market. About 10 years ago multiple vendors and partner organisations used to sell single security portfolios.

“Once, anti-virus technology meant cheaper licences and resellers felt customers could be better protected. However, this has all changed and organisations are now saying the product I have is not working and threats are evolving,” Camissar says.

“Security resellers can’t keep pace with what’s out there other than specialising in one area and putting their eggs in one security basket, meaning resellers are leaving money on the table. There are a range of solutions that are complementary to each other and they can’t just say that this one solution they have is the best – they need to be flexible to meet customer needs,” he says.

The end user is becoming savvier than ever before and Camissar believes that servicing is just one part of the total package they expect. Any customer can do a Google search about products and in a matter of a few hours can become an expert and approach their reseller about product XYZ.

“I personally think security resellers are struggling with the technologies which are best of breed and as a result there is a tendency to become opportunistic and are led by what a customer wants rather than what they require,” he says.

As the changing landscape becomes more confusing it is important for resellers to be more careful about so-called leading technologies. Unixpac’s Piotrowski agrees that end users are doing their homework about security and resellers are being influenced by what an end user wants.