01:53 PM
The Staff of Dark Reading
The Staff of Dark Reading
Connect Directly

Top 10 Most Overlooked Aspects of IT Security

Before you hunker down, all comfy and cozy, in front of a crackling holiday fire, hold the fruitcake and eggnog: Feel like you're forgetting something?

Security is big business these days, and hardware vendors know it. As a result, many hardware vendors have begun to build security features directly into their devices, giving them out-of-the-box capabilities that are often unexplored or overlooked.

One of the best examples of this phenomenon is the Trusted Computing Group's Trusted Platform Module (TPM) 1.2, a set of specifications that enables vendors to add a "security chip" microprocessor to any PC. TPM 1.1 chips made by vendors such as Atmel, Broadcom, and Infineon, have become standard issue on most PC hardware, but PCs that use TPM 1.2 only began shipping in the first half of this year.

Companies that have begun using TPM packages, such as Wave Systems' Embassy Trust Suite 5.1, are giving it a thumbs up. "Using TPM and Embassy Trust Suite has made a huge difference in the way we administer security," says Chris Cahalin, network manager at Papa Gino's, which operates some 400 restaurants throughout New England. "It's not only made our client machines and files more secure, but it's given us a lot more control in IT."

ETS 5.1 is a set of security tools and applications that leverage TPM chips to encrypt files, folders, and passwords on a laptop or PC, leaving the key only in the hands of the end user and the IT department. The keys can be given out in the form of smart cards, or the user can be authenticated via biometrics or digital certificate.

The net result is that users of TPM 1.2 and ETS 1.1 can lock their hard drives, folders, and files via an encryption key that can only be decrypted by the authorized user. A thief can't read any of the files on a stolen TPM laptop, and even users inside the company can be locked out of sensitive files on any end station.

Although most new PCs have TPM, many enterprises have yet to turn on their functionality, concedes Steven Sprague, president and CEO of Wave Systems. "I would encourage every enterprise to take a few of their new PCs into the lab, turn on this technology, and see what it can do," he says. "It'll change the way they look at end-user security."

Most experts see TPM as a boon for enterprises because it is a standard that works uniformly across vendors and PC models. But they are more wary of proprietary built-in security capabilities that are now being added to consumer-oriented machines.

Over the last few weeks, PC hardware vendors have been rolling out security technology at a rapid rate. On Nov. 1, Hitachi Global Storage Technologies announced that it will offer optional hardware encryption on all of its new 2.5-inch disk drives, which are expected to ship at a rate of a million units per quarter in early 2007. That announcement came on the heels of new drives from Seagate Technology, which will not only offer hard drive encryption but also multi-factor authentication options that would make it impossible for unauthorized users to access any data on the hard drive. (See Built-in Headaches.)

Experts say these built-in technologies -- as well as built-in biometrics from PC vendors such as Lenovo -- are good for consumers, but they may conflict with encryption and authentication policies and technologies that enterprises already have in place.

"Built-in security items will cause IT department headaches," says Richard Stiennon, founder of IT-Harvest, an IT consulting firm. "The enterprise would have to standardize on the new Seagate drives or be looking for hard drive encryption help for particular projects." As a result, many IT organizations will probably forbid the use of the new security technologies, Stiennon says.

6 of 10
Comment  | 
Print  | 
More Insights
Newest First  |  Oldest First  |  Threaded View
Register for Bank Systems & Technology Newsletters
White Papers
Current Issue
Bank Systems & Technology
BS&T's 2014 Elite 8 executives are leading their banks to success, whether it involves leveraging the cloud, modernizing core systems, or transforming into digital enterprises.
Bank Systems & Technology Radio
Archived Audio Interviews
Join Bank Systems & Technology Associate Editor Bryan Yurcan, and guests Karen Massey and Jerry Silva from IDC Financial Insights, for a conversation about the firm's 11th annual FinTech rankings.