Since 2000 (the year Arkoon was founded), information and communications technologies have evolved dramatically. With the explosion of domestic broadband internet connectivity and mobile computing devices, the barriers between business and domestic usage patterns are breaking down.
Information security has been faced directly with three key challenges:
1- HACKING IS NOT A GAME
Not so long ago hacking was looked on as something of a game, or as a challenge for the geekier IT students. Hacking has evolved to become an underground industry with a profit motive and the capacity to deploy significant resources to achieve its ends. The result has been an explosion in the volume and variety of threats in the last few years.
Spam (probably the most visible menace) is used by criminal organizations, filling mailboxes with (more or less) credibly constructed emails, to drive users to websites which generate revenue for the organization behind them – websites offering “miracle” pharmaceuticals, illegal products, or “spoofing” bank websites to acquire personal details for fraud (“phishing”).
Hundreds of millions of dollars are generated every year by this illegal underground economy; proof that the threat to information systems has moved into a new dimension. The challenge for enterprise information security is immense.
2- MOBILITY IS THE NORM
Perimeter security – filtering traffic at a limited number of known entry points to the corporate network – is no longer adequate. Mobility is changing the game. People on the move now take their information resources with them – laptops, PDAs, smartphones – beyond the protection of the corporate firewall; corporate information is on the move, and needs protection.
3- VOICE APPLICATIONS ARE UNDER THREAT
The convergence of voice and data networks is now well under way for most enterprises, as corporate IT managers seek to rationalize network infrastructure and reduce costs.
But even in enterprises not yet deploying VoIP solutions, users, familiar with voice software such as Skype from home use, are unofficially installing the same tools on their business PC, effectively punching holes in corporate perimeter security as these tools open covert tunnels and build “grey” networks extending outside the corporate firewall using proprietary protocols and encryption encapsulated in standard web protocols.
The result is that VoIP, while superficially resembling any other IP-based application and incorporating many of the same vulnerabilities (protocols, clients, servers) also has certain specific characteristics which need to be taken into consideration. To begin with, VoIP, as a real-time application, is especially sensitive to denial of service attacks. The slightest reduction in quality of service quickly impacts the perceived quality of communication and voice service can rapidly become unavailable – and how long can an enterprise survive without the telephone system?
YESTERDAY’S SOLUTIONS ARE INADEQUATE FOR TODAY’S PROBLEMS
As the information security environment evolves, security models based on the system and network architectures of five or ten years ago need to be completely redesigned. Perimeter security is still essential, but is no longer sufficient on its own to guarantee an adequate level of security for corporate information.
A SECURITY REVOLUTION IS NEEDED
Faced with the challenges described above, Arkoon, as a leading specialist in information security, has thought through a new approach which positions information at the core of the security question. New models for information security are built around delivering end-to-end protection for business information, from the datacenter to end point devices.
Arkoon develops products and services for the deployment of global solutions to the information security problems faced by all enterprises – protecting information, communications, and infrastructure.
