After reading the various links on the web of 2007 predictions for both IT and Security, I asked myself "What are we going to do in 2007?"
1)It is clear that spam will continue to be a big problem. The new email born threats will be via images and video clips. It makes sense then to strip those images and mpeg files at the email gateway. Users won't like it, but think of it this way: We are saving our users from network death by infection. They don't appreciate losing network services and access to resources and we don't appreciate the clean up efforts.Equal ? We will also be regularly scanning our file servers for files of that type and just blitzing them, no questions asked. Downloading these types of files is forbidden by policy
Let our systems be configured to continually check for updates which is the sole solution. I have not had a virus infection in previous 1 year.
2)We may migrate to Firefox as the web browser of choice.I still believe (see, there's the passion) that Firefox is going to protect my web surfing experience sooner and more reliably than IE. And no, we have not migrated to IE7 because we don't trust it yet. Microsoft still has a consumer confidence problem when it comes to security.
3)And we can include the migration to Vista into the same distrust bucket. If I had my way we would go open source all the way around. However, we are upgrading our hardware (who would've thought you would need 2GB of RAM on a desktop computer?) As much as I love and am passionate about open source on the desktop, it's just not quite ready for enterprise prime time. Not because the product is not great, but because of the end (L)user learning curve we would face.
4)Our biggest focus should be encryption in 2007. We aren't going mobile or doing VoIP. We are just concentrating on the basics and doing those things well. We shall be encrypting network traffic, hard disks, file systems, etc
5)And on the base is security awareness training because we have found that no matter how hard we work, our end users will find a way to unknowingly circumvent security technology. We need the end users in our camp and on our side helping us fight the war against hackers and spammers.
I'd like to hear what your organization is doing to improve security in 2007.
No comments:
Post a Comment