Tuesday, November 08, 2005
Information Security Awareness on the Rise
Two interesting articles that were published earlier this week indicate that information and network security awareness is rising in markets that previously paid little attention to securing their data and networks.
The first article is about a law proposal in New York County, New York that would require businesses that collect customer information to apply basic security measures, such as firewalls, when offering wireless access to consumers. This means that open wireless networks would still be open to the public, but they would be separated from the corporate network, where sensitive information is stored, in order to protect the corporate LAN from potentially hazardous activity in the public WLAN.
This law is not meant to protect open wireless network users from each other or from Internet hazards, but to enforce customer data security on the corporate side.
You can read more about this law on eWeek
The second article is about the increasing pressure placed on retailers regarding customer information security. The most curious part of this particular article is a quote from an anonymous IT security director who states that the problem is executive sponsorship for the investments needed to bolster security.
You can find the article on Computer World - Security Topics
According to these two articles, the security awareness is there, especially when it comes to IT personnel. However, the executive level still lacks assurance in the need to invest in information and network security, without a visible ROI.
Perhaps it is a matter of time before rules and regulations force businesses, large and small, to keep their customer data secure, or it could be that storage and networking standards will eventually force an organic migration to more secure solutions.
The first article is about a law proposal in New York County, New York that would require businesses that collect customer information to apply basic security measures, such as firewalls, when offering wireless access to consumers. This means that open wireless networks would still be open to the public, but they would be separated from the corporate network, where sensitive information is stored, in order to protect the corporate LAN from potentially hazardous activity in the public WLAN.
This law is not meant to protect open wireless network users from each other or from Internet hazards, but to enforce customer data security on the corporate side.
You can read more about this law on eWeek
The second article is about the increasing pressure placed on retailers regarding customer information security. The most curious part of this particular article is a quote from an anonymous IT security director who states that the problem is executive sponsorship for the investments needed to bolster security.
You can find the article on Computer World - Security Topics
According to these two articles, the security awareness is there, especially when it comes to IT personnel. However, the executive level still lacks assurance in the need to invest in information and network security, without a visible ROI.
Perhaps it is a matter of time before rules and regulations force businesses, large and small, to keep their customer data secure, or it could be that storage and networking standards will eventually force an organic migration to more secure solutions.
