Activating remote security protection
[22/03/2006]

While trends in cyber crime show that businesses are becoming more vulnerable to hacker attacks, a new generation of security products are evolving to combat them. One of most effective countermeasures is remote security management, a technology that enables a company to pinpoint network security loopholes.

Today’s ‘Black Hat’ hackers are intent on milking digital assets for profit and are finding a myriad of ways to invade your PC. Telspace Managed Security Services MD Dino Covotsos points out that professional criminals are exploiting security loopholes that lie beyond the protective range of firewalls and anti-virus checkers.

“According to the Federal Bureau of Investigation in the US, cyber crime cost companies and individuals about $400bn in 2004,” he says. “At the same time a recent PriceWaterhouseCoopers report says that identity theft and corporate espionage are on the rise.”

Countering these endemic problems requires creative solutions, a need that Telspace has recognised and addressed. Putting local expertise to work, the company developed its own remote security management system called Telspace Audit. The system identifies critical problems on a network that need to be addressed urgently.

Telspace Audit is based on assessing the vulnerability of a network based on a ‘hacker’s eye view’. As Covotsos explains, “It basically emulates a team of hackers using unique methodologies and techniques to find the security threats, exposed private information and attack vulnerabilities in any network.”

It’s an automated system that analyses an Internet-connected system from a remote location, enabling administrators and top decision makers to get a detailed overview of their network security status. The report shows how the network could be attacked, what confidential information is exposed, the potential business impact of a hacker incident and how to fix any security problems.

The new Telspace Audit system is a competitively priced, cost-effective solution. It is a thorough, wide-ranging security check that currently tests for over ten thousand different security vulnerabilities and shows different levels of seriousness in the identified security threats.

The report provides both a business perspective for non-technical readers and detailed technical information for IT staff. Graphs and information summaries give a quick-reference ease of use to survey vital security issues.

Security threats are assessed by risk factor and by family. Telspace has identified 11 different families of threat classifications. There’s good reason to be alarmed if a large diversity of families crops up in an analysis because systems like this make an easy target for attackers.

Your system is also vulnerable through open network ports where attackers can creep in. “It’s a good idea to make sure specific ports are firewalled – the more open ports, the more potential entry points to a network/server,” warns Covotsos.

“The Telspace Audit system cross-references security threats by port number and risk factor in order to reveal which port represents the greatest overall risk to the target system.”

A unique feature of the Telspace analysis is its Comparative Security Ranking. Here Telspace assigns a score to the security analysis report based on the quantity and severity of the security threats discovered. The formula rates the quality of network security against all other systems that Telspace has analysed, providing a benchmark against which a company can measure its security level.

Covotsos stresses that it’s important to provide a clear window on security issues for both non-technical and technical staff. To this end Telspace Audit includes a security resolution checklist, a high-level summary that helps managers to organise the work-flow process when addressing network security threats.

Another plus is a review of general security practices to consider. These checklist items enable companies to manage the awareness, protection, and reaction of the network to possible security attacks.

Comments Covotsos, “The old saying that ‘a chain is only as strong as its weakest link’ is true for the network and information security – all it takes is one vulnerability on one link in the network chain to spell disaster for the entire network.

“Telspace can analyse the security of every Internet-connected device on the network, including servers, desktops, routers, firewalls, fileservers and laptops.

“If your network allows remote connections (for example, workers who telecommute and connect from their home office), the security of those remote devices must also be assessed.

“Think of it this way: it is just as effective to break into your home using the bedroom window as it is using the front door. Every possible entry point needs to be secured. Just as you should frequently update your anti-virus software, it is also good practice to analyse your network’s security regularly.”

The Telspace MD notes that new security threats and vulnerabilities are discovered daily and that the Telspace database of security threats generally grows by 10-25 new vulnerabilities every week. Telspace has even recorded more than 80 new security threats cropping up in a single month.

As Covotsos concludes, “Being educated about what a hacker may be looking for on your system can help you understand why keeping your network secure is so critical. As an aid to understanding security, Telspace Audit includes an Education Report that gives a comprehensive explanation of network and information security."

Dino Covotsos
Telspace website: http://www.telspace.co.za
Email: dino@telspace.co.za
Telephone: 011 235 4015/6
Cell: 082 352 9296