======================================================================== SECURITY ADVISER: P.J. CONNOLLY http://www.infoworld.com ======================================================================== Thursday, November 4, 2004
Network protection commentary by: P.J. Connolly HOME USERS STILL THE WEAKEST LINK By P.J. Connolly Posted October 29, 2004 3:00 PM Pacific Time I'm not sure how I missed out on National Cyber Security Awareness Month -- I know I have the press release around here somewhere. ADVERTISEMENT -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- The RSA(R) Conference is the most prestigious information security event of the year! This is the authoritative source for uncovering new ways to thwart cyber-criminals. RSA Conference 2005 takes place February 14 to 18, 2005 in San Francisco. Register early for special discounts. http://newsletter.infoworld.com/t?ctl=9BE6AD:2B910B2 -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- Then again, when I see the word "cyber," I usually set my brain to "ignore" -- it must be linguistic principles that cause me to react as I do to the never-ending misuse of perfectly good Greek. On top of that, I'm so over National This-or-That Month. I've always believed that designating a month for promoting a particular cause was a nice way to focus the staff of industry associations and other interest groups, while to the rest of the world it seems to trivialize a real problem. But I digress. The most meaningful thing to come out of National Cyber Security Awareness Month, which was brought to us by the National Cyber Security Alliance (NCSA), was a study of 329 home computer users that the alliance conducted with America Online. (I have to stop watching cable TV -- the small-business and home-user makeovers suddenly sound really appealing.) You could tell last week was a slow news week because the IT media were full of the survey's results: In short, home users are clueless, and their machines are hopelessly infested with viruses, netbots, and every other sort of malware. Well, duh. I have spyware problems, and I'm just about the most careful (paranoid?) person I can imagine. Unfortunately, hostile and intrusive software is an unavoidable hazard of life on the Net. The AOL-NCSA study is important because there's a gigungous perception gap among most home computer users. This is the same problem faced by corporate IT and small business alike -- the "Nobody's interested in little old me" mind-set. Maybe they're not interested in you as a person -- or your company -- but they sure want your data, and your Net connection, too. Let's face it: The home network requires the same attention to defense as the corporate network. After all, someone who wishes to zombify a few dozen PCs doesn't care where the machines are located, as long as they can be reached. If that's not enough, imagine that someone wants to 0wn you in particular. If I were targeting a business, I'd try to compromise the home networks of the senior employees. One of those people is likely to have taken a shortcut on the information security policy; even senior CIA officials have been known to connect Company-issue equipment to the Internet at home. There's no easy answer to the problem of household computer security. The draconian solutions that would make you most safe aren't going to be implemented, and as I mentioned last week, education has its limits. It's a pickle, any way you look at it. P.J. Connolly is a senior analyst at the InfoWorld Test Center. ======================================================================== Ever wonder how others keep up with web services? Your peers will tell you, although your competitors probably won't. This is how more than 63,000 people keep up with the fast-moving news about web services: the Web Services Report newsletter. Scan its quick summaries of the week's biggest news in web services, then move on or click through for the full story. It may not be the only way to keep up with web services, but it's the easiest. Subscribe at http://newsletter.infoworld.com/t?ctl=9BE6A9:2B910B2 ADVERTISE ======================================================================== For information on advertising, contact [EMAIL PROTECTED] UNSUBSCRIBE/MANAGE NEWSLETTERS ======================================================================== To subscribe, unsubscribe or change your e-mail address for any of InfoWorld's e-mail newsletters, go to: http://newsletter.infoworld.com/t?ctl=9BE6AA:2B910B2 To subscribe to InfoWorld.com, or InfoWorld Print, or both, or to renew or correct a problem with any InfoWorld subscription, go to http://newsletter.infoworld.com/t?ctl=9BE6AC:2B910B2 To view InfoWorld's privacy policy, visit: http://newsletter.infoworld.com/t?ctl=9BE6AB:2B910B2 Copyright (C) 2004 InfoWorld Media Group, 501 Second St., San Francisco, CA 94107 This message was sent to: [EMAIL PROTECTED]
