Analysis: Companies race to lock down IT security

Ripples from the aftermath of the World Trade Center bombings and mercurial spreading of the Nimda worm and Code Red viruses are prompting a host of security questions from shell-shocked companies.

Customers are dialing up their security vendors in droves, in some cases to re-evaluate current policies and protection measures, in other instances to give the green light to security projects months earlier than originally planned.

The looming prospect of a drawn-out assault in the Middle East during an already ailing economic climate has sent businesses scurrying to lock down their core assets against any number of computer threats that may arise overseas and within the United States in the days to come.

“We really don’t know what the next strike will be or what direction this whole war will take, but if you sit there on your hands it’s going to be too late when [an incident] happens,” said Mark Yankowskas, IT director for Atlanta-based Rockwood Specialties Inc. “Proactive [measures are] the way it’s going to be.”

Rockwood Specialties, a group of 22 specialty chemical companies with sites in the United States, Germany, England, and Singapore, is a customer of managed security services provider (MSSP) Activis Ltd. The MSSP provides Rockwood Specialties with monitoring and managed firewall services and content-scanning e-mail and anti-virus offerings.

Yankowskas said his company’s global presence only further adds to the security strain of daily escalating military conditions in terms of retaliation and possible terrorism.

“Anything that hits [our Singapore facility] early in the day will affect our entire network with a 12-hour delay. We’re very concerned with that due to different time zones,” he added.

According to security vendors, intrusion detection, vulnerability assessments, and penetration tests are among the most requested security capabilities being asked for by users following the Sep. 11 attack.

Kevin Dowd, general manager of Activis, based in East Hartford, Conn., said recently that a customer requested a second round of intrusion detection service even though that was not part of its original deal.

“There’s a lot of nervousness and people aren’t sure what to do, and it’s coming at the same time we’ve seen some fantastic viruses. People are paranoid, and [the terrorist attacks] just made it worse,” Dowd said. “We’ve seen sales cycles that were long coming seem to accelerate over the last week or so.”

Activis, which also runs its managed security services out of Munich, Germany and England, uses Exodus data centres to host its offerings.

However, security vendors are urging users not to overreact and scramble to rashly implement new security solutions. Rather, they advise close examination of common and simple procedures already in place for holes that may exist.

“This is reinforcing what the companies need to do and haven’t done,” said Rob Clyde, CTO of Cupertino, Calif.-based Symantec Corp. “The biggest danger is that [we feel that] we’ll need this big earth-shattering protection, when in reality if we did the old tried and true protection, we’d be okay.

“If you have the other two ingredients to hack – time and motive – you too can hack. The danger is that terrorists have both of those. However, they do need access to the Internet and computer resources. From some parts of the world that’s not necessarily an easy task,” Clyde added.

Data Return customer Chuck Hall, product manager for BNA software, a Washington-based division of Tax Management (a subsidiary of the Bureau of National Affairs), said the company’s core asset, its source code, is safeguarded at an undisclosed location off-site.

“[Because of] things that you didn’t think would ever happen, it made you reexamine and argue ‘Have you taken all necessary safeguards’,” Hall said. “As we go forward, our concern, like everyone else, is that we’re safe from any viruses and cyber attacks. We feel we have the best possible protection in that area, and I think other customers see value in that too.”

Meanwhile, Allen Vance, Internet Security Systems’ director of managed security services in Atlanta, offered a warning against any further complacency.

“[Hackers] are getting more and more clever. Showing a sense of Internet architecture and engineering is really very scary when you start combining that with destructive payloads and taking advantages of Outlook.”