Over the past few months, disturbing studies have come to light indicating fear of using the Internet. The fear is directly related to all the bad press and user experiences with viruses, worms, Trojans, spyware, malware and spam that inhibit Internet communications. Operating system flaws that hackers can exploit have added the potential of identity theft to the growing list of user fears. Keeping software patches, virus definitions and e-mail filters up to date has become a time-consuming administrative nightmare.
Now we find our cell phones and PDAs have the same risks. Our service providers and hosting providers can be severely affected by denial-of-service attacks. New technologies such as Wi-Fi and video cameras have security issues upon installation.
The Internet originally was designed to accommodate computer-to-computer communications in a closed community. It has evolved into an any-to-any means of communications in an open community. That community is global in scope, totally unregulated and seemingly out of control. The Internet is at a critical point in its life cycle — adolescence. To get to its next stage of growth, the Internet must take a major leap into the realm of trusted communications.
In the computing industry, an attempt is being made to apply a set of open specifications to products that protect and strengthen the computing platform against malicious attacks. The organization responsible for this task is the Trusted Computing Group (TCG). Its members are a major cross section of the semiconductor and computer, software and communications infrastructure industries. The goals of the group cross over into the communications industry but fall far short of addressing the Internet’s trust problems.
Ignoring the problems or waiting for a group like the TCG to address the issues will not be enough. It’s time to consider forming a companion organization focused on Internet communications — a Trusted Internet Group. To be successful, the group’s membership must include global service providers, equipment/software vendors, content providers and users.
The formation of an organization like the Trusted Internet Group would not immediately solve any problems, but it would coordinate industry efforts rather than having individual vendors sequentially solve one security problem after another. It might even help to create a distributed security plane within the Internet that would act as an open, autonomic, real-time monitoring, quarantine, repair and maintenance layer.
Creating a trusted communications environment will not come for free. In the computing world, trusted products cost more than their counterparts. Cost is always an issue, but we must focus on the true total cost of use rather than initial or recurring expense. The time, labour, frustration and inconvenience involved in the maintenance and repair of problems associated with the “untrusted” Internet, coupled with the cost of lost productivity, opportunity and revenue, is significant.
The time to act is now rather than later. The industry has been winning the battles but losing the war. Recent published statistics contending that 80 per cent of all Internet computers contain spyware (according to the National Cyber Security Alliance) and 31 per cent of Internet shoppers are buying less because of security problems (according to Harris Interactive) are sure signs that the timing is right for change.
The Internet must grow from adolescence to adulthood to achieve the next stage of its ubiquitous evolution. Just as with human beings, this growth cannot occur properly without outside influence, education and oversight.
Creating a trusted Internet needs to be made the No. 1 industry priority rather than faster access and better quality of service. If we procrastinate now, Internet growth will forever remain in adolescence.
— Dzubeck is president of Communications Network Architects, an industry analysis firm in Washington, D.C. He can be reached at fdzubeck@ commnetarch.com.