Protecting Against Dangers from Within
Most of today's enterprise security solutions are designed to counter danger from external sources. But security breaches that expose personal consumer information or sensitive corporate data can also come from within an organization. Recognizing the importance of mitigating internal threats, Utimaco Safeware has released SafeGuard LAN Crypt 3.2, an advanced security encryption tool that protects corporate networks and data. "Security starts with encrypting internal data," Walter Loiselle, vice president of Operations and Technology at Utimaco, told me in a recent briefing. LAN Crypt encrypts corporate data, then limits access to specific encrypted data according to rules that the security administrator outlines. LAN Crypt boosts internal security by differentiating the roles of the system administrator and the security administrator. The system administrator manages the system but can't decrypt files; the system administrator manages the encryption keys but can't access the stored encrypted files. The software is easy to deploy; supports the use of certificates, smartcards, and USB tokens; and can scale from individual user groups to enterprisewide rollouts. It works invisibly in the background so users don't need to change the way they work, and because all encryption/decryption takes place on the client, server performance is unaffected.

Small Businesses Need Big Security Improvements
Small businesses are embracing technology without instituting adequate security measures, according to a recent study conducted by the Small Business Technology Institute (SBTI) and sponsored by Symantec. A survey of 1024 U.S. companies with 100 or fewer employees found that 80 percent of the businesses with 51 to 100 employees connect to the Internet through DSL, a cable modem, or a T1 line. About 90 percent of the businesses with 11 to 100 employees are networked. And about 50 percent of the businesses with 51 to 100 employees use both laptops and PDAs. Yet 20 percent of small businesses don't scan email messages for viruses. And of small businesses that have deployed wireless networks, 60 percent don't encrypt wireless traffic.

Despite the fact that the majority of small-business respondents (56 percent) have experienced at least one computer security incident in the past year, only 43 percent of small businesses allocate funds for information security. And 75 percent of small businesses undertake no information security planning at all. "Small businesses represent an extremely high point of exposure for the U.S. economy based on their significant contribution to the Gross Domestic Product (GDP) and their insufficient information security readiness," said Andrea Peiro, CEO and practice director of Market Intelligence for SBTI.

For the complete "Small Business Information Security Readiness" report, go to http://www.sbtechnologyinstitute.org/mi/research.htm.

Quicker Patching with Blue Lane's PatchPoint
You might not have heard of Blue Lane Technologies before, but it's been around, operating under the radar, for several years. Blue Lane's PatchPoint product has been quietly protecting a few customers for more than 6 months. Now, say Fred Kost, marketing vice president, and Jason Young, product marketing senior manager, Blue Lane is ready to introduce PatchPoint to a wider market.

PatchPoint is an inline patch proxy system. When a vulnerability becomes known on a supported OS or application such as Windows, Microsoft SQL Server, Microsoft Exchange, Microsoft IIS, or Oracle, Blue Lane engineers create a patch similar to the one the vendor will offer and distribute it (via the PatchPoint ActiveUpdate service) to the PatchPoint Gateway running on customers' networks. That patch will protect the customers' servers until customers can thoroughly test and deploy the vendor patch on all their servers. The idea is to patch the vulnerability before hackers have time to unleash multiple exploits with multiple signatures. An introductory PatchPoint system—with one PatchPoint Gateway (protecting up to 30 servers), PatchPoint Manager, PatchPoint ActiveUpdate, and support and maintenance—costs $30,500.

Secure Your DNS Infrastructure
DNS is something that everyone knows about, but very few people know how to use it properly, nor do they understand DNS's inherent security problems. We spoke to BlueCat Networks' Michael Hyatt about his company's Adonis product line, which includes the new Adonis 250 DNS Caching Appliance. DNS caching speeds up the location of Internet addresses and relieves the load on a company's primary DNS appliance. The Adonis 250 is a dedicated DNS caching appliance that can be set-up quickly and easily to deliver DNS resolution. Like the company's Adonis 500 DHCP Appliance and Adonis 1000 DNS/DHCP Appliance, the Adonis 250 features a hardened Linux-based OS, providing one of the most secure appliance platforms available. The appliance features secure managed updates and a cross-platform GUI to simplify administration. According to Hyatt, "the Adonis line is targeted toward midsized-to-large businesses, and adds a substantial layer of security to the business environment."