Unisys Announces Five Security Predictions For 2008

Jan 15, 2008 3:48 PM

In the rapidly evolving world of corporate and government security, forecasting future risks and trends is essential to planning, preventing and managing risks that could compromise the integrity of an organization's assets. To fulfill this need, Unisys Corp., Philadelphia, has released its five security predictions for 2008.

"Many organizations have a tendency to view security in the rear-view mirror -- scrambling to find a solution to a security problem after it's happened," says Tim Kelleher, vice president, Enterprise Security, Unisys.

"To combat new threats and to cater to the evolving demands of their end-users, IT professionals must convince their organizations to treat security as a core business function - one that anticipates user-demand, predicts future risks and develops workable solutions to potential security events."

Unisys' 2008 predictions are:

1. Protecting data on mobile endpoint devices will demand more attention and become increasingly difficult.

With the exploding use of mobile consumer devices (such as cell phones and personal digital assistants), organizations are scrambling to address security issues via passwords and other protective measures at log-in. By doing so, however, many enterprises miss the real threat. They neglect to look beyond the physical device and often fail to protect the data stored in the device, which is not only valuable to owners, but is also a growing target for criminals to commit identity fraud and theft.

2. Banks will face significant challenges in protecting consumer data and financial assets as more clients turn to mobile devices to conduct transactions.

Mobile banking is gaining traction and will continue to emerge as a significant banking channel, with more than 35 percent of online banking households using mobile devices for financial transactions by 2010, according to a recent report. As this trend continues, security risks will increase.

This is particularly the case for mobile phones embedded with radio frequency identification and "near-field" chips, the latter of which enable transactions similar to gas station speed passes. Because of the design of near-field technology and the way in consumers use it, such devices could be open to attacks such as phishing.

3. Organizations will seek continued convergence of physical and electronic (i.e., IT) security measures for enhanced protection against espionage.

The convergence of physical and electronic security will continue to drive new economic efficiencies into organizations while improving the safety and security of people, IT systems and mission-critical physical assets.

Ensuring the identity, authenticity and integrity of organizational assets, both physical and electronic, will require robust data fusion capabilities that integrate diverse sensory and remote-monitoring technologies such as instant authentication, motion sensors, intelligent video applications, GPS, wireless environmental sensors and RFID.

4. Public- and private-sector entities will pay more attention to paper and electronic records.

The global economy is dependent on the efficient distribution of electronic and paper records within and between organizations. And expectations are that by the end of 2008, the Federal Reserve will process 20.5 million electronic items per day compared with 13.5 million paper checks.

Kelleher predicts that in 2008, companies will be more diligent about setting more stringent controls over documents and data that are sent electronically or via U.S. mail.  This is likely to result in greater focus on encrypting information on shared portable drives and discs and increased investment in enterprise rights management solutions.

5. Popular social networking sites will become increasingly vulnerable to privacy breaches.

The broadening use and reach of Web2.0 technologies will increase the chances of a major privacy breach via social network sites such as MySpace, LinkedIn or Facebook. Peer-to-Peer (P2P) networks create an array of security risks and vulnerabilities for end-users. Unauthorized file shares, unintended duplication of personal e-mail and address books, data leakage, password and IM interception and installation of malware programs via P2P clients are just some of the risks that end-users can experience.

"As these sites connect to one another, many will cross-reference a member's credentials.  If a hacker can compromise one account, he could end up compromising many. And, because these sites are social in nature, the environment is conducive to divulging information -- oftentimes, too much," Kelleher says.

Kelleher notes that while 2008 will bring opportunities to leverage the tremendous communication and collaboration capabilities of the Internet and Web-enabled applications, "the challenge, as always, will be balancing freedom of information exchange with protecting information and people's identity and privacy."

Want to use this article? Click here for options!
© 2008 Penton Media Inc.

This month in Access Control

• Targeting The Customer
• Electronic Pedigrees
• One Hero Among Many
• Who? What? When? Where? Why?
• More from September's issue