No Jitter is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them. Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

Vulnerabilities Threaten Collaboration

Late night reading sometimes beats counting sheep -- unless it has to do with Internet security. The February 2015 McAfee Labs Threats Report is one engaging read, especially if you are concerned about security impacting UC&C.

Here are some of the key highlights from the report:

IT Departments are tasked with heavier burdens of security since social media, SSL, TLS, certificates and trust are in fact vulnerable to the degree that, as McAfee states, "these vulnerabilities erode trust in the Internet."

People place their confidence in numbers such as popularity, and this has users putting themselves at risk. While people continue the same patterns of behavior of "click and think later," this translates to more risk and incidents/exposures. Workers who elect different browsers need plug-ins, and these crossovers between platforms introduce more vulnerabilities and exploits into the enterprise.

Patch and change management is evolving to near-real time protection in firewalls and client software. Removing user choice and inserting "management choice" over what's installable on mobile devices is increasingly necessary. The risk of enterprise being too overbearing, or IT becoming too restrictive, gives way to users being too liberal or high risk in what tools and apps they download and use. These challenges cannot be ignored, or presumed, as with the case of Apple OS, as not being targeted when in fact they are targeted and already exploited.

The recommendations within the report are familiar, save one: Consider using an ISP with better spam countermeasures. This argument gives way to some old ideas that didn't catch on but may resurface. The transport is capable of delivering better security and that argument of cost erupts into ISPs having too much control over content. The balancing act in security is sure to change and so are the methods to counter threats against the tools we need and use. Keeping enterprise networks private and locked down isn't going to be easy.