Security Meeting Focuses on the Basics
By SOMINI SENGUPTA
| February 29, 2012, 12:52 pm
.
SAN FRANCISCO — At the annual gathering here for computer security professionals this week, there was a lot of talk about hygiene. Not hand washing, but its digital equivalent.
Five years ago, conference attendees said, they might have been sharing tips on what to do to make their customers safe inside their trusted, protected company networks. These days, they said, there was no inside, and nothing could be trusted. That was in part, they said, because people were online all the time on a variety of devices – all of them vulnerable to attack. A company could no longer expect its employees to log in to their computers in the office. Today, employees are expected to send e-mail on their cellphones and tablets, transmit data over their home wireless network, even reveal themselves (and often, whom they work for) on social networks like Facebook. Everyone must be taught about how vulnerable they are. Every device and every platform needs to be checked. And if something is dangerous – a Web site, a mobile application, an entire machine – it ought to be contained, before it turns into a contagion.
“Basic machine hygiene” is how Scott Charney, the head of Microsoft Trustworthy Computing, described it Tuesday morning in a keynote speech at the RSA Conference. “We need to ensure basic hygiene, and we need to do it at scale.”
Mr. Charney offered the example of an Australian Internet service provider that quarantined one Internet protocol address – which effectively identifies a device and its users – because it kept spewing out malware. It turned out to be a badly infected machine, and its well-intentioned owner was struggling to figure out how to clean it up.
The exhibition hall at the Moscone Center turned out to be a staging ground for all kinds of tonics against a contagion. Several companies promoted products directed at mobile phones and tablets. One company, TrendMicro, said its new package could, for instance, see if an infected mobile device was trying to get into a company’s system. Another company, ZScaler, called itself a security check post, able to monitor every click on every device. Symantec said its new suite of anti-malware products could serve as a reverse firewall, stopping data from leaving a device if it wasn’t supposed to. One start-up, Appthority, monitored risky applications, and offered companies a way to stave them off. It could, for instance, make sure executives’ locations were not being tracked by triangulating which cellphone carrier towers they were near, or warn them that another application threatened to export their contacts.
Along with spine-chilling talks about computer vulnerabilities, there was plenty of entertainment at the RSA convention. At one end of the convention hall, women with blue wigs raffled off iPads and Kindle Fires. At another end of the hall, women in pink fairy dresses gave away stuffed unicorns. There was candy throughout the day, pigs-in-blanket at lunch and free beer at 5 o’clock.
News 
Market Data 
Discover 
