Techweb: How Secure Are You?Aug 23, 2000, 21:23 (1 Talkback[s])
(Other stories by Susan Breidenbach)
"While IT managers spent huge amounts of time and resources to thwart the threat of year 2000 problems, information security breaches in the Internet economy are an even bigger threat. And unlike the millennium rollover bug, security is not a one-time,easy-to-identify issue. It's a process that must be continually refined using audits, access-rights revisions, new tools, and changes to how data is stored. That may be why so many businesses put security on the back burner until a crisis flares up. It's time to go beyond awareness and take action. Protection from security breaches requires investment in technology, services, and personnel as well as adjustments in corporate culture...."
"Some vendors ship operating systems with security screws intentionally loosened, and it's up to the installers to tighten them as needed. For example, the Common Gateway Interfaces in Web server software can supply hackers with root access to the server. Every copy of the Apache open-source Web server--nearly two-thirds of installed Web servers--comes with these vulnerabilities. "People tend to fix the holes in the services they use, but leave the rest alone," Paller says."