Plugging security holes

The technology environment at agencies is always changing, with new threats emerging and new services being developed that must then be secured against internal and external misuse. Fortunately, the security industry is almost lifelike in its ability to adapt to changing requirements.

That's one way to see it. But to systems administrators on the front lines, it's often a matter of plugging holes. Just when it seems that all the pieces are in place, new cracks develop that must be filled.

In this special report, we look at four emerging tools — identity management, multifunction security appliances, XML security and wireless security — that represent efforts to plug the holes in network and information security. Taken together, the technologies give organizations a multilayered defense to protect critical assets and data.

As organizations extend the boundaries of their networks to customers and business partners, administrators need to know who has access to networks and what applications and systems they are authorized to use. Identity management software can fill this crucial need.

Hardware-based security appliances that perform several tasks, from firewall protection to traffic management, are gaining acceptance for their ability to help lower the cost of security efforts and make them more manageable. At the same time, federal agencies are showing an interest in application security gateways, devices designed to block intrusions and malicious attacks that traditional firewalls might not be able to stop.

Web services based on Extensible Markup Language offer greater opportunities for agencies to share information across disparate applications and systems via the Internet, but they can open up backdoors for intruders to exploit. Therefore, XML firewalls and similar technologies will gain importance this year and next year.

Which brings us to the wireless revolution, whose momentum can't be stopped. Wireless local-area networks have been hailed for their ability to give roaming users access to organizations' networks but criticized for their lack of security. As more heavy hitters such as Microsoft Corp. enter the wireless LAN arena, you can expect to see more big-name security companies offering better authentication and monitoring devices to shore up wireless defenses.

The story, of course, won't end here. These developments, impressive as they seem now, are just the latest solutions and not the final word in security. They are stopgap measures that will be overtaken as information technology continues to evolve.