Bugwatch: Taking security home

/v3-uk/news/2003164/bugwatch-taking-security-home

24 Mar 2004, Simon Perry , V3

Each week vnunet.com asks a different expert to give their views on recent virus and security issues, with advice, warnings and information on the latest threats.

This week Simon Perry, vice president of security strategy EMEA at Computer Associates, stresses the importance of providing security for computer users at home as well as in the office.

As an IT manager, where does your responsibility end?

When staff are in the office you are reasonably expected to monitor, manage and support their technology.

But with 48 per cent of the population now online at home, the need for home-user support beyond premium-rate troubleshooting helplines is becoming apparent.

You probably feel, however, that nobody is going to budget for time spent looking after employees when they're recreationally online at home doing everything you rightly do not allow them to do at work.

It's their personal data and systems that are at risk of disruption, after all.

But with the increasingly complex social engineering tactics used by the latest viruses, your lack of action could come back to haunt you.

Quite simply, if you don't care about these home users, an army of 11.9 million computers - that's all the households in the UK that are online - could be turned against your business.

Think of each inadequately protected home PC as a single pistol. By itself, each is capable of some damage, but their impact becomes devastating when all are aimed at one target in a sustained barrage. It is no wonder we term this attack a distributed denial of service (DDoS).

This brings us back to the issue for the IT manager: it doesn't matter where an attack comes from, the impact on the business can still be devastating.

Recent research from the Office of National Statistics found that 34 per cent of home internet users have suffered from a computer virus.

If just 10 per cent of those infected machines then launched a DDoS attack at a single business, that's more 400,000 guns firing.

I believe we all share a collective responsibility for making the internet a safer community - for the benefit of all of us.

But there's also a clear case for an IT security education programme that extends beyond the boundaries of the four corporate walls, and for companies to take active steps to provide security software for their own employee at a minimum cost.

If policies are implemented in the workplace that emphasise the importance of understanding why security protection is so vital, perhaps something similar can be carried into the home.

The only actions you have to take are to educate and negotiate.

Print this page

Save to disk

© Incisive Media Investments Limited 2010, Published by Incisive Financial Publishing Limited, Haymarket House, 28-29 Haymarket, London SW1Y 4RX, are companies registered in England and Wales with company registration numbers 04252091 & 04252093