NEXT WEB WAVE: CONTENT SECURITY AS A SERVICE Yanki Margalit,
Chairman and CEO
Aladdin Knowledge Systems, Ltd. (Nasdaq: ALDN)
The Web Reality
Today's high-tech, instant access world means that nearly everyone has become an 'expert' web user. Whether home or small to medium businesses, people are freely surfing the Internet, sending and receiving emails, and conducting electronic online transactions. Consequently, they are overflowed with threats – some of which they are aware of, and some of which they are not – which they find difficult, if not impossible, to handle:
è
Spyware and adware that spy on their activities and files, slow their and compromise their privacy
è
Trojan horses and worms hidden within web pages
è Other
types of malicious code exploiting new security holes which are discovered
all the time
The Not-So-Expert Expert Web User and the Desktop
Solution
To survive on the web means that Internet home users and many small business
operators are forced to become security 'experts.' Plagued with malicious
code of all sorts, a desktop or email antivirus is not enough. They are
told they also need anti-spyware, anti-spam, and a personal firewall.
On top of all that, they must ensure the operating system and all applications
are always up-to-date with the latest security patches. For the many home
and small business networks, the problem is multiplied by the number of
PCs in the household or office. So users mix-and-match expensive software
package desktop solutions from here and there, trying, unsuccessfully,
to cover all the bases. And while users may take matters into their own
hands -- implementing desktop solutions and security patches in an attempt
to address these threats -- most are not interested in (and not capable
of) becoming security experts.
Why ISP Anti-virus Solutions Just Don't Cut It
Users expect their Internet Service Providers to give them more security
services and deliver a "clean Internet pipe," but in most cases,
the security services offered by ISPs are limited. The truth of the matter
is, that as with the desktop solution scenario, current ISP anti-virus
solutions are not enough to protect against the security threats faced
by today's web users. The reason is that ISP anti-virus solutions handle
email content alone, completely disregarding the fact that most of today’s
threats come from the web. As noted by CNET on news.com, "The end
is coming for viruses sent by e-mail, security experts…predicted…saying
the problem has had its day." (April, 2005)
Or as Gartner wrote in February, 2005, "Traditional signature-based
antivirus products can no longer protect companies from malicious code
attacks. Vendors must execute product and business strategies to meet
the new market requirements for broader malicious code protection."
The Newest Threat: Spyware
Spyware is the latest in the continual barrage of threats faced by home
and business web users. In fact, the possibility of "spyware and
unwanted programs being secretly loaded onto computers" have become
a threat of such high profile that, according to PEW Internet, "nine
out of ten Internet users have adjusted their online behavior out of fear
of falling victim to software intrusions."
And the users, PEW Internet says, are right. "Unfortunately, many
internet users’ fears are grounded in experience – 43% of internet users,
or about 59 million American adults, say they have had spyware or adware
on their home computer. “ (July, 2005).
The likelihood of spyware unobtrusively entering a home or small business
network becomes even more of a possibility when considering that most
users do not scan the HTML web pages they visit. This is due to the fact
that the conventional web page scanning feature usually offered in vendor
anti-virus solutions actually slows browser performance. Thus, it is a
feature that most users don’t activate – opening up networks to dangerous
automatic spyware downloads from the web.
Phishing – The Double Whammy
Add to the threats of malicious code and spyware that of phishing and
you've got quite a mix going. As mentioned in an earlier article, phishing
is the sending of e-mails and links to web sites which are designed to
look like those of well-known, legitimate businesses, financial institutions,
and government agencies. They are sent with the intent of deceiving web
users into disclosing personal data such as bank and financial account
information, usernames and passwords. When successful in accessing this
information, the phishers then take it and use it for criminal purposes,
such as identity theft and fraud.
These authentic-looking phishing emails are frequently sent via mass-mailing spam programs directing users to the illegitimate 'copy' websites, further emphasize the importance of a comprehensive content security solution which users can rely on. One which not only stops threats before they reach the network or inbox, but also protects users as they surf the web.
This means security against:
• Vulnerabilities (security holes)
• Spyware
• Web page (HTML) exploits
• Phishing sites
• Hacked sites
Users are Demanding More
Proactive gateway protection is what users are looking for, and they will
go where they can get it. As Forrester reported in July, 2005, "Consumers
will demand a safe Internet service, and if an ISP doesn't measure up
on security, members will flee to a rival provider. Customers will absolutely
demand a clean pipe." Secure surfing, in turn, translates into better
performance – something both the user and the ISP/Telco can appreciate.
Likewise, the ISP or Telco which offers a proactive gateway solution not
only obtains an edge by differentiating themselves from the competition,
they increase their revenues and end up with satisfied home and small
business customers who appreciate the "large business" security
at a small monthly fee.
In 1997, the content security experts at Aladdin Knowledge Systems were
the first to identify the serious threat posed by web malware (which today
the world calls spyware) and began developing solutions to help organizations
defend against this threat. We have found that keeping ahead of the growing
waves of malware requires both a deep understanding of web-based content
security principles, and an unwavering commitment to aggressive product
innovation.
>>Aladdin Archive
Yanki Margalit is the founder, chairman and chief executive officer
of Aladdin Knowledge Systems, Ltd. In 1984, he designed and developed
several products in the areas of artificial intelligence and software
security, founding Aladdin to market them.
Mr. Margalit then introduced HASP, a system offering software protection
without inconveniencing legitimate users. In 1993, Mr. Margalit took Aladdin
public on the NASDAQ stock exchange, and in 1996 he brought about the
merger of Aladdin with FAST Software Security in Germany. Aladdin acquired
eSafe Technologies in 1998 and Preview Systems in 2001.
Today, Aladdin is a global leader in the software Digital Rights Management
and Internet security market, living up to its mission of "Securing
the Global Village." Visit the Aladdin website at www.Aladdin.com
to learn about Aladdin products and how you can use them to protect yourself
and your organization.
|