NPR has been talking a lot about viruses lately. Why? Because it has now been 20 years since the first major virus, Brain, showed up on the scene and marked the beginning of a long history of malicious viruses. Sure, Rich Skrenta wrote Elk Cloner to share pirated computer games with friends as early as 1982, but his program wasn’t malicious enough to make a big splash.
Still, the heyday of computer viruses was five or six years ago. Computer prodigies are focusing on other, equally harmful ventures these days. Weekend Edition’s Scott Simon interviewed senior editor of Wired magazine Nicholas Thompson, who had some interesting things to say. He theorizes there are so many ways to spend time on the Internet these days, from using Bit Torrent to downloading movies to blogging, that the people who were once attracted to writing viruses are now otherwise occupied.
So what do we have to watch out for? According to Thompson, cell phone viruses are gaining momentum now that we’re doing so much more than talking on our mobile phones. He also explained that the types of people who wrote viruses back then are now working to write programs that give spam companies access to computers instead. Mike Rothman has some valuable insight on spamming on his Security Insight blog, and SearchSecurityChannel.com expert Russ Vines has just come out with a resource list for the Wall Street Journal – keep it in mind if you’re tasked with protecting customers from security threats.
What do you think the next big threat will be? Post a comment and let us know.
It was inevitable. After all the hype. After all the talking heads had spoken, Microsoft’s new OS, Vista, will finally hit the shelves tonight at midnight.
Bill Gates was so excited that he couldn’t contain himself.
It still remains to be seen how large an affect this will have on the Channel, but the smart money says it will — eventually. While it does make a lot of sense for VARs and systems integrators to stay on the cutting edge of available technology, deploying Vista with a company you support on Tuesday morning might just result in toilet paper all over your face.
The Reseller News is already talking about the problems they’ve had with the installation. From backing up all your files to getting anything to display on the monitor, there are likely to be some bumps along the way.
Just imagine what would happen to all of you, my friends, if you installed Vista at a company Tuesday night and none of the monitors worked properly on Wednesday morning. Put on a pot of coffee, it’s going to be a long day of support.
But it is just a matter of time until the early adopters have blazed the trail deep enough that more companies are going to want to start taking part. Patch Tuesday will become part of the vernacular again (if it ever went away) andVARs and systems integrators will need to be ready to take advantage of the business opportunities it presents. Bundling the software with new hardware can lead to support roles which could be renewed on a regular basis.
And if you’re thinking of playing with Vista at home to get a feel for it, take a look at The Cult of Mac. While Vista is assuredly designed for your personal computer, running it on your personal Mac might be more satisfying.
No business is safe from email security issues. As a consultant or VAR, you have to deal with customers’ spam, phishing and denial-of-service attacks, and you’ve probably tried to solve these problems with encryption, digital certificates and rerouting traffic, among other tactics. But despite your best efforts, the employees themselves are often to blame for security threats.
In a recent New York Times article, prominent security professionals discussed the growing trend where employees forward company email to personal Web accounts — like Google and Yahoo — for easy access. No matter how strong your customer’s office email security may be (see our Email Security Project Guide), once the information leaves the office, there’s almost no way to control it. So what’s the answer?
Some companies block access to external email accounts through Internet policies, and others monitor all outbound mail to Web accounts searching for perpetrators who forward private company information to insecure sites, but employees complain about the lack of trust these solutions suggest. In Email threats: Educating your SMB Customer, Larry Loeb says: “Email is not just text transmissions any more. It is the flow of information that supports and makes a business possible. A VAR or consultant has to appreciate this reality, and make sure their customers do, too.”
Take those words to heart in today’s scary email security environment. If you can help your customers understand that many real threats come from employees clicking on bogus links and forwarding sensitive information to their personal accounts, you’ll become an invaluable resource. You might also consider solutions that allow employees to access company email just as quickly and easily as personal email, but with office security policies in place. That way they won’t even be tempted to hit the forward button.
Do you have an email security breach horror story? Post it here or pose a question to Russell Dean Vines, our information security threat expert.
SearchSecurityChannel’s sister site SearchSMB compiled their top 10 tips for 2006 — seven of which are security related. It seems SMBs can’t get enough security, and the topics run the gamut. Here they are, in no particular order:
- Email encryption
- VoIP security
- Mobile device security
- Linux security
- Security buying
- Endpoint security
- Disaster recovery
Do these topics match your SMB customers’ concerns? As we plan our editorial calendar for 2007, we’d like to hear what SMB security issues you’re repeatedly addressing. Drop me a line at firstname.lastname@example.org, and in the meantime, visit SearchSMB to read those top 10 tips.
It’s clear that Microsoft’s strategy on dealing with open source has a split-personality problem. Without dropping a beat after the company’s announced Linux partnership with Novell, Microsoft CEO Steve Ballmer reasserted Microsoft’s legal challenges to Linux, and claimed that Novell’s agreement conceded that Microsoft’s intellectual property is infringed by parts of the open-source operating system.
Steve Ballmer and Co. have long been hostile to the Linux community, while at the same time trying to capture more developers to the Windows camp by using a variety of community licenses and pushing some components of the Windows and .NET development architecture as “open” standards through ECMA and other standards bodies.
The recent announcement of a strategic partnership with Novell and its SuSE Linux unit, which appears to be focused on improving compatibility between Windows and Linux networking, isn’t really a deviation from that path. Both Novell and Microsoft are seeking to make enterprise server virtualization customers happy, while Microsoft is still trying to find a way to snuff Linux as a competitor.
The same sort of customer-driven concerns were at the heart of Microsoft’s deal last year with Sun, which ended Sun’s Java lawsuit against Microsoft — Scott McNealy and Steve Ballmer both said enterprise customer demands for things like better compatibility between Sun’s LDAP-based enterprise directory services and Microsoft’s ActiveDirectory helped push them to the table.
Novell needs a competitive edge over Red Hat with big customers, and this agreement might help. In the long run, Novell gets better support for Windows virtual sessions running on SuSE servers, and Microsoft perhaps gets better support for Linux sessions running on its own Windows-based virtualization platform. But the real question is whether there is a long run for Novell, and whether there’s any real value for customers and the channel in the deal. Most of the reaction thus far has been lukewarm at best— and the propaganda value to Microsoft in its FUD war on Linux as a whole has gotten more of a boost than anything else.
Various constituencies have been nagging Sun Microsystems to open-source the Java platform since almost the day it was launched. Former CEO and current chairman Scott McNealy had resisted for a long time, challenging IBM to open-source DB2 when IBM execs chided Sun on the open source issue. Then Sun created its own open-source license — CDDL (Common Development and Distribution License)–and used it for the Solaris OS and for Glassfish, an implementation of Java Enterprise Edition. and Jonathan Schwartz promised Java would follow Solaris into the open world.
And now, Sun has delivered–the entire Java family has been open-sourced under the GNU Public License version 2.0. That means that Java can now live peacefully with other software distributions that fall under the GPL, such as Linux, without barriers to free redistribution.
The first thing this means to the channel is that resellers, integrators and ISVs can now build fully-blessed Java applications and integration software without royalties. Sun is still providing for a commercial license of Java that provides indemnification for customers, but having the entire code base in GPL open source means that people can develop new mobile, desktop and server applications and distribute them–and that open-source projects based on the GPL can incorporate Java into their code without legal fears.
As the ship date for Microsoft. Corp.’s Windows Vista operating system grows closer, the marketing to both end-users and solution providers gets more intense – and not only from Redmond. CDW Corp., for example, released a report this morning predicting that 86% of U.S. companies expect to adopt Windows Vista, with a total of 20% of organizations doing so within 12 months. The 86% figure sounds impressive, but ultimately it means that fewer companies are currently planning to upgrade to Vista than are currently running on Windows. It turns out saying “eventually” was a way of touting the most optimistic figure without being too precise about saying either how fast people will upgrade, or whether they ultimately have a choice.
Network Access Control is all the rage these days when it comes to network security technologies. “All of the vendors have something they call NAC,” says Gartner Inc. vice president and distinguished analyst John Pescatore in a SearchNetworking.com article. Indeed, you and your customers have myriad offerings to choose from — if you decide NAC is the way to go. But making that decision isn’t an easy one. The same article offers strategies that can help you and your customer determine if NAC is in order and to what degree. Certain vendors may have you believe that NAC should be present throughout the network, but that’s not necessarily the case. After you read SearchNetworking’s article, cruise on over to SearchSecurityChannel.com and take a look at our Network Access Control Crash Course, which provides an overview of network access control technologies, their role in network security and where the market stands, with a focus on the three big players — Cisco, Microsoft and Trusted Computing Group.
Steve Ballmer, in an interview with the India Economic Times, said that while he still sees a place for traditional software distribution, “I would say we are moving to a world where there is a lot more electronic distribution. It is a new style of software, not the old-style distributed electronically.”
No surprise there–Microsoft is facing increasing competition (especially for its Office suite) from downloadable software, most of it free. Google is moving into the space with web-based services. Salesforce.com and other software-as-a-service players have proven the model works for pay as well, and service provider USinternetworking has done well enough at delivering others’ software (including PeopleSoft, Oracle, and other packaged applications) as services that AT&T acquired them.
But Microsoft’s play is something entirely different. Right now, Microsoft depends on its partners for more than 90% of its revenue–and its Live efforts could dramatically change that. Windows Live (and more specifically, Office Live) could put Microsoft into direct competition with many of its current channel partners for business from small and medium companies — especially those partners who have already started to provide hosted services for customers.
Forget the scandals, the trash-talking, and the rhetoric of this electoral campaign season. The big issue for the coming year is going to be economic uncertainty–and that uncertainty is distinctly non-partisan. Regardless of who wins, 2007 promises to be dicey for small and medium-sized businesses, and for the channel as a result.
It’s not all bad news. Concerns about energy costs and inflation will continue to drive projects that squeeze more efficiency out of customers’ computing investments (like server consolidation and virtualization, business process re-eengineering, etc.). And the available pool of IT talent is again starting to shrink, boding well for an increase in managed services, hosting and support deals. But those same forces are going to affect how quickly service providers, systems integrators and VARs will be able to respond to those increasing demands, and put pressures on how those services are priced.
Over the next few months, we’ll be looking on SearchITChannel.com and the other channel sites at the market and technology forces that will drive channel business in 2007. But as far as the underlying economic conditions go, the only sure thing for 2007 is that nothing is for sure, regardless of who wins how many seats in Congress in November. Now’s the time to take a hard look at what you’re planning for your business, and to make sure you’ve got your financial bases all covered for a bumpy ride.