Read Bennett Gold LLP's privacy policies and practices regarding this web site.
LINK TO: Bennett Gold LLP's Privacy Policies and Practices. is part of the Bennett Gold LLP web site network.
LINK TO: Bennett Gold LLP, Chartered Accountants, home page.

LINK TO:, home page.
The network security practice of Bennett Gold LLP, Chartered Accountants.

Security News Headlines:


GO BACK to Previous Page.

Source: ZDNet UK
Posted on July 27, 2001

      Network security is being overestimated by IT managers because they are failing to manage protective software properly, according to a security expert.

      Norbert Pohlmann, a director at Internet security specialist Utimaco and author of a new book entitled Firewall Systems, said the mismanagement of software is putting firms at risk. "We recently found that only two of 50 firewalls at a leading Swiss bank were functioning as they should, while the rest were configured incorrectly," said Pohlmann. "IT managers still don't seem to understand the risks. They spend money on security products and fail to manage them. Companies need to understand security at a conceptual level to reduce risk, as there are so many threats out there such as viruses, hackers and so forth."

      Pohlmann recommended that the management of security systems should only be carried out by trusted personnel or outsourced to specialists. "The deployment of [security products] requires that the users be trained properly," he said.

      In a recent survey of 445 IT directors attending the IT Directors' Forum 2001, just under half said firms should appoint a dedicated digital security expert, compared with 31 percent who opposed this approach. Analysts said IT managers find some products particularly difficult to configure and control, and manageability rather than price should be the main concern when buying a firewall product.

      José López, lead analyst for European network security at industry watcher Frost & Sullivan, said, "IT managers should not base their choice of firewall on price, but should test products to find the right one for their organization. Firewalls are something you must get right from the beginning."

      López also criticized a number of manufacturers for their emphasis on functionality. "Some vendors focus on adding competitive capabilities to firewalls over ease of management," he said.