Brocade Increases Storage Security; Poll finds Corporate Security Enforcement Remains Weak

A US-based network that was used by a great number of computer hackers has been shut down. In other news, Brocade Communications Systems, Inc. announced new security enhancements to its products, while a new published report found that many employees continue to violate known company security policies.

Focal Points:

• An Internet Service Provider (ISP) known to be used extensively by the hacking community is no longer in operation. The ISP, Atrivo, previously known by the name Intercage, Inc., has been known to carry a tremendous amount of hacker data, used as a stage for launching computer exploits. The network was amenable to hackers because they did not have any filters on their network for malware and other harmful computer traffic. The lack of filtering made the network an ideal place for hackers to launch exploits. There has been no public statement on why the operator has apparently stopped operations. However, security experts warn that this will not prevent hackers from simply finding other networks to operate on, even if it makes their work more difficult.
• Officials from Brocade recently announced new management software that will improve the management and security of data flowing across multiple network fabrics. The product, Brocade Data Center Fabric Manager 10.0, is supposed to provide end-to-end management for various systems. The product will scale up to 24 fabrics and support 9,000 fabric ports and 20,000 device ports. This is an outgrowth of software Brocade acquired from its acquisition of McData in 2007. The software will work with both Brocade and McData hardware. In addition, officials also announced new encryption products that are designed for storage network data protection.
• A recent publicly released security report found that thirty percent of enterprise executives say corporate security is compromised by inappropriate employee use of corporate computer systems. IT managers said that it is difficult to prevent employees from using unauthorized Web service and applications. Some of the main areas of exposure areas include employee use of personal Webmail accounts, social networks, and online video. The study was released by Webroot Software, Inc. The survey found that respondents estimated that at least one hour a day was spent by employees on non work-related sites. Only 15 percent of respondents evaluated their company's enforcement of Internet usage with an "A".

Experton Group believes enforcement of acceptable usage policies and general enforcement of corporate security policies is the biggest stumbling block to effective corporate IT security. While most security managers have established reasonable security policies, there still remains a large gap in most companies' ability to effectively audit and enforce these policies. IT executives should increase their focus on effective security police enforcement, looking for automated tools to help increase enforcement scope and effectiveness.