Archive for November/2006

24
Nov

Toc, Toc…aseguradoras, estais ahí?

Written on November 24, 2006 by faparicio in Technology Management

Fernando Aparicio. Director de la Catedra de Riesgos en Sistemas de Información y Profesor del Area de Sistemas de Información
Aunque es ya una necesidad real desde el punto de vista de la demanda, la oferta de soluciones aseguradoras de cobertura de riesgo electrónico se reduce a un puñado de visionarios provenientes de las mayores aseguradoras internacionales, quienes, en su día, se lanzaron al barro de intentar conseguir cuantificar los riesgos de seguridad de la información, verdadera zona muerta de las organizaciones. ¿Que implanto un firewall,,IDS, antispam, antivirus y demás cacharrería…? De acuerdo, mi riesgo de seguridad perimetral se reduce, pero no se elimina; siguen existiendo falsos negativos, errores de configuración, actualizaciones no instaladas, o simplemente vulnerabilidades llamadas de “día cero”. Con lo cual. el Director General como buen gestor, tiene que lidiar con el riesgo residual, según el cual le voy a cortar la cabeza a mi responsable de seguridad por mucho que me explique, mediante 35 acrónimos que el Director ni entiende ni quiere entender, que, técnicamente, el impacto era imposible de evitar.
¿Y qué decir de la implantación y comunicación de políticas y procedimientos de seguridad? ¿Puedo asegurar que todo mi personal no sólo está debidamente formado sino que cumple escrupulosamente con los requerimientos de seguridad de la compañía? ¿A cuántos de los empleados por un oído les entra y por el otro les sale? Y por mucho que me esfuerce en mis campañas internas de sensibilización, el error humano seguirá siendo estadísticamente la mayor amenaza en cualquier análisis de riesgo que se precie.
En resumen, para cuando asegurar el contenido y no el continente, o dicho de otro modo, ¿de qué me vale asegurar el hardware cuando lo importante son los datos de la organización? Es hora de que las aseguradoras den un (valiente, bien es verdad) paso al frente para ofrecer el pilar de seguridad que nos falta. Algunos tímidos pasos se están dando (aunque, una vez más, fuera de España), como el que anuncia Financial Teh Magazine con la oferta realizada por AOL a sus suscriptores: les ofrece un seguro gratuito para casos de robo de identidad online; el seguro cubre a los usuarios en caso de robo de identidad u otros daños, y la compañía encargada es AIG, que asume las indemnizaciones en caso de robo de informaciones privadas de usuarios; tales como los números de sus tarjetas de crédito, de la Seguridad Social, así como datos de sus cuentas bancarias y demás información personal comprometedora.
Aunque más valdría que cubriera a los sufridos vendedores online, que son los que habitualmente pagan el pato del fraude online…..

17
Nov

Wimax: the new enemy of telecommunication companies?

Written on November 17, 2006 by José Esteves in Technology trends

Last week some telecommunication companies announced their results during 2005. After the presentation of its results, deutsch telecomm has just changed its CEO…Telefonica is doing quite well thanks to adsl connections, same with france telecom, but for long they may increase results because of adsl users?
After VOIP, i think that the next challenge to telecommunications revenue model, is Wimax technology. WiMAX (standardized in IEEE802.16) is a wireless standard for so-called “MAN” application, or Metropolitan Area Networks (an intere city). It complements Wi-FI (IEEE802.11) which is inteded for “LAN”, local area networks (your house or building). The main advantage of WIMAX would be a slightly bigger thruput, some feature of better control of traffic flowing, but mostly, the reach, which could go up to 50km. So WIMAX could be used to connect to the network when no local WIFI hot spot is available or to connect between them “islands” of WIFI, like for intance connecting a distant village to the nearby city.
Countries like China, have announced the investment on this kind of technology to provide Internet Access. Some latin america countries are also starting to experiment with wimax technology.
New companies such as Alvarion, one of the top players on wimax business are challeging the traditional telecommunications players. Thus, i think that in the near future we will start seeing big changes on these players, they need to adapt to survive…

9
Nov

wikis conquering the enterprise

Written on November 9, 2006 by José Esteves in Technology trends

Google’s recent acquisition of JotSpot has put wikis back in the news — and likely on the radar screens of more CIOs. Companies using them say wikis can supercharge collaboration among employees and also with outside partners.
But can wikis make the jump to a strategic tool for enabling business?
More and more, experts are saying that yes. IBut the wiki revolution is emerging not from IT people. Instead, department-level managers and project managers are leading the charge to use wikis, in part because wikis seem to inspire innovation in employees. Gartner predicts that half of all U.S. businesses will use wikis within three years. Already, vendors like IBM and Microsoft are adding wiki functions to their enterprise collaboration tools.

8
Nov

UTube versus YouTube

Written on November 8, 2006 by José Esteves in Technology Management

A company that shut down its Web site because it was overwhelmed by millions of people looking for YouTube has sued the online video-sharing portal. The Globe and Mail reports that Universal Tube & Rollform Equipment said the cost of hosting its Web site – utube.com – has grown significantly in the last two months. ‘We’ve had to move our site five times in an effort to stay ahead of the youtube.com visitors,’ said Ralph Girkins, Universal Tube’s president. The lawsuit, filed last week in US District Court, asks that YouTube stop using the youtube.com or pay Universal Tube’s cost for creating a new domain. Universal Tube, which sells used machines that make tubes, has said it has lost business because customers have had trouble accessing its site.
Full report in The Globe and Mail

8
Nov

Luxury Brands to the Web

Written on November 8, 2006 by José Esteves in Technology trends

As reported by the wall street journal on monday, there is a change in store for holiday shoppers this season. Over the past year, many of the world’s biggest luxury brands, that were previously hard to find on the Web, have opened online stores.
Websites such as style.com Net-A-Porter.com are creating exclusive agreements with some labels and also improving the way of selling, using multimedia. Style.com creates amazing videos for labels like Fendi.
although it seems a typical evolution, it is a radical change in terms of luxury brands culture. The internet’s reputation as a host for discount shopping and bargain-basement deals, epitomized by retailers like eBay and Amazon has until now been a turnoff for luxury goods players.
If selling is the primary goal, online marketing is the second one. With more users surfing the Net, it seems natural that luxury brands try to ad online. For users ther is also another advantage: Price. As the wall street journal mentions, user can compare prices and also buy items that companies sell only online
The issue remains: are luxury brands losoing image and prestige with this movement?

4
Nov

No more guns to rob a bank

Written on November 4, 2006 by faparicio in Technology Management

Fernando Aparicio. Information Systems Professor.
Confirming the worst omens about malicious use of the Internet, several recent news have stressed this worrisome trend: hackers have been breaking into customer accounts at large online brokerages in the United States and making unauthorized trades worth millions of dollars. Based on phishing or pharming disguise, social engineers cash in on the usual unawareness of the average internet user. All these fast-growing forms of online fraud have been used against online brokers such as E-Trade and TD Ameritrade, US’ fourth and third-largest online broker, respectively.
Stealing information from a user is not much more complicated, for instance, than placing keystroke-monitoring software on any public computer (library, hotel business centers, airports, cybercafes). All hackers have to do is wait until anyone types in the Web address of E-Trade or any other online broker, and then watch the next several dozen keystrokes, which are likely to include someone’s password and login name. The user has then been stolen its digital identity and…a lot of money?
In this particular case, both E-Trade and TD Ameritrade have guaranteed that they will cover their clients’ losses, even though they are not required to do so by law. What would be the reaction of the Spanish banks? Most probably blaming it on the customer, who is responsible for keeping its login and password safe.
The most worrying matter of this situation is that the problem is growing faster than its public awareness. If we merge the ever-growing use of Internet for both corporate and personal finance and the “snooping software-for-dummies” availability the odds for this problem to skyrocket are pretty high.
E-Trade stated that “concerted rings” in Eastern Europe and Thailand caused their customers $18 million in losses in the third quarter alone. The distributed denial-of-service attacks are among the most recent, fashionable and easy-to-use attack schemes used widely for organized crime to harm private web servers and taking them down during days. What is the financial impact of this time of non-delivery service to my customers? Ask your CEO, please, he should have an answer for its investors and stockholders, shouldn’t he?
In fact, online scams have been growing so serious in the States that the Federal Financial Institutions Examination Council, a government entity that establishes standards for banks, has given U.S. financial institutions until Dec. 31 to tighten security measures for accessing online accounts. Offering user awareness programas and free anti-spyware software are among the countermeasures recomnended.
It is still to soon to get really concerned in Spain? Just two flashes to deny a positive answer: DDOS against IRC Hispano and the detention of a Spanish trojan creator. We’d better get ready, the dark side is already here.
Click here for the whole article

We use both our own and third-party cookies to enhance our services and to offer you the content that most suits your preferences by analysing your browsing habits. Your continued use of the site means that you accept these cookies. You may change your settings and obtain more information here. Accept