As we reach the last month of the year, it's time to reclect on the year gone by and look ahead to what the next year might hold. So here's a look at what 2011 holds in store for security - with a little help from some outside sources.
Why bother banging your head against the wall trying to figure out how to blast through a locked steel door if the window is open? That about sums up the mentality of malware developers and attackers when it comes to breaking into PCs.
Palo Alto Networks explains: "Hackers will prefer to break-in through the back door or side window instead of a full frontal attack on the front door of Facebook and other social media sites".
That is true for PCs and mobile devices as well. IT admins will still have to monitor and protect the primary platforms - be it Windows, Facebook, an Android smartphone etc - but will also have to scramble to ensure that the various networks and applications those platforms are connected to don't leave a window open for attackers.
Aside from the threat posed by insecure network partners and poorly-coded third-party applications, the general trend from users sitting at fixed locations safely tucked inside an office building inside of the 'network perimeter' poses an increased risk.
Laptops and netbooks - are becoming the norm and replacing desktops as the standard issue hardware in many organisations. Combined with the explosion of smartphones and tablets, users are now connecting to email, files and other network resources from virtually anywhere.
While setting up office from a neighbourhood coffee shop or hotel reception while on the go is obviously convenient, it is a security nightmare. Public wireless networks are prone to snooping, and just accessing sensitive information in a public area can unwittingly expose it.
IT admins can guard against those threats by requiring a secure VPN connection to connect with company resources, and by implementing policies preventing users from conducting work in public areas. However, dealing with the sensitive data stored on the mobile devices is a more difficult issue.
The same small size and portability that makes mobile computing devices like netbooks, tablets and smartphones so convenient also makes them easily lost or stolen. These devices commonly have gigabytes upon gigabytes of storage capacity, and may hold sensitive data. Attackers know this, and mobile devices will be a common target for theft - both casual theft for the value of the device itself, as well as more targeted attacks aimed at mobile devices of executive managers or key personnel.
- What's in store for security next year
- Low-hanging fruit