Article

Schmidt: Current security model ignores threats to SMBs

Benjamin Vigil, SearchSecurity.com Technical Editor

SAN JOSE -- Former Bush administration cybersecurity advisor and current eBay chief security officer Howard Schmidt said last week that security has been neglected in nearly 80% of American businesses.

"When we think of business in the U.S. we think of the Fortune 500 companies, but a great majority of the workforce in the U.S. work at small to medium businesses," said Schmidt at an Internet Security Systems Proventia product launch. "The current component model makes security inaccessible to a large group of the country's businesses. These companies are a big part of the country's infrastructure."

With the unique perspective of having worked at Microsoft and for the government, Schmidt also commented on a recent research report that the government's use of Microsoft products is a threat to national security. The report was penned by experts Bruce Schneier, Dan Geer, Becky Base and others. Geer was fired from his position of chief technical officer at consultancy @Stake for his part in the paper.

"I don't agree with that report," said Schmidt. "I think saying they are less secure is an unfair characterization of Microsoft." Schmidt likened Microsoft to the U.S. and said "we are the dominant player in the world, that makes us a target. As the dominant player in the IT world, Microsoft is also a target."

Schmidt was less adamant about Microsoft's recently announced "Securing the Perimeter" strategy.

Any security is good, but the perimeter

    Requires Free Membership to View

changes over time," said Schmidt. He stressed that security is a process and that there are no quick solutions.

"It's (Microsoft's strategy) is a good start, but not everyone has the same perimeter," said Schmidt.

Schmidt's comments had a particular poignancy as they related to ISS's product release. ISS's Proventia network appliance combines firewall, intrusion prevention (IPS), and virtual private network (VPN) technologies into a single box to streamline network security, for smaller businesses in particular.

ISS president Tom Noonan pointed out the clutter caused by the component model.

"I want to apologize on the behalf of the Information Security industry for the short-term pragmatism that has caused the profusion of standalone legacy products," he said. According to ISS, Proventia provides more protection at a lower cost.

"ISS recognized that multiple technologies were starting to converge, and is the first vendor to understand and really embrace this with the introduction of Provetnia," said Matthew Kovar, director of security solutions and services for Boston-based analyst firm, The Yankee Group.

FOR MORE INFORMATION:

See these Best Web Links on security infrastructure

See this archived Featured Topic featuring reviews of security tools


There are Comments. Add yours.

 
TIP: Want to include a code block in your comment? Use <pre> or <code> tags around the desired text. Ex: <code>insert code</code>

REGISTER or login:

Forgot Password?
By submitting you agree to receive email from TechTarget and its partners. If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States. Privacy
Sort by: OldestNewest

Forgot Password?

No problem! Submit your e-mail address below. We'll send you an email containing your password.

Your password has been sent to: