SIR – Following on from the Innersafe Corporation’s recent tests which showed that firewall, encryption and password protection are failing to protect PCs from fraud, identity theft and phishing attacks such findings must surely have implications for the enterprise and those operating an industrial network?

The news that traditional methods of protection are proving unreliable is almost no news at all. We know that PC-based security solutions are vulnerable, and that it will not make any difference whether a new vendor promises to provide a better password or encryption technology. This type of approach will never be fit for the purpose of protecting an industrial network from attack. As such, companies should not be lulled into a false sense of security by assurances of improved software solutions.

Decentralised security across the Ethernet network is essential. Part of this approach is to use an external firewall appliance independent from the PC. If end users do not respond to the message that the approach outstrips the value of any software solution, they’ll remain vulnerable.

Dr Lutz Jänicke Chief Security Technology Officer Innominate

Source

SMT