Close Window
 

NEWS YOU CAN USE FROM VANDYKE SOFTWARE

A Monthly Newsletter - March 2003

This months' feature focuses on a VanDyke survey that reveals the top priorities and concerns of IT security professionals. We also have a report on the recent Connectathon event in San Jose.

In product news, the initial beta release of VShell™ Server for UNIX 2.2 is now available to a limited number of testers. Also available this month is a new maintenance release, VShell 2.1.4 for Windows.


-------------
Contents
-------------

1. IT Responds To Constantly Changing Security Threats
2. New Product - VShell Server for UNIX
3. Fieldwork - Testing Interoperability at Connectathon
4. VanDyke in the News - Network World 'Net Insider
5. New Releases - VShell 2.1.4
6. Current Releases


-----------------------------------------------------------------------------
1. IT Responds To Constantly Changing Security Threats
-----------------------------------------------------------------------------

If you are concerned about theft of proprietary information, sabotage, and outsider system penetration, you're not alone. These are the top three threats according to IT security professionals surveyed by VanDyke and Saurage Research, an independent research/survey firm. The survey, conducted in Q4 2002, polled 710 IT security managers at small and medium size organizations about their priorities in protecting their networks.

While most organizations have begun addressing external threats to security by deploying firewall and antivirus solutions, a tremendous amount of work remains to be done to protect data
from both external and internal threats. One respondent talked about confronting a configuration nightmare: "Make a single mistake and you've just left open a huge hole. People's sense of security is related to the price tag, not a rational analysis of the real risks."

Here's a sampling of comments made about top security concerns:

"Finding reliable, low maintenance, and compatible products to address network security, anti-virus, firewalling, and Windows/Linux integration solutions."

"Third-party partners compromising sensitive data."

"Encrypted vs. plain text passwords. Break-ins on the exposed web servers. Performance of the routers used for protection."

IT professionals are on the alert for anything that could develop into a security challenge. Interestingly, there are differences between perceived threats and those actually experienced. While system penetration, sabotage of data networks, and theft of proprietary information are the top concerns, viruses, system penetration, and denial of service headed the list of threats actually experienced.

A key finding is that IT security professionals identified individuals within the organization as being among the top 10 perceived security threats. This matched up with what actually occurred -- insiders were involved in a significant number of the security breaches in 2002.

Here are some responses given when IT managers were asked to finish the sentence "Protecting my network is like..."

"...running a fire department in a city full of pyromaniacs."

"...being nibbled to death by goldfish."

"...a walk in the park with the right products and a healthy portion of paranoia."

As in the past, IT professionals within small- or medium-sized businesses face a multitude of external and internal security threats -- and budgets remain tight. The challenge for IT is
to cost-effectively deal with multiple security threats while maintaining access to data and services. As one respondent explained, one of the most frustrating aspects of security can be "blocking productive work by authorized users in the name of preventing something bad/unauthorized from happening."


Do you have a comment on the survey findings? Send your comments to .

Read the March 4, 2003 survey results at:

http://www.vandyke.com/aboutus/news/pressreleases/index.html?id=nl0303


------------------------------------------------------
2. New Product - VShell Server for UNIX
------------------------------------------------------

VanDyke Software is pleased to announce the initial beta release of VShell Server for UNIX 2.2. VShell for UNIX provides IT professionals with the ability to configure a Secure Shell solution from VanDyke Software for their mixed platform networks and replace nonsecure Telnet and FTP
access to UNIX servers with SSH2. The initial beta release will be made available to a limited number of testers. Learn more about VShell for UNIX and sign up for the beta program at:

http://www.vandyke.com/products/beta/vshell_unix/index.html?id=nl0303


---------------------------------------------------------------------------
3. Fieldwork - Testing Interoperability at Connectathon
---------------------------------------------------------------------------

VanDyke Software just finished intensive interoperability testing at Connectathon 2003 Feb. 27-Mar. 6. Connectathon was started by Sun Microsystems in 1986 to promote multi-platform network computing. This year's attendees included Cisco, Network Associates, IBM Linux Technology
Center, Microsoft, HP, Apple, and Veritas.

The Connectathon event, where technical representatives from competing companies can work together cooperatively, is critical for the Secure Shell community. Working with other Secure Shell vendors, VanDyke Software developers tested and debugged code, increasing the interoperability of VanDyke products with other companies' offerings.

Read more about Connectathon at:

http://www.connectathon.org


-----------------------------------------------------------------------
4. VanDyke in the News - Network World 'Net Insider
-----------------------------------------------------------------------

Scott Bradner is a columnist at Network World and an IT consultant to Harvard University. In his January 13 'Net Insider column in Network World, Bradner passes along VanDyke Software's thoughts on things that need to go away to ensure enterprise network security, and adds a few of
his own.

Read this column on the NWFusion web site at:

http://www.nwfusion.com/columnists/2003/0113bradner.html


Quote of the Month

Security 101 says to rid your network of anything that uses clear text passwords....In spite of this being the first thing you should learn in network kindergarten, far too many networks are still being managed using good old telnet.
—Scott Bradner, Network World, 01/13/03


-----------------------------------------
5. New Releases - VShell 2.1.4
-----------------------------------------

A maintenance release is now available for VShell 2.1.4.

You can download this release at:

http://www.vandyke.com/download/latestreleases.html

For quick access to previous official releases, go to:

http://www.vandyke.com/download/prevreleases.html


----------------------------
6. Current Releases
----------------------------

Here are direct links to download individual products:

SecureCRT(R) 4.0.4
http://www.vandyke.com/download/securecrt/download.html
CRT(TM) 4.0.4
http://www.vandyke.com/download/crt/index.html
SecureFX(R) 2.1.3
http://www.vandyke.com/download/securefx/download.html
VShell 2.1.4
http://www.vandyke.com/download/vshell/index.html
Entunnel(TM) 1.0.3
http://www.vandyke.com/download/entunnel/index.html
AbsoluteFTP(TM) 2.0.4
http://www.vandyke.com/download/absoluteftp/index.html
OpenSSH 3.5p1 extended
http://www.vandyke.com/download/os/pks_form.html


All VanDyke Software products may be downloaded and evaluated at no cost for 30 days. Licenses include one year of free upgrades and unlimited access to our expert technical support.


Pass it along! If you find this monthly newsletter helpful and informative, forward it to co-workers or friends, or tell them where to sign up.

http://www.vandyke.com/support/newsletter.html


----------------------------------
Subscription Information
----------------------------------

VanDyke Company News is an opt-in mailing list. If you prefer not to receive e-mail like this from us, or need to change your e-mail address, go to:

http://www.vandyke.com/support/newsletter.html


You may also send an e-mail message to:

listserv@listserv.vandyke.com

with the following message in the body of your e-mail:

unsubscribe vandyke-company-news


---

VanDyke Software, CRT, SecureCRT, SecureFX, Entunnel, AbsoluteFTP, and VShell are trademarks or registered trademarks of VanDyke Software, Inc. All other products and services mentioned are trademarks or registered trademarks of their respective companies.

Close Window