Content Management Trends 2008.Enterprise Content Management (ECM) will be required to respond to increased external regulation and face up to security threats, leading vendor Objective Corporation is warning today. It has identified seven key trends that will impact how business regards and utilises ECM solutions in the next three years, which will drive ECM solution providers to offer ever more flexible and intuitive systems. Compliance Regulation and communication with government bodies will increase and direct access to systems to ensure compliance will become a reality. In the future certain government bodies will be able to access business files directly to ensure compliance and improve processes such as tax returns, VAT and registration as electronic forms will be given legal status. Businesses that do not comply to enable access will be open to steep fines. First successful hack-attacks on ECM systems ECM systems hold vast repositories of vital and often sensitive or private information. As such they will become a favoured target for hackers and action must be taken to ensure they are kept secure--especially with remote access increasing. Paper use will not decrease noticeably. Reliance on paper in day-to-day business activities will remain, however the storage of documents will be almost exclusively electronic by the end of 2008. Meta 'Data Tags' enforced Legislation will dictate that some business documents are given unique data 'tag's to identify them and combat fraud. Companies that do not comply will face stiff penalties. Increase in e-invoicing and e-billing Most businesses will use electronic forms for sending invoices and bills rather than paper-based documents sent via fax or the post, Financial institutions will play a key part in this drive to improve payment processes and efficiency. via fax or the Increase in consumer demand for online billing and e-payment Consumers will continue to become more savvy at utilising online billing and payment systems and will come to demand such services. This will be matched by increased consumer demand for others services, such as changing contact details and raising complaints to be managed via websites and email effectively. Home-working and Flexi-hours will continue to increase. The days of all workers being office based and working on PCs connected directly to the server are already long past, but this trend will accelerate in the next few years. Ensuring that documents and records am tracked and filed correctly by remote users, regardless of the time of day will be increasingly critical. NOTE: Statements as above are predictions only and should not be viewed as comments of intent or perceived as anything other than possible outcomes within the time frame given. Two Factor Authentication Meets The Password By Andy Kemshall, SecurEnvoy Ltd. Each of us routinely enters passwords, in some cases, many times a day! What is the point of this? It burdens us with the pain of trying to remember them and adds significant costs to the business to reset them. We do this with the misguided belief that the password is necessary to protect us and the business from other people trying to impersonate us. However the truth is that almost all the passwords that we use can easily be cracked, by even the most basic computer user with tools such at LOphtCrack, readily available from the Internet. The undeniable fact is, that the human brain struggles to remember a password that is sufficiently strong enough to prevent modern computers cracking it in a short time period. So if these passwords are essentially pointless, why even have them in the first place, after all don't we trust our work colleges? Well, it's not just about trusting the internal employee, companies have to deal with extended enterprise users such as web portal partners, outsourced management companies and online e-purchasing users. Who do you really trust? Contemplating not using a password would lead to anarchy and chaos, as e-purchasers could deny their transactions, competitive partners could invade other partner's information and employees could gain access to sensitive information such as staff salaries etc. Clearly a password is required; the dilemma is how to use a strong password within the limited memory capability of the human brain. Using a password constructed from just lower case letters gives only 26 variations per entered character. However if upper case, lower case, numbers and symbols are used this leads to a much stronger password as each entered character has around 64 variations. Using brute force techniques, modern PC's can reach up to 10 million tries per second. The table below outlines how long the password can resist This sort of attack before compromised. It is assumed that strong passwords with 64 variations for each entered character are used. We can see from this example that a password length of 8 can last for 326 days however, if 10 computers are used in parallel this time is reduce to 32 days, which is unacceptable. It is also good practise to plan for the future. In 5 years time advances in computer power is predicted to increase this rate to in excess of 100 million per second, the following table shows an update based on 100 million tries per second instead of 10 million. Clearly the only viable password length has to be 10 characters or greater, which will allow reasonable security now and in the future. A typical example of a 10 character complex password is listed below-vLY47S=&>@yGJNKwC)6%e":)~">p8H" Research has shown that most users can remember 4 characters of a complex password very easily, but when this is extended to 5 and above, it dramatically falls off, with little to no users being able to remember a 6 character complex password or greater. The password seems unusable and does not provide a viable solution for user authentication. One approach by leading Two-Factor token vendors is to replace the logon components within the desktop with one that supports the use of a token. This essentially rips out the existing password mechanism for a propriety one. The drawback of this approach is the deployment of software on every desktop, in the case of Microsoft the GINA interface is modified which leads to problematic or no support for services such as terminal services. Remote desktop and Dialup/VPN connections. For remote users that work offline, excessive delays are experienced whilst the token system attempts to communicate it's central server before timing out and allowing the user to login offline. Most companies concerned about strong authentication find this type of solution cost prohibitive and unmanageable in terms of both token and software deployment. A more effective approach is a revolutionary patented solution by SecurEnvoy called Password Automation which utilises the existing operating system password mechanism. This tackles the real issues of managing ten character complex passwords head on. The solution splits the ten character password into two portions, a four character password that is secret to the user and can be easily remembered, and six character part that is sent to the user's mobile phone via SMS. The portion stored upon the user's mobile phone is further secured by the fact it is dynamically updated periodically, typically every seven days. The new password automatically overwrites the last password used, so there is no confusion as to which is the current password. The user, when prompted for their password, would simply enter there 4 character password (something they know) appended by the 6 character password stored upon their mobile phone (something they have). By utilising something the user knows and something they have brings the strength of Two-Factor authentication to the password. The SecurEnvoy Password Automation Server ties into the existing password sub-system rather than replacing it. By setting each users password with the two factors re-combined, allows the operating system to directly understand the current two factor authentication codes. So in conclusion, the future is bright for the passwords providing you can store at least a part of it in a device such as your mobile phone. A Route to Successful Adoption of IT Service Management Terry Riches, Comunina Limited Organisations arc increasingly dependent on their IT networks to provide a competitive advantage. These networks are becoming progressively more complex in a bid to provide more sophisticated business services. The migration toward the goal of 'on demand', high availability, converged enterprise networks is set to provide a considerable challenge to those organisations wishing to reap the undoubted business benefits. The realisation that 100% availability of IT services will assume ever-greater significance has led to the introduction of the ITIL best practice standards for IT Service Management. At the core of ITIL's framework are the configuration, change & incident management processes. The accuracy & relevance of the information within its main configuration management database (CMDB) is critical in delivering the effectiveness of all the associated IT Service Management processes. It is suggested that 80% of critical system outages are the result of people or process failure, the main proponent being change. This is underpinned by the cyclic rational that planning with poor information is destined to fail and the subsequent recovery process is hampered by originally poor configuration data! The management of changes to the CMDB is highly critical as service delivery managers must know the exact implications of carrying out any changes before they take place. Avoiding the potential for a butterfly effect' to develop as a result of a poorly executed change or problem resolution is essential if 100% service availability is to be maintained. As David Cuthbertson of the British Computing Society points out "How can you manage IT services if you don't know what equipment you have, where it is, how it's connected and the impact of changing it?" Configuration management is cited as the most difficult IT discipline to implement due to the manual effort needed to maintain its accuracy resulting from the constant changes to the IT infrastructure and the lack of suitable tools to intuitively manage the processes. A number of software vendors have sought to overcome this with the Development of IT Service Configuration Management Applications that self discover substantial amounts of interrelated network information dynamically. Deploying such applications and processes upon a traditionally managed cabling infrastructure is an impossible task- as the connectivity and asset information contained within traditional tools and documentation processes, being manually maintained, is inevitably inaccurate, outdated and therefore cannot be safely incorporated into an accurate CMDB. This severely hurts the speed of application deployment and the quality of IT Service Management. This is a major barrier to successful ITIL adoption. By adopting Intelligent Infrastructure (IIM) Management tools as a key part of their IT Service Management strategy, IT managers can create an infrastructure platform capable of addressing these problems, providing a 100% accurate, real-time, trusted source of connectivity and asset physicality information that can be incorporated within the core CMDB and consequently, utilised to enhance all associated IT service management tools and process. Leading IIM solutions provide an auto-routing capability within their work order management functionality that automatically routes the required services to the desired Servers via the most efficient and effective cable links, The work orders required to execute the activity am automatically created, issued to the appropriate technician and managed by the IIM system. Any actions that do not adhere 100% to the work order are instantaneously identified and raised as unauthorised actions requiring attention. Utilising IIM solutions to automatically provision services within a standard office environment will improve change efficiency (and hence reduce cost) by a minimum of 40%. Within the data centre, IIM solutions have been proven to reduce server commissioning time by up to 80%, whilst simultaneously reducing the number of incidents caused by poorly executed change. If incidents do, for whatever reason occur, IIM solutions can dramatically reduce mean time to resolution (MTTR) by up to 45%. The main issue reducing the effectiveness of the CMDB is the sheer effort required to coordinate and manage the manual physical connectivity documentation in complex IT environments. A trusted source of documentation, or the lack of it, has a major impact on the successful adoption IT Service Management. Rather than a fully integrated CMDB addressing OSI layers 1 to 7, the vast majority of organisations currently rely on tribal knowledge and/or numerous sets of spreadsheets, diagrams, whiteboards, post-it notes and the knowledge in peoples 'heads to document the physical infrastructure elements. THERE IS ANOTHER WAY--IMPLEMENT IIM What is IIM? Intelligent Infrastructure Management is a combination of technologies that * Self discovers network- connectivity, from End to End * Provides Real Time IP asset management to the Physical Location * Generates Alarms & Events for unauthorised activity on the physical layer * Shares its information with various work streams and core applications The Key components to an IIM solution are: * Relational Infrastructure Database * Patch panel sensing system that detects the state of patching and constantly monitors for change * IP discovery engine to add end devices and switches to connectivity circuits * Multi user interface and 3rd party application integrations * Work order system Password Tries per second Time to break length 4 100 million 1.6 seconds 6 100 million 1.9 hours 8 100 million 326 days 10 100 million 3600 years Password Tries per second Time to break length 4 100 million 0.16 seconds 6 100 million 11.4 hours 8 100 million 32 days 10 100 million 365 years |
|
||||||||||||||||
Printer friendly
Cite/link
Email
Feedback
Reader Opinion