You'd think the broadband suppliers would tackle the security void (or even view it as a revenue opportunity).
Hardly.
Instead, cable and DSL (digital subscriber line) providers are taking baby steps. They prefer to address the security issue by providing a combination of bundles, evaluation software and Web-based advice.
That puts the burden of responsibility on customers. Savvy home users will go to the store and pick up a copy of McAfee or Symantec's Internet security suite that has antivirus, antispam, firewall and content filtering.
Here's the problem. As more bandwidth and devices connect to the Internet, the home network starts to get complex. Suddenly, you need security software on every device in the house. You have to manage configuration changes, patch vulnerabilities, filter content and download the latest antivirus signatures all over the house. Soon, dad has taken on a new role as the family security administrator. If the old man lacks these skills or ignores routine tasks, every system is at risk.
I don't know about you, but I barely have enough time to hang out with my kids, keep up with the bills, walk the dog and mow the lawn. I don't want to fill my precious few moments of personal time with maintaining residential firewall rules or deleting spyware.
What's needed is a simple home security service with two dominant features:
• The security service must not require any security knowledge. Upon installation, the security service asks me a few simple questions (in English, mind you), and then configures itself to my needs. It is dynamic in that it continues to maintain my security, even as threats change.
• All I have to do to preserve my security protection is pay a monthly bill. My estimate is that this service would cost between $5 and $15 per month.
It's as simple as that. What Internet user wouldn't sign up?
This isn't a pie-in-the-sky concept. Several companies from different industry sectors could take a leadership role. The right firm would need skills in security, services, customer service and distribution, backed up by a billing system that could handle monthly cycles.
The most plausible candidates come from the traditional security industry crowd, with Symantec and McAfee in the poll position. Both of these companies could use existing products to build a residential security "black box" and sell it through their traditional retail channels. They also have established services capabilities. A number of other security vendors, including Computer Associates International, Fortinet, Jupiter Networks' NetScreen and WatchGuard have security products and services but lack a consumer distribution channel.
PC networking companies like Belkin, D-Link, Cisco Systems' Linksys and Netgear could also make a play, as they have some security, distribution, services expertise. Not a perfect match but certainly the foundation for what is needed.
Of course, a single broadband provider could pioneer home security services and effectively change the rules of the game. For example, Verizon could establish a relationship with a security technology vendor, develop a model for cooperative development and support, then use existing pieces of its business to market, sell and bill its broadband subscribers. Security could be used in promotions to differentiate Verizon from cable providers to attract new customers.
This would require some risk taking and strategic vision--not exactly qualities associated with cable or telecommunications companies.
Broadband subscribers don't care who offers this service or which technologies they use. They care about getting rid of the security burden forever, and they'll gladly fork over $10 a month in perpetuity to make this happen. Undoubtedly, the company that comes up with the right home security services business model first will be an instant security leader and make a ton of money in the process.
Biography
Jon Oltsik is a senior analyst at the Enterprise Strategy Group.
Dell Dimension 2.0 Ghz with 256 Mb memory, 20 mb hard drive, Windows XP SP1 with Norton Firewall 2004 and Norton Anti-Virus 2004; Beklin 802.11b USB wireless connection to Belkin Router and 1.5 Mbs cable modem broadband service. All working just fine.
This week (10/1) Symantec forces download of new "live update" software module. Install fails. Whenever I try to load them, the Windows Installer comes up, hangs for a while, and then quits.
Both Symantec products have now failed. Error messages appear related to Windows Installer. Knowledge base says use Symantec tools to remove both products from registry, remove directories, temp files, etc. Re-install in "safe mode" fails. Two hours later still no joy.
Call Symantec help line as this is an installation problem. Never reached a live human being. Endless voice menus and hang ups are all I ever got.
Dumped Symantec products. Downloaded Zone Alarm Firewall & Anti-Virus, plus annual sub for $26. Worked perfectly.
I'm out the $100+ I paid for these two product.
End of my ever using a Symantec product again.
End of story.
It has a lot more to offer. I cant knock ZoneAlarm cause I have ran it for years an it did a good job as a firewall. I was asked to try out Outpost an see what I thought about it. Well I was hooked on that firewall.
For an Anti-Virues software I like Kaspersky Antivirus. It has never failed me. http://www.kaspersky.com/
Check them out and see if that will help you. Norton's rank with McAfee. Both in my book are junk.
This introduces the basic protection of Network Address Translation which provides low-level fireweall capabilities which are semi-transparent to the end user. Unfortunately, there is a tradeoff to gain NAT: most end users dont even know how to setup thier router for the first time.
Is this really a problem? You only have to drive through the city of Denver to find a real answer for that question. Drive by an apartment complex and the number of unprotected wireless networks is staggering. Without getting into too many details, I have seen two or three maps of segments of the Denver metro area where the wireless networks are actually mapped... not just where they are but whether or not they ahve basic security measures enabled. Run a wireless router without configuring it and you are asking for trouble, even WITH WEP I can break the key based on weak IVs on MOST routers in less than half an hour. This is completely ignoring any firewall configuration issues. Walk up to the average DSL user and ask if they use any custom state-based packet forwarding rules on thier router and you are likely to get a blank stare in reply. This is a huge security concern (or should be, by now) from the ISPs point of view and would not be addressed by a service such as you propose.
Current offerings aside, I really dont think that you have thought this revenue-services based offering all the way through. Lets pretend for a minute that the service is offered for $10. You are now offering a service which broadband users can choose to pay for, for which you now have to deply firewalling equipment at at LEAST the regiounal level. Today's routing/firewall solutions arent cheap for something that could offer a service as comprehensive as you suggest.
And what of the impact on the end user that uses this service? What if the kid wants to play games or host games? These forms of services often "protect" against such things as the connection pattern for a game server or something of that nature is quite different from web browser connection patterns.
Is $10 per month from a SEGMENT of broadband subscribers really going to pay for the extra skilled technicians/administrators, extra firewall equipment, and the "headache cost" of some users who get disgruntled with the service and leave completely because of problems they are encountering? You are adding a layre of complexity on top of a broadband offering for which most ISPs already have trouble delivering consistent quality service.
This is all ignoring end users who dont use this service. They are not protected and have the exact same problems you outline in your piece. $10 a month does not solve enough problems to make such a complex service feasible for the ISPs and I will be damned if I will pay another MANDATORY $10 a month for the DSL company to do for me what I already do, and probably begin to hamper my home connection in the process..
Under such a plan as the above, CA would at least get a few dollars up-front for such a deal either in a contract form or for a few dollars per subscriber that takes advantage of the offer.
configurable firewall at the ISP for everyone.
Very cheap and simple. Default to secure.
Easy to switch off. Everybody happy.
I explain here
http://www.millstream.com/firelaw.html
continue to be attacked. Dump PCs and buy Macintoshes and
never worry about any of this nonsense again. Yes, it really is
that simple. I've been a professional computer programmer
since 1980 and I have to say, as far as quality security design,
STAY AWAY FROM MICROSOFT.
"As long as people continue to buy and use windows, they will continue to be attacked"
Windows just by itself is not safe and will not protect from attacks. If you have the third party software and hardware like Firewall, Anti-Virus, Spyware remover. Window can be safer to use.
Ben Weiss say:
"Dump PCs and buy Macintoshes and
never worry about any of this nonsense again."
Well that is not true. It maybe a little safer than M$ OS. Still Macintoshes has had Security Issues too. No System is 100% safe from any attacks.
Ben Weiss:
"I've been a professional computer programmer
since 1980"
This maybe true but I think he needs to update himself on Security issue on diffrent OS and more so on Macintoshes.
If M$ is a issue for you than you dont have to throw your PC away. You could aways try Linux. It is a lot better OS than M$ Windows. But you make that choice.
secure. Find a Mac user who has been infected. Yes there aren't
ANY, not a single one anywhere on earth. No Mac user has virus
software, they don't need it. Perhaps several years down the
road after a few hundred thousand more Windows viruses are
produced there will be a virus that hits a Mac or maybe even a
dozen Macs. Within hours the access will be foreclosed and
several years later and several hundred more Windows viruses
later there may be another virus that infects a Mac for a few
minutes before being foreclosed. Until then every Mac user is
ABSOLUTELY SECURE 100% of the time and NEVER gives a
moments thought to security.
Until there IS a virus and since Mac OS X has NEVER had a virus
or any other malware understand that ZERO verses 100,000+
viruses isn't a few more it is INFINITELY MORE!
I realize that the stupid can't catch these subtle differences
without it being pointed out in the most obvious possible way,
so let me ask. Did you get it yet? Here let me break it down in
bite size pieces.
Mac - GOOD!
Windows - SH*T!
Windows user - stupid sucker
I agree with you 100%
Thanks for the article.
http://nap.is-a-geek.org
it is open source!
i guess the point that i am trying to make is everyone complains about security but does little to nothing to secure their connections. in my opinion installing a firewall onto a windows machine is pointless. it has more known bugs that any other software. and when the fritz chip will be introduced there will be a big slide to other alternatives such as apple, linux/unix, etc. all firewalls should be a stand alone box, that can possibly run servers on it such as apache, bind etc. some people may say but why go and buy another computer? well heres a thing, my server is only a p2 333 w/ 512mb ram, total cost including o/s software, NIC's, $50 and that is a once off. no on-going fees.
i dont think that a software application is the solution to such security problems. if everyone secured their machines, then the malware cant get out the door and eventually it would not even exist.
dont get me wrong, i am not knocking zone-alarm, i think it is an excellent program for the price that it is, but there are other non-MS alternatives
The main reason is the OS (operating system) used by MAC computers. I'm not endorsing MAC's and I'm even a PC technician (IBM based). What I'm saying is go to the source(s). Why doesn't Microsoft fix the problem before releasing products? I'll admit they're taking steps but enough is enough. They have the resources. No more excuses. The other problem is the users. Spend 50 bucks on a hardware firewall (ie. router). Don't merily click yes to every message that pops up.
Enough said.
- Broadband security issues response
- by intrepid909 October 8, 2004 2:33 AM PDT
- Why are we looking to Broadband providers and software companies (ie. symantec) to solve our security issues? Why is it that the hacking and virus problems aren't talked about by MAC users?
- Like this Reply to this comment
-
(28 Comments)The main reason is the OS (operating system) used by MAC computers. I'm not endorsing MAC's and I'm even a PC technician (IBM based). What I'm saying is go to the source(s). Why doesn't Microsoft fix the problem before releasing products? I'll admit they're taking steps but enough is enough. They have the resources. No more excuses. The other problem is the users. Spend 50 bucks on a hardware firewall (ie. router). Don't merily click yes to every message that pops up.
Enough said.