Articles from IndiaCo
Ganesha Says - Articles by Dr. Natarajan
Recent blogs by Opera
Security--The next challege for IT professionals
Today I was just thinking about what would be the big market scope in flexible IT field.
After little bit study I came to one point that applicationlevel is littlebit stable now a days.But still we see that lots of big organizations are also struggling against security in things. So Security is the big eye for IT professionals.
It has been felt as necessary requirement and everybody is taking it seriously. Not individually but incase of organization also. recently you might have heard about news regarding Microsoft Security Shootout challange.
I have also taken participation in that at first stage they have asked little bit difficult questions relating to awareness of person regarding security such as different kinds of logins and there effect,buffer overflow,user account hyjacking,spoofing etc.
So main point is security is the requirement and we need it.
There are differnt organisation which provide security training on each aspect related to it. One of it i know is ADEPT technologies(http://www.adept-ism.com)
And recently launched program by Ankit Fadia. you can found that here
There are several security related certificates ...
You can check it out Here
Hope you will enjoy Security Shoot Out challange
Will share more things if get into second stage :-)
Cheers!
Amit
My experiences with New Media Security taught me a lot about the challenge of implementing really solid security within a system. The challenge there was to create a robust disk encryption system to run under Windows, so as to protect confidential information in the event of a laptop being lost or stolen.
What we discovered was just how difficult it is to produce good security without compromising usability, especially if the underlying operating system has not been designed with security in mind. One of the problems with Windows is that many of the low level routines are not properly documented, even within developer documentation. What this means is that a lot of development time is spent on improving the understanding of how a particular procedure call REALLY works in different conditions.
The other big challenge with IT security is that the user is almost always the weakest link. In simple terms, if you're asking the user to do anything other than use the system normally, such as placing confidential information in a separate folder, then security will always end up being compromised. The system must compensate for the user's weaknesses, for example by forcing password changes AND retaining a history of previously used passwords.
The other big challenge with laptop security, of course, is that a thief with a stolen laptop has, effectively, all the time in the world to break through any defences that are present. What this means is that the ability to resist "brute force" attacks (systematically working through all possible passwords, using software) is an important part of any laptop security system.
So.... it's all tricky stuff. However, given the frequency with which laptops get lost or stolen, an important issue for anybody who carries confidential information.
Thanks for the great info.
By the way I have cleared first round in security shootout.going for second.
Any suggesstions.
Amit