May 25, 2006

Good Morning:
Fairly slow news day yesterday, seems that everyone was focused on the Vonage IPO. Google they are not. For what it's worth, I just use Skype. It works fine (I only use it for outbound conference calls) and for the rest of the year anyway - it's free. Can't argue with that, eh? On the broader technology front, Steve Ballmer is trying to extract his foot from his mouth after intimating Vista will slip some more. That will be fun to watch today. But security folks shouldn't care when Vista shows up. There is too much to do until then.

I've also decided to take a one day respite from the Daily Incite tomorrow, so I won't be publishing. But Tuesday's edition (after the long weekend) will be chock full of great perspectives, since I'll have days of news and blogging to cover. 

Have a great day and a happy and safe Memorial Day weekend.

Top Security News

SSL and XML - BFF? (best friends forever)
So what?- This partnership between Forum Systems, which does XML/SOA security, and Portwise (an SSL VPN player) got me thinking about the SSL VPN as the jack of all access and the fact that it will need to be able to deal with XML/SOA traffic. I'm starting to hear rumblings about XML security becoming more interesting, but there aren't that many options for customers. I'd expect to see more than 2 or 3 independents if the market was real. Hmm. Another thing to add on the never ending list of stuff to check out. But keep an eye on the SSL VPN vendors, who need to figure out how to stay relevant as security moves into the network fabric. Maybe they need to become the fabric...
http://biz.yahoo.com/bw/060524/20060524005447.html?.v=1

SafeBoot gets EAL certification
So what? - Given the VA laptop theft this week, I should remind everyone that there are solutions to protect the data on a laptop. Full disk encryption is certainly one of them and there are others. Lots of folks with a lot more at stake (like 26 million veterans) have weighed in on the situation and it's not pretty. Folks will lose their jobs. Congress will do something. But for your part, something pretty simple (I didn't say cheap, I said simple) should be done to make sure you aren't the one with your head in the guillotine. SafeBoot is one of the players (CREDANT and PGP also come to mind) that can make part of this problem go away, and now SafeBoot is EAL certified, so all of those government buyers can feel good that SafeBoot has mastered the paper shuffling that EAL involves.
http://biz.yahoo.com/iw/060525/0131310.html

Sxip Salesforce.com audits at your own risk
So what? - Lots of folks use Salesforce, which adds yet another identity store that needs to be dealt with. As part of the million AppExchange announcements yesterday, Sxip Identity announced a free dashboard to audit your Salesforce environment to ensure their aren't identity issues. Having used Salesforce in a prior life, this is a good thing to do because if you have more than 20 folks in the field and do moves, adds and changes frequently and have NO one responsible for the application (like many small companies) - your data is probably at risk. This is also a good lead generator for Sxip that sells a box to provide single sign-on to Salesforce using an LDAP addressable identity store.
http://biz.yahoo.com/iw/060524/0131156.html

You still don't care when Vista ships
So what? - Ballmer is backpedaling mightily as he said yesterday to expect more Vista delays, right as Jim Allchin is touting how they are on time. Not this AM Ballmer says, "what I meant to say was..." Bad day for the PR folks, who need to unwind the mess. But alas, for customers - YOU DON'T CARE. Read this post again to remind yourself.
http://www.channelweb.com/sections/allnews/article.jhtml?articleId=188101874
 
Earnings: Blue Coat misses
So what? - Blue Coat announces what look to be revenues a bit higher than expected, but a marginal loss based on costs for the Permeo acquisition. Suffice it to say the Street was not impressed. Stock down 12% in after-hours trading and they are projecting a pretty much flat next quarter. Most concerning to BCSI investors is a "slowdown" in the proxy appliance space. Or is Websense finally getting their act together, both driving a different appliance platform and fixing some of their channel woes? Or is Barracuda nipping at Blue Coat's heels from below? Or is the market saturated? Who cares? That's why I do mutual funds. Let someone else worry about it. Finally, the web proxy/filtering/hygiene stuff is a function of an integrated perimeter defense platform. So the stand-alone market will be morphing over the next 18 months anyway.
http://biz.yahoo.com/ap/060524/blue_coat_systems_earns.html?.v=1

Top Blog Postings

Indian outsourcers doing more for security
This post by Paul McDougall hits on an important point, outsourcing has pretty dramatic security ramifications. Clearly your data needs to be protected, but also the outsourcer's staff needs to have controls on them to prevent the pilfering of data. It's got to be a major consideration and something that outsourcers will be able to differentiate on. Not for long because differentiation is tough in the services business, but the first outsourcer to get it security right will reap the benefits.
http://www.informationweek.com/blog/main/archives/2006/05/indias_outsourc.html

The new ISO sheriff in town
Given that I've read a bunch of stuff over the past two weeks about ISO 27001, I should probably learn a bit more about it. Since everything nowadays (at least from a compliance perspective), seems to be focused on "controls," ISO 17799 may be getting a bit long in the tooth - given it's process mentality. In this post/podcast, Victor Garza interviews a guy from Churchill & Harriman about the specifics. Maybe I'll have time over the long weekend to check it out.
http://weblog.infoworld.com/zeroday/archives/2006/05/a_conversation.html

Longhorn core to take on Linux
Dana Epp speculates in this post about how Microsoft should use the upcoming Longhorn core technology, basically as a low end firewall. That's an interesting point, but it's still a cost game. I don't know how Microsoft plans to price the stripped down Longhorn, but that is the key factor - not what services are there. When you package stuff on appliances, the underlying OS makes no difference (as long as it's secure). So it's a matter of whether this kind of packaging would make ISA more cost effective. We'll see, but I also think Longhorn core may have a role to play in virtualized perimeter architectures as well. But it all gets back to the pricing.
http://silverstr.ufies.org/blog/archives/000949.html

Stopbadware.org flags some more crap
Ellen Messmer notes that stopbadware.org has come out with another report pinpointing four more programs on the badware list. My position on this hasn't changed (check out the original post here). Did you know these folks issued another alert? I didn't. I only knew because Ellen wrote about it on her blog. Do you read her blog? Are you the target audience for this? The folks that will have an impact on this are SiteAdvisor (acquired by McAfee) and Scandoo (if they can figure out how to flag Kazaa as bad) and the 5-10 others that will inevitably pop up. You need to be at the point of decision, and that is probably the search engines.
http://www.networkworld.com/weblogs/security/012228.html

Recently on the Security Incite Rants Blog

Inciting: Email encryption panel at Inbox
I'll be out in the Valley next week for the Inbox show, moderating a panel on email encryption. Come on out and see me rant. My schedule is also filling up, so if you want to talk shop while I'm in town, drop me a note.
http://securityincite.com/blog/mike-rothman/inciting-email-encryption-panel-at-inbox

Read Wednesday's Daily Incite
http://securityincite.com/blog/mike-rothman/the-daily-incite-may-24-2006