In Servers We Trust?
Server security and protection for data and customer transactions are now, and are always going to be, a huge consideration for server administrators.
July 25, 2005
Server security and protection for data and customer transactions are now, and are always going to be, a huge consideration for server administrators. The onslaught of spam, virus and worm attacks, and other malware is just way too much for that not to be the case. And too much data flows through corporate servers to not devise ways to protect that; I'll venture a guess that we're all tired already of seeing stories about huge data leaks lately. But, how do you attack the problem? At the software level? At the perimeter of the network? With built-in hardware?
That last method is what lies behind the efforts of the Trusted Computing Group's new trusted server specification, a chip-based effort to store ID information such as digital keys, certificates and passwords. The organization, an alliance of industry heavy hitters in the server and general computing market, says 15 million client machines have shipped with a built-in chip that can take advantage of the new server spec, and a specification for a trusted network architecture is right around the corner. Put all those pieces together, and businesses that use servers and desktop PCs that meet the standard can go a long way toward assuring protection of their customers' valuable data.
That's the theory, anyway. But the $64,000 question is pretty basic: How many businesses will take advantage of this? History is rife with examples of hardware-based specs that nobody ever bothers to implement. In fact, I'll bet that all you tech-savvy server administrators out there have one sitting right in your own house that you've never tapped. Ever turned on that V-chip in your nice, new TV? See?
The truth is, you can build all the protection you can think of into a system, and if the end user doesn't bother with it, all the front-end work has gone for naught. So, it'll be up to the companies that comprise the Trusted Computing Group, and the organization itself, to do the marketing and educational outreach that's necessary to make this spec really count. Their customers just want to get their boxes, get them onto the network and keep their operations online; something like this is extra information that's not in the forefronts of their minds. The success of this initiative, then, is essentially dependent on what the TCG and its members do to get it there.
Read more about:
2005You May Also Like