If there is one certainty in the security business, it is that security professionals and hackers are in a constant battle to protect and exploit vulnerabilities.

Despite a wide range of measures taken to combat them, security threats continue to multiply and mutate. Many viruses and worms are launched with criminal intent to damage network resources, while others merely clog networks with unnecessary traffic. Some security threats are even unintentional: employees accidentally transgress their user policy or find that they have unintended privileges to databases. Still more result from the emergence of new technologies such as wireless and social media.

More Mobility, Mo-Problems

Today's networks have become extremely porous and dynamic with the rise of the "virtual" enterprise. Outsourcers, business partners and other third parties now routinely share information that traditionally remained within the "four walls" of the enterprise. As a result, a wide variety of users have access to the network. These include full, part-time and temporary employees; contract and remote workers; guests; partners; resellers and customers. Each user type requires different access abilities, network and application resources, and has varying security and performance needs.

The proliferation of wireless devices, open ports and VPNs creates additional security vulnerabilities. Hackers can easily compromise an employee at home, where they will almost always be caught off guard, and in many cases, may not even have any security software installed. This allows the attacker to walk right into the corporate network, bypassing all of those robust security solutions deployed at the perimeter of the network.

Web 2.0 Vulnerabilities

An emerging area of concern for security professionals are exploits in peer-to-peer software, social networking and instant messaging applications. Enterprise IT staffs are suddenly getting slammed with yet another new set of security problems.
Few employees realize how dangerous social networking applications are to enterprise security. A study carried out by YouGov earlier this year, which sampled over 1,000 British corporate employees, reveals that 60 percent of users accessed personal e-mail applications and social networking sites from their work computers at least once a week, with 28 percent using an Instant Messenger (IM) application. Even more alarming to security professionals, 90 percent of workers surveyed believe that their work computer is either fairly or very secure, with 67 percent trusting that their IT department has taken the necessary measures to secure their computer against threats.