Today, Check Point Software Technologies, one of the old guard in the world of information security, announced they are purchasing Nokia's security appliance business. This is welcome, if late, news to Check Point's customers who use Nokia hardware. For many years, Nokia was the de facto hardware platform for deploying Check Point firewall software. Check Point/Nokia shops have been struggling for months to decide how to respond to Nokia's announcement that they would rid themselves of this troublesome (think non cell phone) business. For customers with sometimes hundreds of Nokia appliances, the fear of potentially unsupported hardware, or of a big firewall replacement project, were equally disturbing.
This new agreement spawns a couple of interesting questions:
As the day draws to a close on December 16, 2008, Microsoft issued an advance out-of-band security advisory, #961051, and an emergency patch to follow the next day.
The vulnerability behind this advisory is a critical remote-code-execution vulnerability within Internet Explorer (IE). All currently supported versions of IE are affected. The vulnerability is related to an invalid pointer used in the data binding element within IE’s code base. This vulnerability allows remote execution of arbitrary code. If a vulnerable browser visits a malicious Web site, this Web site can instruct the browser to execute arbitrary code with the same privilege as the user itself.
I had an inquiry recently from a Forrester client who wrote that they believe the telecom industry has matured to the degree that there won’t be a new “next big thing.” They cited things like deregulation, the internet, cable, etc., as all disruptive events in the industry and wonder if anyone sees anything new coming on the horizon. I talked to other analysts in the I&O team and we totally disagree with this view. This is how I responded to the client:
On December 4, 2008, RSA and Microsoft jointly announced the imminent release of a collaboration that integrates RSA's Data Loss Prevention (DLP) product into Microsoft’s enterprise offerings. Initially, this means an integration between RSA's DLP 6.5 and Microsoft’s Active Directory Rights Management Server (AD RMS). The DLP product identifies and classifies sensitive information and RMS automates policy enforcement based on a company's existing AD structure. The integration is admittedly relatively basic to start, but in the long term the two companies expect DLP to be tightly woven into the fabric of Microsoft's enterprise products — identity-enabled data protection sitting deep within a company's Microsoft infrastructure.
What it means: All things considered, this is good news for every CISO. Microsoft has the broadest technology base by far; teaming up with a true security front-runner like RSA mitigates the fact that Microsoft has also had arguably the largest selection of security challenges in the past. The partnership addresses today's prime security challenge: By and large, firms tell us that the need to protect sensitive information leaking to people and places inside and outside the corporate perimeter is the single biggest obstacle they face.