Plugging security holes

The technology environment at agencies is always changing, with new threats emerging and new services being developed that must then be secured against internal and external misuse. Fortunately, the security industry is almost lifelike in its ability to adapt to changing requirements.

That's one way to see it. But to systems administrators on the front lines, it's often a matter of plugging holes. Just when it seems that all the pieces are in place, new cracks develop that must be filled.

In this special report, we look at four emerging tools — identity management, multifunction security appliances, XML security and wireless security — that represent efforts to plug the holes in network and information security. Taken together, the technologies give organizations a multilayered defense to protect critical assets and data.

As organizations extend the boundaries of their networks to customers and business partners, administrators need to know who has access to networks and what applications and systems they are authorized to use. Identity management software can fill this crucial need.

Hardware-based security appliances that perform several tasks, from firewall protection to traffic management, are gaining acceptance for their ability to help lower the cost of security efforts and make them more manageable. At the same time, federal agencies are showing an interest in application security gateways, devices designed to block intrusions and malicious attacks that traditional firewalls might not be able to stop.

Web services based on Extensible Markup Language offer greater opportunities for agencies to share information across disparate applications and systems via the Internet, but they can open up backdoors for intruders to exploit. Therefore, XML firewalls and similar technologies will gain importance this year and next year.

Which brings us to the wireless revolution, whose momentum can't be stopped. Wireless local-area networks have been hailed for their ability to give roaming users access to organizations' networks but criticized for their lack of security. As more heavy hitters such as Microsoft Corp. enter the wireless LAN arena, you can expect to see more big-name security companies offering better authentication and monitoring devices to shore up wireless defenses.

The story, of course, won't end here. These developments, impressive as they seem now, are just the latest solutions and not the final word in security. They are stopgap measures that will be overtaken as information technology continues to evolve.


  • Congress
    Rep. Jim Langevin (D-R.I.) at the Hack the Capitol conference Sept. 20, 2018

    Jim Langevin's view from the Hill

    As chairman of of the Intelligence and Emerging Threats and Capabilities subcommittee of the House Armed Services Committe and a member of the House Homeland Security Committee, Rhode Island Democrat Jim Langevin is one of the most influential voices on cybersecurity in Congress.

  • Comment
    Pilot Class. The author and Barbie Flowers are first row third and second from right, respectively.

    How VA is disrupting tech delivery

    A former Digital Service specialist at the Department of Veterans Affairs explains efforts to transition government from a legacy "project" approach to a more user-centered "product" method.

  • Cloud
    cloud migration

    DHS cloud push comes with complications

    A pressing data center closure schedule and an ensuing scramble to move applications means that some Homeland Security components might need more than one hop to get to the cloud.

Stay Connected


Sign up for our newsletter.

I agree to this site's Privacy Policy.