were five years ago or even a year ago. As both networks and attacks
grow in complexity, it takes more time, skill and energy to protect a
company’s information and its very viability.
Ken Xie, president and CEO of Fortinet Inc., a Sunnyvale, Calif.-based
network security company, says IT administrators and security officers
are under a lot more pressure than ever before. Expanding perimeters,
leaky hand-helds and virulent viruses are just part of the expanding job
they’re dealing with today.
Here Xie talks with Datamation about one of the toughest jobs in
IT and what administrators can do to make it a little easier.
Q:How much more difficult is a CIO’s or IT administrator’s job now
than it was five years ago? What has changed?
In today’s business environment, CIOs and IT administrators face many
new challenges that were either not present or not as extensive five
years ago. Following the dot-com bust of the late ’90s and early 2000s,
IT budgets and staffs became the focus of drastic cuts in most
organizations. IT spending has yet to return to pre-bust levels. As a
result, CIOs and IT administrators are being forced to do more with less
— from integrating new technologies with legacy systems to extending
support for mobile workers with limited infrastructure investment.
This challenge has been exacerbated by the increasingly mobile nature of
business across industries and by the growing demand for ubiquitous
access to information from any device and any location.
Another major change is that today’s CIOs and IT administrators are
facing new and increasingly virulent security threats and new
regulations from the government.
Q: Many employees work remotely every day or spend many days working
on the road, carrying laptops, cell phones and PDAs. How much more
difficult does this make it to secure a network?
There is no doubt the increasing number of remote workers and the mobile
devices they rely on are creating new security challenges. If the proper
precautions are not taken, it is possible for a single device to act as
a point of compromise for an entire network. Threats can include mobile
devices that do not have strong user authentication systems and fall
into the hands of unauthorized users, providing avenues for access to
company networks and sensitive company information.
Another security threat that is not widely recognized is the
vulnerability of wireless devices and wireless networks to content-based
threats like viruses and worms. Many users do not understand that when
they connect to a wireless access point, they join a community of users
from whom they have little protection. A user could easily pick up a
virus or worm during a wireless work session at their local Starbucks
and transmit that virus throughout their network upon returning to the
office.
We often joke that your morning coffee could end up costing your
employer upwards of a $100,000.
Q:Because of the abundance of mobile workers and mobile
technologies, along with strings of business partners, consultants and
connected clients, can anyone really know where the network begins and
ends now?
The disappearing perimeter is something we talk with customers about
every day. The virtual enterprise brings businesses a whole spectrum of
cost and productivity savings. It helps companies tap into new sets of
human resources. It makes small businesses look like global companies,
and enables global companies to deploy resources to even the smallest
regions of the world. This is why there is no longer a single point of
compromise, and why the IT security industry, as a whole, has been
preaching a layered, multi-faceted approach to security for several
years.
It starts at the endpoint, be it a desktop or laptop computer, connected
to a wired network or wirelessly. You must then place the proper
barriers at the edge of the corporate network, or the gateway. This is
probably the place where the strongest and best performance security is
required. This is the point where people either get in, or are kept out.
Once inside the gateway, or firewall, it’s important to segment
business. Security should be taken down to the departmental level,
segmenting off portions of the company so attacks can be quarantined.
To all of this, you must add strict but applicable security policies,
and end-user education.
Continue on to hear what Xie has to say about Linux security, the dangers of spam and users who keep downloading viruses….
Q: A lot of administrators want to move to Linux because they thinkit’s more secure than Windows? How dangerous can life be on the Linux
platform?
I think it’s probably too early to tell.
It is certainly true today that the most damaging attacks have afflicted
Windows-based systems and that, by comparison, Linux has been relatively
immune. However, there are real questions as to the true reasons for the
apparent safety of Linux.
The first and most important issue is prevalence. Just as in biological
systems, dense populations are most conducive to the spread of
contagions. And in contrast, more dispersed populations are more immune
to rampant, fast-spreading attacks. Thus Linux, with its more sparse
installed base — and absence from the desktop — will be inherently
more secure than Windows, as long as Windows maintains such a dominant
share of installations.
Another potential characteristic in favor of Linux is the degree to
which Microsoft is viewed as a more ”deserving” target of attack
compared with Linux. In addition, some believe that Linux code, because
it is open, is more heavily scrutinized and therefore benefits from the
security expertise of thousands of developers, while others say that it
is far easier to find security flaws by exercising object code rather
than by analyzing source code.
These factors are all extremely complex, so it will be interesting to
see how the security posture of Linux evolves as it becomes more
widespread.
Q: Worm after worm continues to hit the Internet. Users are still
clicking on attachments and downloading damaging viruses. How can we
stop the cycle?
Social engineering has always been one of the greatest challenges to
security. Those who wish to do harm always seem to play upon natural
human curiosity and weakness.
This will always be a problem. While user education is important, we are
firm believers that the only truly effective way to stop these threats
is to do so before they have the opportunity to reach end users. By
implementing effective security solutions at the network gateway and
preventing attacks from ever reaching users, companies can take great
strides to protect themselves against these threats.
Q: A lot of people still think of spam as a nuisance. How big of a
security risk has spam become?
Spam has become a real security issue as the lines between spam activity
and malware have become blurred. We believe that, in addition to using
intelligent filtering and content analysis technologies to reduce the
amount of undetected spam, it will be necessary to raise the ”cost” of
sending spam to the point where the return is no longer attractive in
order to truly curtail the practice. There are, of course, many
parameters to the notion of ”cost”, so it should be possible to make a
big dent in spam activity without necessarily charging for email.
Q: What do you see coming down the road in terms of security
technology?
The key challenges — and opportunities — will be to deliver security
technologies that are enablers of all of the new and exciting
applications that have only started to show their promise, such as voice
and video, instant messaging, real-time collaboration, e-commerce, and
more. The individual piece parts — encryption algorithms,
authentication systems, and the like will continue to improve. But the
real benefits will come when security becomes embedded with, and
ultimately as ubiquitous and invisible as the network itself.
Huawei’s AI Update: Things Are Moving Faster Than We Think
FEATURE | By Rob Enderle,
December 04, 2020
Keeping Machine Learning Algorithms Honest in the ‘Ethics-First’ Era
ARTIFICIAL INTELLIGENCE | By Guest Author,
November 18, 2020
Key Trends in Chatbots and RPA
FEATURE | By Guest Author,
November 10, 2020
FEATURE | By Samuel Greengard,
November 05, 2020
ARTIFICIAL INTELLIGENCE | By Guest Author,
November 02, 2020
How Intel’s Work With Autonomous Cars Could Redefine General Purpose AI
ARTIFICIAL INTELLIGENCE | By Rob Enderle,
October 29, 2020
Dell Technologies World: Weaving Together Human And Machine Interaction For AI And Robotics
ARTIFICIAL INTELLIGENCE | By Rob Enderle,
October 23, 2020
The Super Moderator, or How IBM Project Debater Could Save Social Media
FEATURE | By Rob Enderle,
October 16, 2020
FEATURE | By Cynthia Harvey,
October 07, 2020
ARTIFICIAL INTELLIGENCE | By Guest Author,
October 05, 2020
CIOs Discuss the Promise of AI and Data Science
FEATURE | By Guest Author,
September 25, 2020
Microsoft Is Building An AI Product That Could Predict The Future
FEATURE | By Rob Enderle,
September 25, 2020
Top 10 Machine Learning Companies 2020
FEATURE | By Cynthia Harvey,
September 22, 2020
NVIDIA and ARM: Massively Changing The AI Landscape
ARTIFICIAL INTELLIGENCE | By Rob Enderle,
September 18, 2020
Continuous Intelligence: Expert Discussion [Video and Podcast]
ARTIFICIAL INTELLIGENCE | By James Maguire,
September 14, 2020
Artificial Intelligence: Governance and Ethics [Video]
ARTIFICIAL INTELLIGENCE | By James Maguire,
September 13, 2020
IBM Watson At The US Open: Showcasing The Power Of A Mature Enterprise-Class AI
FEATURE | By Rob Enderle,
September 11, 2020
Artificial Intelligence: Perception vs. Reality
FEATURE | By James Maguire,
September 09, 2020
Anticipating The Coming Wave Of AI Enhanced PCs
FEATURE | By Rob Enderle,
September 05, 2020
The Critical Nature Of IBM’s NLP (Natural Language Processing) Effort
ARTIFICIAL INTELLIGENCE | By Rob Enderle,
August 14, 2020
Datamation is the leading industry resource for B2B data professionals and technology buyers. Datamation's focus is on providing insight into the latest trends and innovation in AI, data security, big data, and more, along with in-depth product recommendations and comparisons. More than 1.7M users gain insight and guidance from Datamation every year.
Advertise with TechnologyAdvice on Datamation and our other data and technology-focused platforms.
Advertise with Us
Property of TechnologyAdvice.
© 2025 TechnologyAdvice. All Rights Reserved
Advertiser Disclosure: Some of the products that appear on this
site are from companies from which TechnologyAdvice receives
compensation. This compensation may impact how and where products
appear on this site including, for example, the order in which
they appear. TechnologyAdvice does not include all companies
or all types of products available in the marketplace.