Phishing — scams that use technology to obtain personal or financial information — will go beyond banks and telcos to smaller organisations less able to handle it and security will become a boardroom matter, not just an IT department responsibility.
So says Mark Pullen, business development manager for RSA Security.
“Large-scale identity fraud will drive new requirements to have an underlying secure framework for applications. Security will be part of the infrastructure.”
In the era of web services, “security will become a service to the application and that’s the only way IT systems will become secure”, he says.
“Web services are self-describing, self-publishing applications and you’ll have to know who’s accessing them and which web services are operating in the organisation.”
Security will be a major focus at executive level, he says.
“There’s far too much focus on it just being antivirus.”
Pullen, a Sydney-based New Zealander, worked for Verisign and Network Associates before joining RSA four years ago.
“In those four years, I’ve seen a lot of change in attitudes towards security in New Zealand.”
Geographic isolation means nothing when defending against online threats, he says.
“We’re only an IP address away.”
SecurID, the token and PIN-based authentication device, remains RSA’s main product in New Zealand. It offers versions for enabling both Microsoft and Citrix access.
A Linux version is coming later this year, once the Linux platform sector has consolidated.
“The challenge for open source for commercial applications is ‘which version?’ ”
RSA’s ClearTrust identity and access management suite is available on RedHat and United Linux.