Comdex 2001: Security products evolve

IT managers looking to increase corporate network protection will look at products from companies such as Siemens, RedHand, and Wave Systems
Written by Wayne Rash, Contributor

There's no question that security is in the minds of IT buyers as they prowl the Comdex trade show in Las Vegas this week. Companies that produce products even tangentially related to security display that fact prominently. Companies with products that are distantly related to security still list themselves in the security product section.

But that doesn't mean the security revolution has happened. Instead, you might say that IT managers are finding the "security evolution". Yes, there are new things for the security minded, but for the most part, they're improvements to existing products. Think of smart card readers that are now thin enough to attach to your computer with velcro, and you get the idea.

Still, there are some notable trends. The security product industry seems to be dividing itself into two camps. There are those products that keep your data systems from being compromised by hackers or disgruntled employees. Then there are products that keep you from being sued. In both cases, the presence of companies from outside the US is also notable. The demands for enterprise security have been strong for years in Europe and the Middle East, and the experience companies from these areas have gained shows in their product availability and maturity.

For example, the vast German conglomerate Siemens has an equally vast presence in Las Vegas, showing its ever-growing line of access control security products. These products include everything from a mouse that reads fingerprints to devices that combine the data from your biometrics. The company is also showing examples of biometrics contained on a smart card with information held on a server to make a positive ID of anyone trying to access an enterprise network.

Another German company, Towitoko, meanwhile, displays a line of smart card readers so small they're barely larger than the smart cards they read. You can affix these devices to keyboards, the sides of monitors, or anywhere else you can stick a piece of velcro. The cost is so low that a company representative described the volume price as "about the same price as the card itself."

These products attracted the attention of IT managers newly endowed with both the funding and the demand to do something about corporate security. The approach taken by Siemens, and by US-based Wave Systems encompasses the enterprise security problem from the user keyboard through the servers to the rest of the network. This means that managers can select products like these and have some assurance that their users will be positively identified, and that their transactions will be protected.

Elsewhere, the focus seems to be on protective products such as Internal Network Security Manager v.8 from UK-based RedHand Software. This product doesn't exactly manage security; for example, it can't manage your password or access policies. However, it can record every keystroke and every action a user takes. It can also prevent users from carrying out certain activities, or visiting certain Web sites. The big selling point for this and similar products is that you won't get sued for having your users look at porn sites on company time, and you might be able to prevent them from downloading or sending certain types of information. And if a user does send the company jewels to a competitor, you might be able to prove who did it.

All these products stand to help IT managers solve their security problems. Given the increase in interest about security over the last couple of months, it also means that there are a few real solutions managers can offer their companies.

More enterprise IT news in Tech Update, ZDNet UK's enterprise channel

Have your say instantly, and see what others have said. Click on the TalkBack button and go to the ZDNet news forum.

Let the editors know what you think in the Mailroom. And read other letters.

Editorial standards