The Internet is infested with criminals and scoundrels. There's no point in sugar-coating that fact; prefacing an analysis of the Internet's inherent shortcomings by extolling its proven productive virtues is an exercise in triteness. For an organization to profitably exploit a global communications network is a relatively simple endeavor. The real challenge lies in securing the organization's assets from the thieves and vandals who troll that global network relentlessly. As a comprehensive overview of the Internet's adverse impact on information technology security is beyond the scope of this paper, the following analysis will examine some of the issues many organizations currently face in securing their networks from pervasive and relentless Internet-based attacks.

Network SecurityBy enabling Internet connectivity, organizations have opened their internal networks to various common forms of electronic communication, including email, web browsing, peer-to-peer file sharing, and instant messaging. To achieve some measure of protection against threats that exploit legitimate uses of Internet traffic to breach internal networks, organizations install firewalls as a perimeter defense tactic. Firewall deployment is part of the canon of network security; however, according to Grochow (2005), firewalls cause many organizations to fall victim to a false sense of security, leading many to give short shrift to glaring security deficiencies that may exist within the network. Consequently, internal network users are often subject to a lower authentication threshold when attempting to gain access to the organization's applications and data. Since no firewall is completely secure, in the event of a breach, the hacker can typically traipse through the network with relative ease if there are no significant authentication obstacles in place. To shore up the security deficiencies, organizations can deploy applications that incorporate secure identity authentication standards (Groc...

-208 /research/specialreports/voipsecurity/0,3800013656,39166479,00.htmprince, 1 10 11 12 13 19 2 2.0 2005 2006 2007 2008 201 21 22 23 24 26 28 3 31 39 7 9 access accord achiev add addit address adopt advanc advantag advers ajax allow alon alreadi also amongst analysi anoth ant anti anti-spam anti-virus app appli applianc applic application-level approach appropri april asset attack attempt august authent avail avenu b bailey bane base bay becom best beyond biggest blame block breach brisk broad broad-bas brows busi c canon capit case caus cellular challeng cheap clear client coat common communic communiti compani competit complet comprehens compromis comput computerworld conclusionth concomit connect consequ coordin core corpor cover crimin cross cross-sit current cyber cycl d data databas decad default defens defici deliber denial denial-of-servic deploy design despit detect develop devic differ difficult doom door due earlier eas effect effort electron email eman employe enabl enact encrypt endeavor ensur enter enterpris eschew especi essenti establish event eweek examin exampl exercis exist expect expert exploit explos extens extol face fact failur fall fals far fashion favor featur februari fi file firewal firm focus follow form fulli function futur g gain gateway general generat give glare global go govern greater greenemei grochow grow hack hacker handset hardwar hardware-bas havoc heavili hole howev ident identifi ill ill-prepar impact implement incid includ incorpor increas independ industri infest inflict inform informatica inher inject insecur instal instant integr interact intern internet internet-bas intrud intrus involv ip ip-en issu j jackson januari javascript juli keep l lan latest layer lead leav led legitim level lie limit lower m make malwar manag mani mapl march marketplac mashup materi matter may measur messag mete mind mitig must n/a need network new news note obstacl octob offer often one onefil open option organ organiz orient overview pace paper para parallel part pbx pdas peer peer-to-p penetr perform perimet perpetu person pervas phish phone place plew point polici pose pot pots-bas practic prefac prepar press price primarili princ product profession profit program prolifer propens proper protect protector protocol proven provid punish rapid real rectifi referencesbailey regard relat relentless reli reliabl remain remot remov repeat replac report resolut respond respons retriev reveal rife rise risk rogu rush safeguard said save scam scope scoundrel script secur security-ori securitybi securityin securityth segreg sens sensit separ server servic set sever share shore short shortcom shoulder shown shrift shunt signal signific silicon simpl simultan sinc singl site small softwar solut sophist sort sourc spam specif spywar sql stand stand-alon standard standpoint state steven still stop strict stupid subject sugar sugar-co surreptiti survey suspici system tackl tactic take techniqu technolog telephon telephoni telephonyvoip therebi thiev though threat threshold thus thwart tight token tool tradit traffic traips transmiss trite troll trombl two typic uk unauthor under unifi unintend unwav use user util utm vandal variat various verifi viabl vicious victim violat virtu virtual virus voic voip vulner w way web web-bas week wi wi-fi william wire wireless wireless-en within world wreck www.silicon.com www.silicon.com/research/specialreports/voipsecurity/0,3800013656,39166479,00.htmprince, y year yet yong yue