The Security Week That Was: A Recap: Feb. 3-9, 2007

SIW Editor Geoff Kohl gives a weekly surveillance of news shaping your profession


So, I'm not in San Francisco this week attending the RSA Conference, despite my wishes. But I have been enjoying some of the blog reports coming out of this IT security show. Now some might be asking why I should pay attention to an IT-focused show like the RSA conference when our industry is still (despite all the buzz) heavily focused on gates, fences, analog cameras, guards and old reed-style contacts for intrusion detection. The answer should be obvious. While yes, mag stripe cards and security fencing may still define much of commercial security, it's rapidly moving beyond that and I'm watching our industry as a whole pay a lot more attention to what's happening at the RSA Conference versus the FenceTech show.

Some of the things I like coming out of the RSA show:

-- Data privacy and network authentication are topics we harp upon. So, apparently, does Bill Gates. In his address to the crowd, he was talking about identity authentication, smart cards and a migration from passwords to something of recognition or token presentation. Jack Vaughn covered the topic as part of TheServerSide.net blog community.

-- We got a press release from a company you probably know well if you're delivering access control systems: HID Corporation. The folks at HID were at RSA demonstrating what they call their Crescendo smart card technology. Cut to the chase -- it's their card technology designed specifically for converged physical and network access. Given that they demonstrated this new product at the RSA show, it's a touch of commentary on who will be leading convergence.

-- You put a bunch of security people in a room and they're naturally suspicious. At the RSA show they naturally try to bust each other's chops in regards to network security and notebook security. AirDefense was apparently playing that game. The company was trying to spot unprotected wifi devices, and even noted some wireless networks pretending to be the official RSA network.

-- How many articles have you seen from industry magazines talking about how to talk to your company executives about security investments? Don't we always think that when IT security wants something, they get it instantly, but we've got to prove that the camera for the parking lot is worth the money? Well, it's no different on the other side of the fence. SC Magazine is a good read for IT-specific security professionals, and I love this report from RSA 2007 talking about how to convince the C-level that IT security spending is worthwhile. It's proof that security expenditures are handled the same way, whether you're on the "physical" or the "logical" team.

Now back to the world of physical security...

News shaping the week
Sony Gets IPIX, WBFAA Apprentice program makes good, mail bombs, more

While Sony didn't officially announce it, a document from U.S. Bankruptcy court that I received late last Friday, shows that the company has acquired the IPIX assets. I like 4A International founder Steve Hunt's take on the technology. Steve thinks Sony might take the technology well beyond its narrow usefulness in security. He's got a point, especially when you recall that this technology first became known as a tool for real estate agent listings.

I got a note from the marketing staff for the Western States Burglar and Fire Alarm Association (the group that comprises California and other state and regional BFAAs). They noted that they just picked up their 1,000th apprentice. A couple years ago, I remember talking with George Gunning about his dreams for this kind of apprenticeship program and for a butterfly effect creation of a national apprenticeship program that would correct the ongoing problem that not enough talented people are entering our industry. It looks like it's starting to happen.

It couldn't happen here, right? At the sleepy UK office of the firm that handles the outsourcing of some motor vehicle violations processing, a mail bomb wounded a woman working in the office. Mark that news story down as a reminder to review your mailroom security policies this month.

This content continues onto the next page...