Beyond Computers in Computer Security

Article excerpt

SAN FRANCISCO -- For all the power and complexity of modern computer networks, practical computer security against cybervandals may ultimately be found in the commonplace concept of a burglar alarm.

That is the notion of Bruce Schneier, one of the nation's best- known cryptographers -- people who specialize in writing and cracking secret codes. Schneier, who is a computer scientist and the author of a best-selling technical book, Applied Cryptography, has recently transformed his small consulting practice into an Internet alarm company backed by venture capitalists.

Schneier's credentials include creating the Twofish encryption algorithm, which is a candidate to become the advanced encryption standard being set by the National Institute of Standards and Technology. So it may seem odd that a scientist who designs unbreakable mathematical locks for protecting information is calling on e-commerce companies to put mere people back in the computer- security equation.

But Schneier argues that to trust the safety of information stored in a computer system to even the most powerful computer security software alone is foolhardy. That is why his new company, Counterpane Internet Security, has adopted a business model remarkably like that of ADT Security Services, the burglar alarm company.

"My basic philosophy is that technical protection mechanisms such as fire walls, encryption and authentication only go so far," Schneier said, referring to some of the more popular computer security technologies. "Every protection mechanism ever built has a flaw. They can be hidden for years, but they're there."

Counterpane, based in San Jose, Calif., and which last year raised $7 million in financing from Accel Partners and Bessemer Venture Partners, has just finished building its first secure operations center in nearby Mountain View, Calif. (A backup center is being built in Chantilly, Va.)

The operations center, which has high-speed links to the Internet, is reinforced to resist physical attacks and further protected by video surveillance and special "biometric" access controls that require positive physical identification of staff members before they are allowed to enter.

Inside, operators work in shifts around the clock, watching their clients' computers, which are connected via the Internet from locations around the world. Although various companies have been taking part in tests, the one paying customer Counterpane would identify was VoteHere.com. The center's operators monitor information generated by a program that Counterpane developed, known as Socrates, which assigns categories and priorities to the network activities it detects, seeking signs of hostile computer attacks. …