Road Warriors on Trojan Horses: Ensuring End User Compliance Reduces the Cost of Network Security

By Sandler, Irene | T H E Journal (Technological Horizons In Education), August 2005 | Go to article overview
Save to active project

Road Warriors on Trojan Horses: Ensuring End User Compliance Reduces the Cost of Network Security

Sandler, Irene, T H E Journal (Technological Horizons In Education)

In ancient days, the people of Troy opened their gates to a splendid wooden horse--which turned out to be filled with Greek soldiers bearing malicious intent. Once inside the walls of Troy's previously unassailable fortress, the Greeks swarmed out of the horse's belly to wreak havoc within the city.

The networks at educational institutions today may bristle with firewalls, intrusion detection systems, and antivirus software, but attacks of malicious code continue to disrupt educational processes and administrative functions. The cost of repairing the damage from these attacks is increasing as the quantity, speed of contagion, and severity of worms and viruses increases.

The problem stems from an unfortunate convergence of three factors: the proliferation of mobility through laptop adoption, ubiquitous access to the Internet through less secure means, and the disappointing persistence of operating system vulnerabilities. At the same time, public Internet access points--whether wired or wireless--are seldom governed by security policies as stringent as those guarding internal networks.

Now, as wireless access gains increasing popularity, the threat of contamination is not restricted to public Internet access. Trouble can also emerge from "rogue" wireless access points, set up internally by network-savvy community members lacking safeguards of the campuswide infrastructure, as well as the frequent migration of laptops to unprotected home networks during vacations.

A Curious Conundrum

Reversing a fundamental assumption that information technology yields productivity gains and cost savings, the more educational institutions spend on security, the more support staff and resources are required. The Yankee Group ( estimates that the cost of patching a single user averages $243 a year, with costs rising as the number of users increases.

While the rapid growth of threats and the faster disclosure of vulnerabilities certainly fuel this inversion, it also appears that most security solutions have, until recently, focused on threat containment rather than threat reduction. This has led to an explosion in perimeter security products such as internal firewalls, and brute-force techniques such as shutting off ports. Not only is protecting the security perimeter much more difficult when every legitimate mobile user is the perimeter, but mending individual devices on the edge becomes a highly labor-intensive and expensive task. Simply stopping a virus or worm attack is not enough to reduce the burgeoning cost of support; it actually escalates the cost.

Balancing Risk and Responsibility

Both network administrators and technology manufacturers are working hard to address the challenge of threat reduction. Most colleges and universities distribute CDs filled with the latest patches and the appropriate client-based software for students to install onto their devices. Online support pages are also frequently updated with notices and software tools.

Manufacturers are introducing new features to old standbys. IP firewalls are augmented with internal firewalls, which can cordon off parts of the network occupied by infected machines. Wireless network gateways are outfitted with device-scanning capabilities, and antivirus software is distributed faster and more easily.

The rest of this article is only available to active members of Questia

Sign up now for a free, 1-day trial and receive full access to:

  • Questia's entire collection
  • Automatic bibliography creation
  • More helpful research tools like notes, citations, and highlights
  • Ad-free environment

Already a member? Log in now.

Notes for this article

Add a new note
If you are trying to select text to create highlights or citations, remember that you must now click or tap on the first word, and then click or tap on the last word.
Loading One moment ...
Project items
Cite this article

Cited article

Citations are available only to our active members.
Sign up now to cite pages or passages in MLA, APA and Chicago citation styles.

Cited article

Road Warriors on Trojan Horses: Ensuring End User Compliance Reduces the Cost of Network Security


Text size Smaller Larger
Search within

Search within this article

Look up

Look up a word

  • Dictionary
  • Thesaurus
Please submit a word or phrase above.
Print this page

Print this page

Why can't I print more than one page at a time?

While we understand printed pages are helpful to our users, this limitation is necessary to help protect our publishers' copyrighted material and prevent its unlawful distribution. We are sorry for any inconvenience.
Full screen

matching results for page

Cited passage

Citations are available only to our active members.
Sign up now to cite pages or passages in MLA, APA and Chicago citation styles.

Cited passage

Welcome to the new Questia Reader

The Questia Reader has been updated to provide you with an even better online reading experience.  It is now 100% Responsive, which means you can read our books and articles on any sized device you wish.  All of your favorite tools like notes, highlights, and citations are still here, but the way you select text has been updated to be easier to use, especially on touchscreen devices.  Here's how:

1. Click or tap the first word you want to select.
2. Click or tap the last word you want to select.

OK, got it!

Thanks for trying Questia!

Please continue trying out our research tools, but please note, full functionality is available only to our active members.

Your work will be lost once you leave this Web page.

For full access in an ad-free environment, sign up now for a FREE, 1-day trial.

Already a member? Log in now.

Are you sure you want to delete this highlight?