Conversation
Aladdin Knowledge Systems

NEXT WEB WAVE: CONTENT SECURITY AS A SERVICE Yanki Margalit,
Chairman and CEO
Aladdin Knowledge Systems, Ltd. (Nasdaq: ALDN)


The Web Reality

Today's high-tech, instant access world means that nearly everyone has become an 'expert' web user. Whether home or small to medium businesses, people are freely surfing the Internet, sending and receiving emails, and conducting electronic online transactions. Consequently, they are overflowed with threats – some of which they are aware of, and some of which they are not – which they find difficult, if not impossible, to handle:

è Spyware and adware that spy on their activities and files, slow their and compromise their privacy

è Trojan horses and worms hidden within web pages

è
Other types of malicious code exploiting new security holes which are discovered all the time

The Not-So-Expert Expert Web User and the Desktop Solution

To survive on the web means that Internet home users and many small business operators are forced to become security 'experts.' Plagued with malicious code of all sorts, a desktop or email antivirus is not enough. They are told they also need anti-spyware, anti-spam, and a personal firewall. On top of all that, they must ensure the operating system and all applications are always up-to-date with the latest security patches. For the many home and small business networks, the problem is multiplied by the number of PCs in the household or office. So users mix-and-match expensive software package desktop solutions from here and there, trying, unsuccessfully, to cover all the bases. And while users may take matters into their own hands -- implementing desktop solutions and security patches in an attempt to address these threats -- most are not interested in (and not capable of) becoming security experts.

Why ISP Anti-virus Solutions Just Don't Cut It

Users expect their Internet Service Providers to give them more security services and deliver a "clean Internet pipe," but in most cases, the security services offered by ISPs are limited. The truth of the matter is, that as with the desktop solution scenario, current ISP anti-virus solutions are not enough to protect against the security threats faced by today's web users. The reason is that ISP anti-virus solutions handle email content alone, completely disregarding the fact that most of today’s threats come from the web. As noted by CNET on news.com, "The end is coming for viruses sent by e-mail, security experts…predicted…saying the problem has had its day." (April, 2005)

Or as Gartner wrote in February, 2005, "Traditional signature-based antivirus products can no longer protect companies from malicious code attacks. Vendors must execute product and business strategies to meet the new market requirements for broader malicious code protection."


The Newest Threat: Spyware

Spyware is the latest in the continual barrage of threats faced by home and business web users. In fact, the possibility of "spyware and unwanted programs being secretly loaded onto computers" have become a threat of such high profile that, according to PEW Internet, "nine out of ten Internet users have adjusted their online behavior out of fear of falling victim to software intrusions."

And the users, PEW Internet says, are right. "Unfortunately, many internet users’ fears are grounded in experience – 43% of internet users, or about 59 million American adults, say they have had spyware or adware on their home computer. “ (July, 2005).

The likelihood of spyware unobtrusively entering a home or small business network becomes even more of a possibility when considering that most users do not scan the HTML web pages they visit. This is due to the fact that the conventional web page scanning feature usually offered in vendor anti-virus solutions actually slows browser performance. Thus, it is a feature that most users don’t activate – opening up networks to dangerous automatic spyware downloads from the web.

Phishing – The Double Whammy

Add to the threats of malicious code and spyware that of phishing and you've got quite a mix going. As mentioned in an earlier article, phishing is the sending of e-mails and links to web sites which are designed to look like those of well-known, legitimate businesses, financial institutions, and government agencies. They are sent with the intent of deceiving web users into disclosing personal data such as bank and financial account information, usernames and passwords. When successful in accessing this information, the phishers then take it and use it for criminal purposes, such as identity theft and fraud.

These authentic-looking phishing emails are frequently sent via mass-mailing spam programs directing users to the illegitimate 'copy' websites, further emphasize the importance of a comprehensive content security solution which users can rely on. One which not only stops threats before they reach the network or inbox, but also protects users as they surf the web.

This means security against:

• Vulnerabilities (security holes)
• Spyware
• Web page (HTML) exploits
• Phishing sites
• Hacked sites

Users are Demanding More

Proactive gateway protection is what users are looking for, and they will go where they can get it. As Forrester reported in July, 2005, "Consumers will demand a safe Internet service, and if an ISP doesn't measure up on security, members will flee to a rival provider. Customers will absolutely demand a clean pipe." Secure surfing, in turn, translates into better performance – something both the user and the ISP/Telco can appreciate.

Likewise, the ISP or Telco which offers a proactive gateway solution not only obtains an edge by differentiating themselves from the competition, they increase their revenues and end up with satisfied home and small business customers who appreciate the "large business" security at a small monthly fee.

In 1997, the content security experts at Aladdin Knowledge Systems were the first to identify the serious threat posed by web malware (which today the world calls spyware) and began developing solutions to help organizations defend against this threat. We have found that keeping ahead of the growing waves of malware requires both a deep understanding of web-based content security principles, and an unwavering commitment to aggressive product innovation.

>>Aladdin Archive

Yanki Margalit is the founder, chairman and chief executive officer of Aladdin Knowledge Systems, Ltd. In 1984, he designed and developed several products in the areas of artificial intelligence and software security, founding Aladdin to market them.

Mr. Margalit then introduced HASP, a system offering software protection without inconveniencing legitimate users. In 1993, Mr. Margalit took Aladdin public on the NASDAQ stock exchange, and in 1996 he brought about the merger of Aladdin with FAST Software Security in Germany. Aladdin acquired eSafe Technologies in 1998 and Preview Systems in 2001.

Today, Aladdin is a global leader in the software Digital Rights Management and Internet security market, living up to its mission of "Securing the Global Village." Visit the Aladdin website at www.Aladdin.com to learn about Aladdin products and how you can use them to protect yourself and your organization.