Focus on security
July 2004 - Toronto Star

IT security firm Informatica Corp. is offering free e-mail security support
for 36 months to small businesses who sign up by the end of July.

The service, called FlexProtect Basic, allows small business operators to
e-mail the consultancy with whatever security-related concerns they have, and get a response within 48 hours.

Claudiu Popa, president of the Toronto-based company, says the offering is beneficial to both clients and his company.

'The service we are offering for free would typically represent a few
hundred dollars per month,' he says. 'We have found our clients contact us a number of times a month for support, and instead of feeling like lawyers where you call and they start the clock, we decided to not to do that for e-mail support.'

Popa adds the offer, though free, involves a $75 administration charge. It serves the firm as a test to see how well its publicity and search engine promotion methods work as well, he says.

The FlexProtect service is one of three new lines of service the company is delivering to small and medium-sized businesses. The first service, FlexSecure Verify Audit, is the starting point for businesses embarking on a security strategy.

Informatica audits a company's electronic devices as well as physical access points, tells the client where the weak points are and recommends strategies and products to prevent security breaches. The whole process normally takes about a week.

With FlexSecure LockDown, the company's security specialists go in and
'harden' or lock down a client's computer systems, as well as 'scrub' or
clean the hard drives of computers that are being replaced or discarded.

'There are a lot of businesses discarding computers without thinking hat
might be on them so we ask them to run them through us first and we purge them,' says Popa.

Popa says although small businesses are getting more sophisticated and aware of security threats, the IT security risks from viruses, Trojan horses, malware, and spyware are always one step ahead.

'Both small and mid-sized businesses have some kind of budget allocated to security, but part of the problem is often they expect a magic pill that will save them,' he says. 'They rely on their IT guy for an anti-virus
program and hope this thing will work in the background and provide
security.

'It can't. That can only be done by intelligent, sentient human beings, and [small businesses] need to be aware of that.'

Small businesses are at greater risk of security threats because they rarely have policies in place that make it clear to employees they shouldn't visit certain types of Web sites, download music or videos, eat up bandwidth by sending jokes or 'borrow' office software, says Popa.

To address this lack of awareness, Informatica offers a series of one-hour workshops , called Worklife Security, designed to teach the non-technical worker and manager how to protect corporate information and resources.

According to Internet security vendor Symantec Corp.'s most recent Internet security threat report, blended threats (for example, viruses hidden in spam e-mail) made up 54 per cent of the top 10 malicious code submissions over the last six months of 2003 and the overall volume of blended threat submissions in the top 10 increased by 59 per cent.

The report says the threats have caused widespread damage more quickly than ever before due to increased propagation speed, aided in part by improved bandwidth and decreased latency.

And while the number of new vulnerabilities discovered has levelled off,
newly discovered vulnerabilities are more severe, the report says.