"Security still a top priority for organizations"

Aiming to be 'Mr Reliable' in the security services arena, F-Secure Corporation provides solutions for workstations, gateways, servers and mobile phones that include anti-virus and desktop firewall with intrusion prevention, anti-spam and anti-spyware solutions, as well as network control solutions for Internet Service Providers.

Founded in 1988 and headquartered in Helsinki, Finland, F-Secure has established offices in Singapore, New Delhi, Mumbai and recently announced the official opening of its Malaysian technology center in the country’s capital Kuala Lumpur.

F-Secure has established a security research center and technical support operation in Kuala Lumpur and is currently staffing the development function to support the organizations strategic goal to amplify its presence in Asian markets.

"Security is still a top priority for organizations," says Partik Runald, Senior Security Specialist, F-Secure Corporation, in an interview to AC Ganesh. Talking about the a range of security issues in enterprises and small and medium businesses (SMBs) today and how the company is gearing up to meet future challenges, Runald added that “the threats are not only more in numbers but they are also more advanced and this battle is not over and will not be over anytime soon."

"Some of the major security threats faced by organizations are stealing of confidential information, malware and intrusions which is through unpatched vulnerabilities. The threat picture is much more complicated today compared to a few years ago," said Partik Runald, on some of the major threats faced by an organization today.

“Presently, we have around 165,000 variants of viruses in the net world, while there are 205 variants of mobile viruses across the globe. Though we haven't had any major outbreaks with the last one being Saser work, which affected millions of PCs across the world, the motives of the spammers have changed,” he added.

As to who should be own up for vulnerabilities in softwares, Runald said, "The developer of the software that has those vulnerabilities should own up. For example, vulnerability in Windows is found, it’s Microsoft’s responsibility to create and distribute a patch for this and the same applies to all other softwares."

Looking at the need and role of Chief Security Officers (CSO) in an enterprise, the Senior Security Specialist said, "It depends on the size of the organization. In larger organizations, where the security policies and incidences take so much resources and time, I definitely recommend it. In smaller companies, the IT Manager can probably do this. Either way, all sizes of organizations should have a clearly defined and updated security policy so that their employees knows what is allowed and not allowed."

When asked about the security standards and best practices for maintaining enterprise security, Runald said "These standards and best practices form a framework that organizations can use to build their own processes and policies and they are not key to a secure network or environment as each organizations needs are different." "But they can and should be used as guidelines when defining those policies and processes," he added.

On threats faced by SMBs, Runald said, "Typically the threats are the same but SMBs don’t have the money and personnel to deal with this full-time like an enterprise has. Therefore a lot of SMBs look at buying security as a service where they pay for a the benefits of security, not a solution license that they have to install and maintain."

Asked about how the company keeps abreast with new security threats, Runald replied "We continuously work to try and figure out what threats will emerge in the next coming years and start developing solutions for that now so that they are ready if and when those threats become reality. An excellent example of this is our Blacklight Rootkit Elimination technology which we started developing over 2 years ago and were able to ship to customers before they became a widespread threat."

"We shipped our first security solution back in 2001, three years before the first threat was found. As mentioned previously, we continuously monitor the threat landscape and develop technologies to secure our customers," he added.

Talking the various products and solutions that F-secure offers, Runald said, "We offer security solutions for all types of users, everything from home users to large enterprises. We also offer security solutions for mobile devices such as Symbian- and Windows Mobile based phones," adding "with most cases of security breaches happening through LAN or Internet, the company develops primarily software based security solutions that protects organizations from malware (viruses, spyware, backdoors, Trojans etc) and also protects their desktops and laptops from intrusion attempts over the Internet or internally by providing a firewall for also these devices."

© CIOL Bureau