User Indifference Thwarts Electronic Signature Effort

Computerworld - An e-mail from the director of marketing put a spring in my step this week. He and I have locked horns over security issues in the past. Marketing always wants to develop new services and offer our clients access to them online.

Those are good business ideals, but marketing never seems to think about the fallout from such schemes. I've had to steer them away from the plans that were the most—well, I'd call them mad, and they would probably call them innovative.

This healthy tension between taking risks to bring in new business and protecting our brand has meant that although we get on very well personally, professionally we often find ourselves in heated debates about new projects. But for once, the marketing director's e-mail seemed to show that we were perfectly aligned. He wanted to discuss electronic signatures on our Web site, with reference to distributing documents to shareholders and customers.

An e-mail like that makes me want to dance—in the past six months, I've put some effort into sorting out a decent system for pushing out public-key infrastructure and signatures to clients. The result is multivendor compatible, with a distribution system using Mountain View, Calif.-based VeriSign Inc.'s Secure Sockets Layer certificates to authenticate us to our clients.

This system wasn't backed by the business teams because they felt the time wasn't right. Although they didn't stand in the way, we had to beg and borrow the budget for software and equipment to get the system working. But this e-mail showed me that my work hadn't been in vain: Marketing now wanted to take advantage of the setup. No doubt the plan was to use digital signatures to ensure that the information that affects prices couldn't be tampered with while being downloaded.

Additional Resources

WHITE PAPER

Forrester Consulting - Optimizing Users and Applications in a Mobile World

Solving application issues over the WAN requires careful consideration. Based on their independent research, Forrester Consulting offers recommendations on how to tackle application performance issues, insufficient bandwidth and the inability to quickly restore users in a disaster.

Read now.

WHITE PAPER

Enter the Security KnowledgeVault

Security is not an option. This KnowledgeVault Series offers professional advice how to be proactive in the fight against cybercrimes and multi-layered security threats; how to adopt a holistic approach to protecting and managing data; and how to hire a qualified security assessor. Make security your Number 1 priority.

Read now.

WHITE PAPER

Cut Communications Costs Once and for All

New IP-based communications systems are being deployed by small and midsized businesses at a rapid rate. Learn how these organizations are enabling faster responsiveness, creating better customer experiences, speeding office or mobile interactions, and dramatically reducing existing communications costs.

Read now.

Top Stories

• FAQ: WOA vs. x86, which Windows tablet to pick?
• The timeline's time has come
• Apple files another U.S. patent suit against Samsung
• Iran blocks access to some outside websites, services

Free Insider Guide

Excel 2010 Cheat Sheet

Register for this Computerworld Insider Cheat Sheet and gain access to hundreds of premium content articles, guides, product reviews and more.

Register for FREE now! »

Security White Papers

Overcome Top 7 Admin Challenges of Active Directory

As Active Directory's role in the enterprise has drastically increased, so has the need to secure the data. Gain insight on creating repeatable,...

Insiders Can Ruin Your Company. Take Action.

Did you know that 80 percent of threats to an organization come from the inside? The threat from insiders is often overlooked in...

Top Solutions and Tools to Prevent Devastating Malware

Custom malware frequently goes undetected. According to Forrester Research, the best way to reduce risk of breach is to deploy file integrity monitoring...

X-Ray of the PCI Process-4 Proactive Steps

This white paper from Forrester Research Inc., helps break PCI into understandable components. Security and risk professionals will gain knowledge and insight into...

Identity Governance: The Business Imperatives

This white paper describes the business challenges and opportunities that are driving interest in Identity Governance while discussing considerations your organization should make...

All Security White Papers

Security Webcasts

Live Webcast
Playing Defense: Staying on Top of Your Disaster Recovery Game

When it comes to disaster recovery, rapidly growing data volumes, distributed computing models, and new technologies all combine to present an ever-changing playing...

Introduction to VMware vCenter Site Recovery Manager 5

Traditional disaster recovery solutions are often too expensive, complex and unreliable to meet business requirements. As a result, IT departments are hesitant to...

The Top Ten Secrets to Avoiding SAN Performance Problems

Maintaining peak performance while simultaneously addressing the root cause of SAN errors is challenging. Learn the most common SAN problems and explore new...

Deduplication Without Compromise

Go inside Quantum's scalable, high-performance, multi-protocol new DXi deduplication appliances, designed to make backup much more effective. Discover how the new future-proof DXi6700...

Director of Disk Products Discusses DXi6700

Discover how the new DXi 6700 series of deduplication appliances provide investment protection and a future-proof feature set, all while delivering fast, scalable,...

Playing Defense: Staying on Top of Your Disaster Recovery Game

When it comes to disaster recovery, rapidly growing data volumes, distributed computing models, and new technologies all combine to present an ever-changing playing...

All Security Webcasts

Newsletter Sign-Up

Receive the latest news test, reviews and trends on your favorite technology topics

Choose a newsletter

1. Computerworld Daily News
2. Security
3. Virus and Vulnerability Roundup
4. Security: Issues & Trends
6. Industry Tech: Communication Carriers (ISP, Telecomm, Data Comm, Cable) Tech: Computer/Network Consultant Tech: E-commerce/Internet Tech: Manufacturing - Hardware/Software Tech: Retailer/Distributor/Wholesaler (computer-related) Tech: Service Provider (MSP, BSP, ASP, ESP, Web Hosting) Tech: VAR/VAD/OEM Tech: Other Non-Tech: Advertising/Marketing/PR/Media (Publishing, Broadcast, Online) Non-Tech: Aerospace/Defense Contractor Non-Tech: Agriculture/Forestry/Fisheries Non-Tech: Business Services/Consultant Non-Tech: Construction/Architecture/Engineering Non-Tech: Education Non-Tech: Finance/Banking/Accounting Non-Tech: Government - Federal (including Military) Non-Tech: Government - State/Local Non-Tech: Healthcare/Medical/Pharmaceutical/Bio-Tech Non-Tech: Insurance/Real Estate/Legal Non-Tech: Manufacturing & Process Industries Non-Tech: Mining/Oil/Gas Non-Tech: Retailer/Wholesaler/Distributor (non-computer) Non-Tech: Travel/Hospitality/Entertainment/Recreation Non-Tech: Transportation/Utilities (Energy, Water, etc.) Non-Tech: Other
7. Job Title IT Management: CIO, CTO, CSO IT Management: Executive VP, Senior VP IT Management: VP IT Management: Director IT Management: Manager IT Management: Supervisor IT Management: Systems Integrator IT Management: Technical Consultant Business Management: CEO, COO, Chairman, President Business Management: CFO, Controller, Treasurer Business Management: Executive VP, Senior VP, VP, GM Business Management: Director, Manager Business Management: Other Corporate, Business Manager Business Management: Consultant (Non-Technical) Other: IT Staff Other: Non-Manager
8. Company Size 20,000 or more 10,000 - 19,999 5,000 - 9,999 1,000 - 4,999 500 - 999 100 - 499 50 - 99 Less than 50
9. Country United States of America Afghanistan Albania Algeria Amercian Samoa Andorra Angola Anguilla Antarctica Antigua and Barbuda Argentina Armenia Aruba Australia Austria Azerbaijan Bahamas Bahrain Bangladesh Barbados Belarus Belgium Belize Benin Bermuda Bhutan Bolivia Bosnia-Herseg Botswana Bouvet Island Brazil British Indian Ocean Territory Brunei Darussalam Bulgaria Burkina Faso Burundi Cambodia Cameroon Canada Cape Verde Cayman Islands Central African Republic Chad Chile China Christmas Island Cocos (Keeling) Islands Colombia Comoros Congo Cook Islands Costa Rica Cote DIvoire (Ivory Coast) Croatia Cuba Cyprus Czech Republic Denmark Djibouti Dominica Dominican Republic East Timor Ecuador Egypt El Salvador Equatorial Guinea Eritrea Estonia Ethiopia Falkland-Malvinas Faroe Islands Fiji Finland France French Guiana French Pacific Islands (French Polynesia) French Southern Territories Gabon Gambia Georgia Germany Ghana Gibraltar Great Britain Greece Greenland Grenada Guadeloupe Guam Guatemala Guinea Guinea-Bissau Guyana Haiti Heard and McDonald Islands Holy See (Vatican City State) Honduras Hong Kong Hungary Iceland India Indonesia Iran Iraq Ireland Israel Italy Jamaica Japan Jordan Kazachstan Kenya Kiribati Kuwait Kyrgyzstan Laos Latvia Lebanon Lesotho Liberia Libya Liechtenstein Lithuania Luxembourg Macau Macedonia Madagascar Malawi Malaysia Maldives (Maldive Islands) Mali Malta Marshall Islands Martinique Mauritania Mauritius Mayotte Metropolitan France Mexico Micronesia, Federated States of Moldova Monaco Mongolia Montserrat Morocco Mozambique Myanmar Namibia Nauru Nepal Netherlands Netherlands Antilles New Caledonia New Zealand Nicaragua Niger Nigeria Niue Norfolk Island North Korea Northern Mariana Islands Norway Oman Pakistan Palau Panama Papua New Guinea Paraguay Peru Philippines Pitcairn Islands Poland Portugal Puerto Rico Qatar Reunion Romania Russian Federation Rwanda Saint Helena Saint Kitts and Nevis Saint Lucia Saint Pierre and Miquelon Saint Vincent and the Grenadines Samoa San Marino Sao Tome and Principe Saudi Arabia Senegal Seychelles Sierra Leone Singapore Slovakia Slovenia Solomon Islands Somalia South Africa South Georgia and the South Sandwich Islands South Korea Spain Sri Lanka Sudan Suriname Svalbard and Jan Mayen Islands Swaziland Sweden Switzerland Syria Taiwan Tajikistan Tanzania Thailand The Democratic Republic of the Congo Togo Tokelau Tonga Trinidad and Tobago Tunisia Turkey Turkmenistan Turks and Caicos Islands Tuvalu Uganda Ukraine United Arab Emirates United States of America United States Minor Outlying Islands Uruguay Uzbekistan Vanuatu Venezuela Viet Nam Virgin Islands (American) Virgin Islands (British) Wallis and Futuna Islands Western Sahara Yemen Yugoslavia Zaire Zambia Zimbabwe
10. US State Alabama Alaska Arizona Arkansas California Colorado Connecticut Delaware District of Columbia Florida Georgia Hawaii Idaho Illinois Indiana Iowa Kansas Kentucky Louisiana Maine Maryland Massachusetts Michigan Minnesota Mississippi Missouri Montana Nebraska Nevada New Hampshire New Jersey New Mexico New York North Carolina North Dakota Ohio Oklahoma Oregon Pennsylvania Rhode Island South Carolina South Dakota Tennessee Texas Utah Vermont Virginia Washington West Virginia Wisconsin Wyoming Puerto Rico Virgin Islands Guam American Samoa U.S. Minor Outlying Islands Armed Forces Africa Armed Forces Americas AA Armed Forces Canada Armed Forces Europe AE Armed Forces Middle East AE Armed Forces Pacific AP
12. Subscribe View all newsletters | Privacy Policy

IT Jobs

See All Jobs Post a job for $295

Go

Jobs by SimplyHired

Security White Papers | All Security White Papers

• Overcome Top 7 Admin Challenges of Active Directory
• Top Solutions and Tools to Prevent Devastating Malware
• Identity Governance: The Business Imperatives
• Google: Security for Google Apps Messaging & Collaboration
• Fundamental Principles of Network Security
• A Proactive Approach to Server Security
• ESG Examines Hybrid Deduplication
• ESG: Quantum Targets Disk-Based Backup Price-Performance Leadership with New DXi 2.0
• Quantum DXi Solution Drives AAA Washington's Backup Success
• Data Deduplication for Dummies

• Insiders Can Ruin Your Company. Take Action.
• X-Ray of the PCI Process-4 Proactive Steps
• CA Technology Brief: CA Point of View: Content Aware Identity & Access Management
• An Interactive Guide: Bring Your Own Device
• Protection Against Modern Cybersecurity Threats
• Secure Internet Single Sign-On 101
• Data Deduplication Background
• DXi Solution Provides Triple Level of Protection for ResMed's Remote Operations
• 7 Deduplication Questions to Consider Before Deploying Deduplication
• Streamlined Data Protection - The Pain of Managing Tape Backups in Branch Offices

Sponsored Links

• Customized information views & Twitter events at New Fulcrum Point
• E-book: Discover Business-Ready Storage Systems For Oracle Environments
• Splunk translates machine data into "aha" moments for IT and the business.
• Converge your infrastructure with HP. Access a valuable case study in the CI Resource Center now.
• Panasonic Toughbook® mobile computers. Rugged. Reliable. Powerful.
• Protect your customers with VeriSign SSL, now from Symantec
• Citrix NetScaler. 2x faster 2048-bit SSL performance than F5. 50% lower SSL costs.
• Cisco's Unified Fabric delivers resiliency for optimal performance. Learn More
• Arm Your Defense & Offense in 2012 with the Websense Threat Report
• MIT Sloan Executive Education. innovation@work
• A better way to share files, whenever, wherever. Accellion. Share Securely on the Go.
• Power your Dev Teams and Accelerate Software Delivery
• Connect with global CIOs now at Enterprise CIO Forum
• Pinpoint root cause of network issues up to 90% faster
• Download Microsoft's latest Data Protection Management tool
• Not All QSAs Are Created Equal: What You Should Know Before You Buy
• The arrival of Serial Attached SCSI (SAS) marks a new era in storage scalability
• The AMD Virtual Experience Virtual Trade Show
• "The Definitive Guide to Security Management" Chapter 1: Introduction to Security Management

• Evolving Your Data Center for the Cloud
• Get Ethernet speeds from 1 Mbps to 10 Gbps - Comcast Business Class
• ExaGrid Gets High Marks in Independent Report from ESG
• Converge your infrastructure with HP. Access white papers, case studies, videos and more.
• Redefine Software support with HP
• Citrix NetScaler. 2x consolidation. For less than F5. Shift up to the Cloud.
• Ready for the Cloud? Not with F5. Shift to Citrix NetScaler. Shift up to the Cloud.
• Join the Conversation. Follow Oracle EPM & BI on Twitter Today.
• Stop backing up. Start solving forward with CommVault® Simpana® software.
• Cognizant. Leading in Business, Application & Technology Services
• Cisco's Unified Fabric delivers resiliency for optimal performance. Learn More
• Still managing your projects with spreadsheets? Move your IT projects in the Cloud!
• M.S. in Information Studies at Northwestern University
• Tolly Performance Report  "Citrix NetScaler with nCore Outperforms F5 BIG-IP"
• ITwhitepapers.com - Access thousands of white papers on 300+ technical topics.
• Leverage Your Cisco infrastructure for Superior Application Performance
• Learn about the AMD Virtual Experience
• "The Definitive Guide to Security Management" Chapter 1: Introduction to Security Management
• Introducing: Project Icebreaker

Resource Center

See your link here

THISWEEK'SGLOSSARY Back door: This is an entry into a system left by a trusted insider so that he can gain access after official privileges have been removed. The greatest back door of all time was developed by Unix co-creator Ken Thompson. He modified the C compiler so that it would recognize when the log-in command was being recompiled and insert code recognizing Thompson’s password, giving him entry to every system. Normally, a back door could be destroyed by removing it from the source code for the compiler and recompiling the compiler. But to recompile the compiler, you have to use the compiler. So Thompson had the compiler recognize when it was compiling a version of itself. It then inserted the backdoor code into the new compiler. Having done this once, he was then able to recompile the compiler from the original sources; the back door perpetuated itself invisibly. Logic bomb: This is a piece of code included secretly in software that will perform malicious acts at a set time if not stopped by the writer. Disgruntled ex-employees have used logic bombs to punish companies for sacking them. LINKS: This story tells how Emulex Corp. in Costa Mesa, Calif., lost $2.2 billion in market capitalization through a stock manipulation because it didn’t have effective electronic signatures for its documents. But at least the attacker got 44 months in jail. Look here for the legal mumbo jumbo behind the Electronic Signatures Act.