Computerworld
Home News Blogs ReviewsWhite Papers Newsletters IT Careers

resource center


Ads by TechWords

See your link here

Subscribe to our e-mail newsletters
For more info on a specific newsletter, click the title. Details will be displayed in a new window.
Hardware
Computerworld Daily News (First Look and Wrap-Up)
Computerworld Blogs Newsletter
The Weekly Top 10
More E-Mail Newsletters 
 

Print edition

Olympic IT security requires advance planning

Lessons learned in Salt Lake City in 2002 will come in handy in Athens

By Peter Sayer
August 13, 2004 12:00 PM ET
Recommended
(0)
Digg
Share/Email

IDG News Service - If there's one thing the Atos Origin SA team understands as lead contractor for the Olympic IT infrastructure, it's that you must learn from your mistakes.
One such lesson learned the hard way: IT security must be built in from the start, according to Claude Philipps, program director of major events at Atos Origin. For the 2002 Olympic Games in Salt Lake City, the company "started embedding the security too late, so it wasn't running well."
The lapse caused nothing serious, except for a few headaches. "We had a lot of attacks, but we ran the games safely," Philipps said.
During those games, the Atos Origin team found that the number of alarms generated by IT security systems could quickly become unmanageable without software help. With that in mind, Philipps expects to see 200,000 IT security alarms per day in Athens -- most of them irrelevant warnings -- and has software in place to help sort out the false alarms.
"This is not manageable," he said. "We want to reduce it to [the] 10 to 50 that are real."
Information security manager Yan Noblot explained how much goes into culling the false alarms from those that are real. To begin, he said he monitors traffic between the 10,500 or so workstations and 900 servers on the network.
"We start with the traffic in the venues and compare that with known traffic. This includes traffic at the operating system level," he said. "On top of that, we are receiving logs from all the routers and antivirus system."
This year, Atos Origin is using Computer Associates International Inc.'s eTrust to filter the alarms based on a set of rules developed by the team in Athens, Noblot said. "The amount of information generated every day is massive. You can't put all that on a screen. We have some business intelligence to extract what is really meaningful."
Careful filtering can help in other ways, too, particularly when it comes to Windows 2000 permissions. Noblot said the IT team will be using NetIQ Corp. for security administration.
"It allows us to have a more granular definition of rules," Noblot said. "We don't have to give admin rights to the help desk. We give them only the rights they need."
That precaution might rule out some social engineering attacks, but there are other ways in which the network can be vulnerable. In Salt Lake City, for example, would-be hackers got around application-level locks on public-access PCs by rebooting them and trying to get into the network


Reprinted with permission from

IDG.net
Story copyright 2009 International Data Group. All rights reserved.

Recommend Digg Twitter ShareThis
Email Print Send Feedback Reprints

Additional Resources

Xerox
Win a color printer!
By using solid ink technology only from Xerox, you could save up to 65% by printing color for the cost of black and white. Enter for a chance to WIN a PhaserTM 8860 network color printer!
Microsoft
Upgrade to Internet Explorer 8 today.
Save time and mitigate security risk. Deploy it now.
Sybase
NEXT-GENERATION MOBILITY PLATFORMS
In this white paper, IDC analyzes the role of next-generation mobile enterprise platforms as organizations seek a more strategic deployment of mobile solutions.

Learn the important issues you must consider before starting your next mobility initiative. Get your mobility white paper from IDC now, compliments of Sybase.

White Papers & Webcasts

What your IT equipment needs from a UPS
What your IT equipment needs from a UPS: The top five requirements that define "quality power" in the eyes of the power supplies...  

Strategic ECM Webinar
Learn what new strategic business benefits can be realized through ECM!...

Should Your Email Live in the Cloud - A Comparative Cost Analysis
Does cloud-based email make sense for your company? This report helps you calculate your onsite email costs and compare them to cloud-based alternatives....  

Managing And Protecting Your Ever Increasing Mobile Assets
Learn best practices for desktop and application virtualization, computer security, and computer life-cycle management....

Impact of the Dramatic Increase in Devices on the Cost to Support
This white paper describes the challenges that CIO's will face in coming years due to a dramatic increase in the number of devices...  

5 Architecture Issues that Impact BES performance
This Live webinar will identify critical log file errors, performance counters, and configurations to pay close attention to when optimizing BES server performance....

Hidden Cash: Maximizing the Value of Surplus Technology in a Down Economy
In today's tightened economy, all major technology purchases are being carefully scrutinized to ensure that each new piece of hardware and software can...  

Usability Is Everything
Learn what sets Workday's HR and Payroll solutions apart from the competition....

Your Network at Half the Price: Slash Network Hardware Costs With Pre-Owned Equipment
Pre-owned networking equipment is certainly less expensive than the new variety, but IT managers are often challenged to know when and how to...  

The Value of Real SaaS at Workday
Cost savings, speed to value, and innovation brought to the enterprise by Workday's software-as-a-service solutions for HR and Payroll....

All White Papers | All Webcasts

Computerworld Reports

An Interactive eBook: Enterprise Security

The Business Case for Server Virtualization

Computerworld Technology Briefing: Intelligent Users Use Business Intelligence

All Computerworld Reports
 
About Us Advertise Contacts Editorial Calendar Help Desk Jobs at IDG Privacy Policy Reprints Site Map
CIO Computerworld CSO DEMO GamePro Games.net IDC IDG IDG Connect IDG Knowledge Hub IDG TechNetwork IDG Ventures
IDG.net InfoWorld ITwhitepapers ITworld JavaWorld LinuxWorld Macworld Network World PC World The Industry Standard
Copyright © 1994 - 2009 Computerworld Inc. All rights reserved. Reproduction in whole or in part in any form or medium without express written permission of
Computerworld Inc. is prohibited. Computerworld and Computerworld.com and the respective logos are trademarks of International Data Group Inc.