Going Open Source causes IT security chaos if it is done just to save money
This is, says Philip Lieberman, President and CEO of Lieberman Software, the privileged identity management and security management specialist, a classic case of cybercriminals taking advantage of business computer users who have either overlooked the need to update their e-commerce software - or who are just too busy to keep track of all their applications.
"The fact that the e-commerce software that is at the heart of this problem is open source is probably the cause of the failure to patch and update, as unlike commercial software, there is no-one to 'nag' the user about the need to update," he said.
"Of course, the users of the e-commerce software also have the advantage that they will have saved money in going down the open source route, so it's a shame that they haven't invested some of those savings in additional software that auto-updates their applications or - at the very least - keeps track of the various versions of software installed and alerts them of the need to install the necessary patches," he added.
The Lieberman Software President, whose company supplies privileged identity management software, went on to say that good IT security is about developing the right strategy in managing your computer systems.
You can, he explained, install best-of-breed security software to defend your IT assets, but without an effective planning and review strategy to back that software up, the advantages can quickly be lost.
And the malware that has caused the German regulator to issue its warning, says Lieberman, takes advantage of outdated software of all types, with the end result that visitors to the various affected sites are being routed via drive-by download infections - something which can have a serious effect on the brand of the company whose Web portal is infected.
Word, he cautions, travels quickly about companies that fail to look after the security interests of their customers and site visitors. Before long, news of an infected e-commerce site will have spread far and wide, and sales will almost certainly take a nosedive as a direct result.
In the longer term, Lieberman says, it can cost a company dearly if it suffers reputational damage arising from a site infection, and this can even impact on its share price - all from a failure to keep the businesses' software up to date.
"You'd think the moral of the story here is to go for commercial software over open source, but the reality is that unless the company keeps its systems and software patched and fully up to date, its system security is going to be impaired - no matter what software it has installed on its systems," he said.
"With the newswires talking about as many as eight million infected Web pages arising from the osCommerce failure-to-patch saga, this is a potentially major problem that could so easily have been prevented. The message is clear: computer users need to patch, update and patch again, in order to maintain their optimal security posture," he added.
For more on Lieberman Software: www.liebsoft.com
For more on the German IT regulator's warning: http://bit.ly/nzxDZ0
Press releases you might also be interested in
Weitere Informationen zum Thema "Software":
Vom Dreiklang von Compliance, ITSM und DSGVO
Am 25. Mai 2018 ist es so weit: Die zweijährige Übergangszeit der EU-Datenschutz-Grundverordnung (EU-DSGVO) endet und das Gesetz tritt mit allen Konsequenzen in Kraft. Das stellt Unternehmen jeder Größenordnung vor enorme Herausforderungen. So verlangt die Verordnung europaweit von allen Betrieben, sämtliche Geschäftsprozesse kontinuierlich zu überprüfen und zu aktualisieren, die mit der Verarbeitung personenbezogener Daten zu tun haben.Weiterlesen