Web security still worries consumers as market for online security products moves forward Several new products protect intranets, e-mail, and transactions By Marc Ferranti, IDG News Service

January  1997

Mail this article to a friend

Whether people are more likely to be victims of fraud by punching in credit card numbers into a PC or sending out e-mail, rather than speaking credit card numbers aloud to someone on the phone or mailing a letter, is debatable. But there is a perception of lack of security online.

For example, while 62 percent of consumers believe that the telephone is "safe and secure," only 28 percent believe that the World Wide Web and online services are, according to a poll commissioned by AT&T and carried out by Odyssey, a research firm in San Francisco. This could account for the fact that while 39 percent of the 2,003 consumers polled said they expect to make an online purchase next year, 58 percent said they would purchase goods by phone.

"There are two ways to look at the equation -- for people who have made purchases online, they perceive it to be as reliable, comparably, to anything else," said Michael Coates, a spokesman for Virtual Vineyards in Palo Alto, CA. More than 90 percent of consumers who purchase food and wine products listed at the Virtual Vineyards Web site do so by typing in credit card numbers online rather than using the 800 number listed on the site, Coated pointed out. "But for those people not used to the Internet, security is an impediment."

To enhance security, Virtual Vineyards will incorporate the Verisign authentication-certificate software into its site, based on Silicon Graphics Inc. servers.

Security is also a major issue for consumers who would like to do banking by PC, network administrators who need to protect intranets from intruders on the Internet, and users who want to make sure e-mail can be read only by the intended recipient.

Emerging products
For network managers or end users shopping around for security products to protect intranets, e-mail, or transactions, there is a growing market of products. Some products coming on to the market now include:

• PrivaSuite from Aliroo Ltd.
  The package includes three programs: PrivaMail, for encrypting all or parts of text sent by e-mail or other transmission systems; PrivaSoft, for encrypting faxes, which are descrambled by scanning them into a computer; and PrivaFile, for encrypting and compressing files for archive security and e-mail. The encryption uses a private/public key technique, which allows users to send encrypted messages to anyone who has a public encryption address. The receiver then uses a private key to open the file. The software comes in 40-bit and 56-bit encryption versions, and a trial version can be downloaded from the company's Web site. Single-user versions are priced at $98, and corporate server-side versions are also available with user management functions. Versions are available in English, Portuguese, Spanish, German, Japanese, and Chinese.

• Private I from Open Systems Solutions Inc.
  The product is an add-on to Cisco Systems Inc.'s Private Internet Exchange (PIX) firewall system. Private I integrates the PIX system logs to create audio, screen, e-mail, and paging alerts as well as graphs and usage statistics. Firewall reports can be issued as often as once a second. The software also can produce ad-hoc query reports on system usage. Different versions of the product work with the different versions of PIX, which scales up to more than 16,000 simultaneous TCP/IP connections. Pricing starts at $2,000 for the PIX-32 system, scaling up to $7,500 for the PUIX-1638.

• Digipass from Vasco Data Security Inc.
  Digipass is a system based on "tokens" in which the client units look something like a small electronic calculator. When users log on to a system or send or receive information, they use the token, which generates a one-time, unique password using a calculation that takes into account the time of day. The calculations generated by the token are synchronized on the server side. The system is designed for financial institutions as well as corporations that want a more sophisticated authentication system than what typical, unchanging passwords provide. Pricing starts at $50 per token, with volume discounts. Digipass is being introduced now in U.S.; it has already been available in Europe, through Belgium-based Lintel Security, a Vasco subsidiary.

• WebStalker-Pro for Windows NT from Haystack Labs Inc.
  WebStalker, already out for Unix systems from Sun Microsystems Inc. and IBM, is designed to supplement firewall software by monitoring all activity at a Web site server, shutting down connections from unauthorized users and issuing usage reports. The system also offers management features such as automatic restart for servers that go down. The product, available in the first quarter next year, is priced at $2,995.

• SurfinGate 1.0 from FinJan Software Ltd.
  The software analyzes applications downloaded from the Internet, such as Java applets or ActiveX controls, at the gateway, before the applications pass through to a company's intranet. Network management functions allow managers to determine which departments or groups of users are allowed access to different types of Internet downloadables. The product also comes with a database of downloadable programs that are known to do damage. Another product, SurfinShield, which monitors downloadables at the desktop level, now features ActiveX control scanning abilities, in addition to Java scanning. SurfinGate and the new version of SurfinShield will be available in the first quarter of 1997. SurfinShield is priced at $49 per user; pricing for SurfinGate starts at $1,250, depending on the number of users.

--Marc Ferranti, IDG News Service, New York Bureau

Resources

• "Wire your business now,"
  http://www.sunworld.com/swol-12-1996/swol-12-internetworld.html
• "When will business boom on the 'Net?"
  http://www.sunworld.com/swol-12-1996/swol-12-ecommerce.html
• Virtual Vineyards
  http://www.virtualvin.com/
• Aliroo Ltd.
  http://www.aliroo.com/
• Open Solutions Inc.
  http://www.opensystems.com/
• Vasco Data Security Inc.
  http://www.vasco.com/
• Haystack Labs Inc.
  http://www.haystack.com/
• FinJan Software Ltd.
  http://www.finjan.com/

If you have technical problems with this magazine, contact webmaster@sunworld.com

URL: http://www.sunworld.com/swol-01-1997/swol-01-ecomm.html
Last modified: