Remember to fix your systems
An updated anti-virus software solution is an integral part of any enterprise. But to have just an anti-virus solution may not be enough. Sophos recommends that customers should monitor announcements from OS, Application and Web server software vendors for details of new vulnerabilities in their product code.

Generally people do not bother to apply the fix when the security vulnerabilities are discovered. Only when a virus hits, or an application goes down, do the IT managers update or patch the software.

A study by the US Department of Commerce's NIST (National Institute of Standards and Technology) reported that bugs and glitches cost the U.S. economy about $59.5 billion a year. Around 80 percent of the cost of developing a software program is spent in identifying and correcting the flaws. It was found in the study that very few products of any type other than software are shipped with such high levels of errors.

It is advised that managers should keep themselves updated on new loopholes and apply patches as and where available before the new viruses exploit them. IT managers responsible for security should subscribe to vulnerability mailing lists operated by various vendors.

Emerging XML-based standard gets vendor support
SAML (Security Assertion Markup Language) an XML-based standard is under development. This standard that aims to help network executives build centrally managed and easy-to-share user identity systems has received vendor support.

Companies like RSA Security, Netegrity, Oblix, and Novell will support the standard. SAML, the emerging XML-based standard can be used to exchange authentication and authorization information.

The authorization and authentication information is portable across corporate networks, so a user authenticated on one company's network can be recognized on another and granted or denied authorization to access resources based on that authentication. The sharing of user identity is being referred as federated identity management and is emerging as a key technology for distributed e-commerce and Web services.

The use of the single user identity will allow companies to efficiently control who gets on their networks and what resources they use. The ID information can also be used to personalize services and portal interfaces. It can identify not only the users but also machines that need access to execute Web services in tandem with other machines.

IDC's Q1 2002 storage market study
IDC's report on the Indian storage market in Q1 2002, revealed that IBM India leads the domestic storage market with 23 percent market share. It leads with 5 percent points ahead of competition. IBM leads the external storage market in India, both in market share and growth.

The external storage revenue grew at 78 percent as per the IDC report for Q1 2002, while the TB growth was at 272 percent. At the end of the Q1, IBM is the leader in both unit shipments and revenue at 47,504 GB and US$ 2.3 million among the top three vendors in the domestic market. The market shares of Network Appliance and HP are at 18 percent and 17 percent respectively.

IDC estimates that storage capacity will increase at nearly 75 percent a year in the 2001-2003 time period. It also forecasts 67 percent of all storage to be networked by 2004.

In another IDC report the market share results for the HPC (High Performance technical Computing) market in the Q1 2002, Sun occupies the leading space in the Technical Divisional category-systems priced between $250,000 and $999,000-with 42 percent share. In the overall HPC space, Sun had 20 percent share of revenue representing a one percent quarter gain versus sequential losses by its closest competitors.