IT managers planning for possible security threats in 2006 might be tempted to look back at some of the big security debacles of 2005 for inspiration.

A major security breach at CardSystems exposed the personal data of more than 40 million credit card holders to possible fraud. Marriott tried to explain how it misplaced personal data for some of its 200,000 customers. Other major companies including Bank of America, Citigroup, and DSW Shoe Warehouse had similar woes.

In addition to these events, companies endured an increase in the sophistication of threats, including virus-infected e-mails, worms, spam, spyware, computer theft, and network intrusions. These computer-related crimes cost U.S. businesses an incredible $67.2 billion a year, according to FBI estimates.

Not Just One Threat
It would be easy for an organization to focus attention on any one security issue. However, the real threat for companies in 2006 won't be a single type of threat. Instead, it will be the explosive growth in the frequency and variety of attacks, and the amount of time, energy, and resources that will be required to defend against them.

It comes down to numbers. Consider the growth of the Internet in emerging markets like China, which in 2003 had roughly 50 million Internet users and today has more than 110 million users and growing. It's logical to predict that as the number of people using the Internet grows, so too will the number of criminals online and the opportunity for computer-related crime. Worse, since Internet growth is geometric, the increase in security threats is as well. It's a problem of Malthusian proportions.

The bottom line: one thing businesses can count on in 2006 is that there will be more computer-related security incidents - a lot more.

Impact of Attacks
The impact of just one attack on an organization with a global distributed network, whether it's a small, medium, or large enterprise, can grow exponentially with the size and scale of the operation, often with costly results.

A recent FBI survey found that almost a fifth of U.S. businesses reported 20 or more computer security attacks last year. Many more may go unreported for fear of lawsuits or being painted as a "target." Dealing with these crimes cost each company an average of $24,000.

The problem is that many companies have stitched together multiple solutions that are not necessarily designed to work together. This creates gaps in their security armor. In many cases, these gaps are often unknown or too expensive and complicated to address, leaving the company vulnerable to attacks and unable to respond when they occur.

Think back to last year's poster child for computer security breaches - CardSystems. It really doesn't matter what individual security products were in place. The proliferation of tools created gaps - kinks in the armor - and valuable data was stolen.

For organizations, the challenge becomes one of diminishing returns. A discussion I had recently with one of our customers illustrates the problem. Sure, he had a firewall and an anti-spam box, but linking them was beyond his capability. It was simply too complicated and costly in terms of manpower, software, and equipment.

The Best Offense Is a Good Defense
Whether a small business or a mega-enterprise, companies need to carefully consider the total cost of protecting their information assets - from the operational costs of managing the software and hardware to the potential impact on business. The fact is that multiple solutions require more IT resources and have a high probability of human error.

Unified threat management (UTM) is the most cost-effective approach to today's volatile security environment. And it's also really the only way to mount a comprehensive offense against the newer threats designed specifically to defeat individual security protections. UTM streamlines the management and operation of security solutions by bundling together the essential software and hardware needed to protect a company's core information assets.

All-in-one network security solutions available today combine security applications for Web, e-mail, and network security in integrated and easy-to-use packages. The benefits can be dramatic. A recent study found that an integrated solution took substantially less time - by a factor of four - to configure and deploy than systems using a patchwork of individual point solutions. This is in large part because the burden of relating one part of the security infrastructure to another to prevent sophisticated attacks is on the system, not on the network administrator.

UTM solutions that use open source technologies provide another critical advantage. These solutions benefit from the strength of the entire open source community by evolving to address new threats as they occur. By comparison, commercial solutions are only as good as the collective power of those working on them at that time. The speed and flexibility of open source technologies enable companies to scale as needed to threat volume and type.

Planning Ahead
Several other factors will influence the decisions of network administrators as they plan for this year's security threats.

Not only will they need to prepare for an increasing level of attacks this year, new government requirements may require businesses to increase security measures to protect personal data. Compliance efforts, such as those related to HIPPA and Sarbanes-Oxley, will continue to tax the resources of companies, both large and small. In addition, the popularity of VoIP technologies and mobile networks is opening new avenues for potential security breaches.

The good news is that the industry is beginning to look at new ways to improve network security that will have long-lasting benefits for businesses.

One of the more exciting areas of development is e-mail encryption and decryption. Did you ever get a new e-mail address, send a note to your friend in Japan, and within an hour start receiving spam on your new e-mail account? Advancements will enhance the amount of security in core messaging, making it more difficult for criminals to access e-mail addresses, effectively cutting off the fuel source for spammers, keyloggers, worms, and zombie attacks.

It's hard to know what will be this year's top security threats, but you can bet there will be a lot more of them. Organizations that take a proactive approach to protect their information assets will be happy and relieved that they did.

Astaro's Approach to Network Security
The threats to computer security seem to grow in intensity and frequency by the hour. As new and more sophisticated threats emerge, network administrators often throw another line of defense, i.e., another box, to stave off the attackers.

As a result, we have "point solution proliferation": multiple solutions from different vendors, all with their own user interfaces and learning curves, all of which place the onus on the network administrator to integrate them into a cohesive whole.

In 2000, Astaro Corporation conceived of the idea of deploying multiple network security solutions from one point. This concept, later coined "Unified Threat Management" by IDC's Charles Kolodgy, made a lot of sense back then and is even more cogent in today's threat environment.

By only installing a single, integrated security architecture, customers not only save time and money, they also get second- and third-order benefits from the integration like improved response to multi-technique attacks and improved network administration productivity.

Today, the growing complexity of threats is making the "one-stop" approach of UTM increasingly attractive. Security and IT managers are looking for ways to do more, but without the complexity of multiple vendors and platforms.

UTM manufacturers are producing ever more powerful products that secure an enterprise with "best-of-breed" solutions that were previously only possible on point products.

Astaro has taken a unique approach to UTM: it utilizes a combination of open source and proprietary technology to deliver flexible and cost-effective products.

To start, Astaro's hardware and software offerings are based on Linux (though it protects any kind of network, including Windows). Integrated into the Astaro system are nine security technologies - some open source, some commercial - that cover all aspects of security including network security (which includes firewall, VPN gateway, and intrusion protection), Web security (spyware protection, virus protection for the Web and content filtering), and e-mail security (virus protection for e-mail, spam protection, and phishing protection).

All of this is managed from Astaro's Web-based interface, which provides an intuitive GUI that makes it easy for network administrators to deploy, control, and maintain network security needs.

Among the open source projects that Astaro includes in its products and actively contributes back to include ClamAV (anti-virus), Snort (intrusion detection), and Netfilter/IPTables (packet filtering).

The open source model works for security because of the transparency inherent in the open source community (you can't sneak a back-door into something if the whole world is watching) and because of the responsiveness of the community, which is global, 24/7, and has millions of developers.

In the end, however, most customers only care about one thing: The world is a dangerous place and I need to protect my computers. Give me a product that just works.

Increasingly, the best way to do this is with open source, as Astaro has preached and practiced since 2000.