An Executive Perspective on Viruses, Spam and Sarbanes-Oxley

"Going on offense, proactively authenticating and provisioning users and services, is the only way forward to defeat spam and viruses, and ultimately help manage your fiduciary obligations."

--Jonathan Schwartz
Executive Vice President, Software Group

Jonathan Schwartz on protecting your network from security attacks.

Features
»	Designing for the Future
»	Sun's Senior VP of Global Customer Services Discusses the Importance of Prevention First, Fix Second
»	An Open Letter from David Yen
»	Sun Microsystems, Inc. 2002 Annual Shareholders Meeting
»	Glenn Weinberg, Vice President, Operating Platforms Group Elaborates on the Solaris 10 Launch
»	Sun News - Features - MLB.com/Sun Announcement Hal Stern Q&A
»	Perfect Fit.The new Sun Fire 12K server neatly contains costs and still allows for future growth.
»	NC04Q2 Pre-Photo
»	Web-based Technologies Move to the Head of the Class
»	Novell/SuSE Linux Q&A With John Loiacono
»	JDJ INDUSTRY PERSPECTIVE: The End of Middleware
»	HP Statement
»	Sun Strategy Makes HP Blink
»	A Profile on Project Looking Glass Creator, Hideya Kawahara
»	Get the Facts about Sun and x86
»	What is an RSS Feed?
»	JavaOne 2004
»	Get the Facts about Sun Microsystems Network Systems Group
»	Sun's iWork Program Wins Global Innovators Award
»	Sun Makes The Net Work For Retail
»	Press Release
»	Q&A: Interoperability on the Desktop
»	Sun Studio 8 Ships; java.net Launches Industrial Java Community
»	Convergence at the Edge, Q & A with Neil Knox , Executive Vice President, Volume Systems Products
»	Sun Steps Up With Terascale Computing and On-Demand Capacity
»	Network Computing O3-Q3 Live Press Resources
»	Network Computing O3-Q3 Live Press Resources
»	Disaster Planning That Pays for Itself
»	Announcement
»	Network Computing O4-Q2 Press Resources
»	JavaOne 2004
»	A Conversation with Scott Kraft on Sun's Innovative Advertising Campaign
»	Innovation Still Matters
»	The Reality of STP: No Stopping, No Waiting
»	TEXAS INSTRUMENTS RENEWS COMMITMENT TO SUN/SAP PLATFORM
»	A Q&A with Juan Carlos Soto, Director, Advanced Technologies, Sun Software
»	Don't Let DRM Lock You In
»	Blossoming Business
»	Sun News - Features - Sun/Microsoft Q&A with Greg Papadopoulos
»	Company Statement
»	N1: The Future is Here
»	Sun Lights Up Las Vegas: See Sun at COMDEX This Week
»	Book Review
»	Press Release
»	Interview with Hal Stern and Hal Jespersen
»	i2 Technologies
»	CTIA 2005
»	Q&A With Simon Phipps of Sun Microsystems
»	Telecommunications Q&A with Elie Simon, Vice President, Sun Microsystems EMEA
»	Jonathan Schwartz Comments on the Symantec-Veritas Deal
»	Network Computing O5-Q1
»	FIRST ECONOMIST AWARD FOR INNOVATION IN COMPUTING GOES TO JAMES GOSLING FOR THE JAVA PROGRAMMING LANGUAGE
»	Network Computing: Consolidation Chalk Talk
»	American Workers Deserve To Be Thanked, Not Spanked
»	Identity Crisis Resolved: Sun ONE Platform for Network Identity provides solid solutions to the decade's defining issue
»	Solaris Open Source Community Quotes
»	Sun Microsystems Executive Briefing Center Showcases Real-World IT Solutions to Business Issues
»	Sun Shone Brightly on BioITWorld Conference & Expo
»	Network Computing O4-Q1 Press Resources
»	Sun Exec Q&A: Open Source Solaris
»	Healthcare Solutions for Midsize Enterprises
»	Industrial Strength Graphics
»	Worldwide Volunteer Week Profiles
»	311
»	Free Advice for Sam Palmisano on IBM's Desktop Options.
»	The Calm Before--and During--the Storm
»	Sun Microsystems, Inc.'s Special Counsel Michael Morris comments on Judge Kollar-Kotelly's Ruling Today
»	Changing the Landscape of PC Security
»	Completely Extreme
»	Interview with Mike Haymaker
»	Give Schools A Choice
»	SunNetwork Asia Conference and Pavilion Postponed
»	Press Release
»	Focus On: Customers and Partners
»	ANNOUNCEMENT OF ST?PHANE BOISVERT BEING APPOINTED AS PRESIDENT OF SUN MICROSYSTEMS OF CANADA, INC.
»	Sun Fire Serves Up Greater Investment Protection than IBM pSeries
»	SUN/AMD PARTNERSHIP MILESTONES
»	Solaris: Operating Environment or Motion Picture?
»	Sun Labs Day at the Computer History Museum
»	Sun News - Features - Java Technology and the Mission to Mars
»	NHL Entry Draft
»	Q & A: John Fowler, Executive Vice President Network Systems
»	The Next Big Thing
»	China Standard Software Company
»	Java: Bet Your Business On It
»	Microsoft Removing Java From Applications
»	Sun At AIIM/ONDEMAND 2003: Showcasing The Platform Of Choice For Content Management
»	JavaOne 2004
»	Sun Grid and its impact on the emerging concept ofutility computing
»	Sun News - Features - Sun Cluster Q&A with Sohrab Modi
	An Executive Perspective on Viruses, Spam and Sarbanes-Oxley
»	Celebrities Tee Off At The 3rd Annual Sun Microsystems John Elway Celebrity Classic
»	SUN DEVELOPER COMMUNITY GROWS AS JAVA USER GROUPS TOP 600
»	James Gosling Elected to National Academy of Engineering
»	Network Computing: The Foundation For Lifelong Learning
»	Sun's VP of Global Public Policy, Piper Cole, talks about the issues related to stock option expensing.
»	iForce Partner Program: Advancing Sun's Partnering Legacy
»	Sun at OracleWorld
»	Sun Says HP Away!
»	The Network Integration Paradox
»	Goodbye to licensing woes
»	Academy Honors Two from Sun Laboratories
»	Sun Teams With Bono to Enlist Americans for ONE Campaign
»	Q&A: Sun at ITU Telecom Asia
»	Network Computing O4-Q1 Press Resources
»	Hershey Foods Corporation
»	Sun News - Features - Java 2 Platform Standard Edition (J2SE) 5.0 (`Tiger`)
»	Sun Software Quarterly Town Hall (11/02)
»	Sun Software Quarterly Town Hall (03/03)
»	Sun/Microsoft Press Conference
»	Sun Storage Fulfilling Customers' Needs in 2002
»	Sun Adds Web Services Interoperability and Open Standards to the J2EE Platform
»	SUN CHARTS NEW COURSE FOR SERVICES: INTELLECTUAL PROPERTY TAKES CENTER STAGE
»	Major League Baseball had (Web site) record day Monday
»	Sun Microsystems Honored for Outstanding Community Service by Points of Light Foundation and the Volunteer Center of San Francisco
»	An Open Letter From Jonathan Schwartz
»	THE CHANGING FACE OF SOFTWARE
»	Focus On: X 86
»	Sun Statement On Kruz Complaint Filed In Santa Clara Superior Court
»	Sun Storage Executive Richard Napolitano Heads New Data Services Platform Group for Sun Network Storage
»	An Open Letter to Eclipse Membership
»	Sun News - Features - Sun/Microsoft Q&A with Greg Papadopoulos
»	StorEdge Newsbyte
»	Stanley Cup Fever: Hurricane Fans Go Wireless
»	Scott McNealy Fall COMDEX 2002 Keynote Speech 11/18/02
»	Sun Strengthens SAN Portfolio with New Offering for SME Market
»	Java Q&A With Ingrid Van Den Hoogen
»	Network Computing O4-Q1 Press Resources
»	John Fowler, VP and CTO, Software elaborates on the landmark agreement between Sun and Microsoft
»	Q & A with Alan Duboff
»	Sun News - Features - Solaris 10 Network Computing O4-Q4
»	Q & A with Stephen Borcich
»	Q & A with Sun Fellow Nick Aneshansley (4/03)
»	JDJ Exclusive: Scott McNealy's 2004 Predictions
»	PARTNERSHIP DRIVEN INNOVATION: SUN MICROSYSTEMS HIGHLIGHTS 20 YEARS OF JOINT SUCCESS WITH ORACLE
»	SUN PLATFORM TO CARRY SUNGARD'S BRUT TO TOP ONE ECN
»	Network Computing O5-Q1 Preview
»	Java Technology Moves the Game Industry to the Next Level
»	Press Release
»	Future Bright for Java Technology Developers
»	SUN EXCELS IN THE HIGHER EDUCATION MARKET
»	Sun on Wall Street
»	Java Technology Takes Web Services Straight Through to Wall Street
»	JOHN ELWAY CELEBRITY CLASSIC Q&A
»	Sweden's Royal Institute of Technology Honors Sun Labs' Radia Perlman
»	N1 Q&A with Steve MacKayVice President, N1 and Management Systems
»	SUN AND SYMANTEC INTRODUCE SECURITY APPLIANCE FOR INTRUSION DETECTION
»	Stop Cyber-Attackers Before They Stop You
»	The Digital Campus Evolves
»	Network Computing O3-Q4 Live Press Resources
»	FAST FORWARD
»	Sun's X86 Strategy
»	Q & A on Grids in the Linux World
»	Strategies to Combat the Spread and Impact of Viruses.
»	Q and A with Neil Knox
»	Oracle Uses Sun to Save Time and Costs
»	Statement 3/16/05
»	Sun Wins Design Awards, Joins Ranks of Eero Saarinen and Charles and Ray Eames
»	Listen to Jonathan Schwartz talk about Sun's software security
»	Honors Bestowed on Sun Microsystems, Five Women Executives
»	Q&A With John Loiacono of Sun Microsystems
»	StorEdge Newsbyte
»	Sun and Partners Showcase Solutions for the Healthcare Industry at HIMSS 2003 in San Diego
»	Sun's New Digital Asset Management Reference Architecture Speeds Time to Deployment and Lowers Risk for Media, Entertainment and Broadcast Companies
»	CANEPA'S LEADERSHIP BRINGS SUN STORAGE FRONT AND CENTER
»	Mainframe Rehosting
»	Sun Microsystems Named to the Red Herring 100
»	Q&A with Mike Green
»	How to Take "Spam" off Your Menu
»	Sun Teams with Ford Research to Design "Internet Services Vehicle" of the Future
»	Sun Takes Center Stage At Worldwide Conferences
»	Sun Microsystems Makes the Net Secure for Manufacturing
»	Sun Takes the Lead in Mid-Range Storage Price/Performance Across Heterogeneous Operating Systems
»	Sun News - Features - Q&A about Regional Health Information Organizations (RHIOs)
»	Partnering Benefits Midsize Enterprises
»	Sun Takes "Fear Factor" out of Network Computing
»	Sun News - Features - Global iForce Initiative: Collaborating for Customer Success
»	25 Years

Java Solaris Communities Partners My Sun Sun Store

United States Worldwide

"Going on offense, proactively authenticating and provisioning users and services, is the only way forward to defeat spam and viruses, and ultimately help manage your fiduciary obligations."

--Jonathan Schwartz
Executive Vice President, Software Group

Jonathan Schwartz on protecting your network from security attacks.

Executive Perspective

An Executive Perspective on Viruses, Spam and Sarbanes-Oxley

Jonathan Schwartz
Executive Vice President, Software Group
Sun Microsystems, Inc.

Monday, Mar 1, 5:00 PM PST

When's the last time you made a prank phone call from your wireless phone? Or made a fake withdrawal from your ATM machine? Odds are, you never have. Here's why: It's because the carriers, on whose networks your phone is used, and the banks, on whose networks your ATM is operated, go to great lengths to know exactly who you are. They've used multi-factor authentication, coupling a password with the physical presentation of an ATM card in the banking scenario, or a Java Card SIM (subscriber information module) in the mobile handset example. And strong authentication has this funny impact on mischief. It prevents mischief from even happening.

Now just ask yourself: How much confidence do you have about who (or what) is running on your corporate network? Chances are it's nowhere near the same level of confidence as the banks and wireless companies. And unless you find an alternative to the company that brought you the most vulnerable environment on the network today, you're in for an IT flu season that may never end. If the technical issues of loose control of networks are not enough to scare you, the additional pain of corporate reporting and accountability in the new regulatory environment should be. If you thought viruses alone were bad, the Sarbanes-Oxley Amendment now requires an unprecedented level of knowledge and surety surrounding who has access to what.

So in the ever increasing war on viruses, and in advance of legislative mandates, what can you learn from the financial institutions and mobile carriers that operate some of the safest, yet most open, networks around?

First, it's time to implement multi-factor authentication. With smartcard readers shipped on most of the industry's PCs, and Java Card support being bundled into most PCs shipped by Dell, Hewlett Packard, and a slew of others, now's the time to understand how the world's most popular smartcard platform can help you secure your data and services. Just as it secures the mobile telephony industry, the US Government's Department of Defense, and a host of financial institutions.

Second, simplicity matters. You can't use your phone without its SIM. You can't use an ATM machine without your card. You shouldn't be able to use your PC without inserting your smartcard (whose authenticity can be strongly validated by a trust authority, such as a bank). A simple integrated smartcard offers far more reliable security than almost anything else -because it's simple. And therefore likely to be used, and not bypassed. And if you require smart card authentication, you'll be able to instruct your email application to only show you email from individuals and employees who've presented a valid card, as well. Just imagine, spam would disappear instantly. As would phisher frauds. Authenticate the content, and viruses would vanish, too.

Third, taking those steps puts you way ahead of the game in responding to government mandates. Where do most security violations emanate? From the orphaned accounts of former employees, or from current employees out to do harm. Not black hat hackers. Your own systems and employees. Think about it - how long does it take you to issue the parade of new accounts required by a new employee? Probably longer than you spend de-provisioning someone who just left the company, and with no greater accuracy. Why? Because you do it manually, system by system.

And how can Sun Microsystems help?

We're the company that architected the Java platform and the Solaris operating platform, both on the assumption that we live in a world that can be a hostile place.

We engineered security in from the start - eliminating buffer overflows in Java, and integrating strong authentication at the outset with the Java Card. Spanning more than a billion instances, from smart cards to home audio equipment, handsets to supercomputers, the Java platform is the most comprehensive network execution environment ever invented. And having been built by and for the telecommunications industry, Solaris has its roots in the same belief system.

Sun Microsystems also recently introduced the world's most secure alternative to the Microsoft Windows platform, the Java Desktop System. At a tenth the price of Microsoft's products, you'll find a breadth of security infrastructure - from centralized management of application features (the best way to limit macro execution is to turn them off for most employees), to Java Card integration, and an inherent inability to run Windows viruses.

Finally, and most importantly, we're a public company that has to comply with the same legislative mandates as our customers. We use our own infrastructure, from the market's leading directory and identity technologies, to the industry's most secure and efficient access provisioning technology. These authentication capabilities can help customers start to address government reporting requirements, while keeping MyDoom, and every other network intruder, well beyond arm's length.

Network security can never be about building a bigger moat and firewall. Defensive security measures can only go so far. Going on offense, proactively authenticating and provisioning users and services, is the only way forward to defeat spam and viruses, and ultimately help manage your fiduciary obligations.

Search Sun News

Press Room:
»	Archived Features
»	Company Info
»	Executive Bios/Photos
»	Photo Gallery
»	Press Contacts
»	Press Kits
»	Press Releases
»	Sun in the News
»	Week in Review



Related:
»	Analyst Relations
»	Investor Relations
»	Employee Blogs
»	Corporate Governance
»	Public Policy
»	All Product Reviews
»	Customer News
»	Reality Check
»	Contrarian Minds

Print-friendly Page

Search Sun News

Press Room:
»	Archived Features
»	Company Info
»	Executive Bios/Photos
»	Photo Gallery
»	Press Contacts
»	Press Kits
»	Press Releases
»	Sun in the News
»	Week in Review



Related:
»	Analyst Relations
»	Investor Relations
»	Employee Blogs
»	Corporate Governance
»	Public Policy
»	All Product Reviews
»	Customer News
»	Reality Check
»	Contrarian Minds

Oracle is reviewing the Sun product roadmap and will provide guidance to customers in accordance with Oracle's standard product communication policies. Any resulting features and timing of release of such features as determined by Oracle's review of roadmaps, are at the sole discretion of Oracle. All product roadmap information, whether communicated by Sun Microsystems or by Oracle, does not represent a commitment to deliver any material, code, or functionality, and should not be relied upon in making purchasing decisions. It is intended for information purposes only, and may not be incorporated into any contract.

About Oracle | Oracle and Sun |