Page 353 -

P. 353

352 Part Two Information Technology Infrastructure

Controlling Network Traffic: Deep Packet Inspection
Have you ever tried to use your campus network and found it was very slow? It
may be because your fellow students are using the network to download music
or watch YouTube. Bandwith-consuming applications such as file-sharing pro-
grams, Internet phone service, and online video are able to clog and slow down
corporate networks, degrading performance. For example, Ball State University
in Muncie, Indiana, found its network had slowed because a small minority of
students were using P2P file-sharing programs to download movies and music.
A technology called deep packet inspection (DPI) helps solve this problem.
DPI examines data files and sorts out low-priority online material while assign-
ing higher priority to business-critical files. Based on the priorities established
by a network’s operators, it decides whether a specific data packet can continue
to its destination or should be blocked or delayed while more important traffic
proceeds. Using a DPI system from Allot Communications, Ball State was able
to cap the amount of file-sharing traffic and assign it a much lower priority. Ball
State’s preferred network traffic speeded up.

Security Outsourcing
Many companies, especially small businesses, lack the resources or expertise to
provide a secure high-availability computing environment on their own. They
can outsource many security functions to managed security service provid-
ers (MSSPs) that monitor network activity and perform vulnerability testing
and intrusion detection. SecureWorks, BT Managed Security Solutions Group,
and Symantec are leading providers of MSSP services.

SECURITY ISSUES FOR CLOUD COMPUTING AND THE
MOBILE DIGITAL PLATFORM

Although cloud computing and the emerging mobile digital platform have the
potential to deliver powerful benefits, they pose new challenges to system
security and reliability. We now describe some of these challenges and how
they should be addressed.

Security in the Cloud
When processing takes place in the cloud, accountability and responsibility
for protection of sensitive data still reside with the company owning that data.
Understanding how the cloud computing provider organizes its services and
manages the data is critical. The Interactive Session on Technology describes
how even sophisticated Web-based firms can experience security breakdowns.
Cloud computing is highly distributed. Cloud applications reside in large
remote data centers and server farms that supply business services and data
management for multiple corporate clients. To save money and keep costs low,
cloud computing providers often distribute work to data centers around the
globe where work can be accomplished most efficiently. When you use the
cloud, you may not know precisely where your data are being hosted.
The dispersed nature of cloud computing makes it difficult to track unau-
thorized activity. Virtually all cloud providers use encryption, such as Secure
Sockets Layer, to secure the data they handle while the data are being transmit-
ted. But if the data are stored on devices that also store other companies’ data,
it’s important to ensure these stored data are encrypted as well.
Companies expect their systems to be running 24/7, but cloud providers
haven’t always been able to provide this level of service. On several occasions

MIS_13_Ch_08 Global.indd 352 1/17/2013 3:10:24 PM

348 349 350 351 352 353 354 355 356 357 358