Going open source can cause IT security chaos

This is, says Philip Lieberman, president and CEO of Lieberman, a classic case of cybercriminals taking advantage of business computer users who have either overlooked the need to update their e-commerce software or who are just too busy to keep track of all their applications. "The fact that the e-commerce software, which is at the heart of this problem, is open source is probably the cause of the failure to patch and update – as, unlike commercial software, there is no-one to nag the user about the need to update," he states. "Of course, the users of the e-commerce software also have the advantage that they will have saved money in going down the open source route. So it's a shame that they haven't invested some of those savings in additional software that auto-updates their applications or, at the very least, keeps track of the various versions of software installed and alerts them of the need to install the necessary patches," he adds. The Lieberman president makes the point that good IT security is about developing the right strategy for managing computer systems. Anyone, he says, can install best-of-breed security software to defend IT assets, but, without an effective planning and review strategy to back that software up, the advantages may quickly be lost. "You'd think the moral of the story here is to go for commercial software over open source," continues Lieberman, "but the reality is that, unless the company keeps its systems and software patched and fully up to date, its system security is going to be impaired, no matter what software it has installed."