According to McAfee, Adobe Reader and Flash will surpass Microsoft Office as the top target for cybercriminals in 2010. Adobe products are very popular applications and because of this, the Adobe products have caught the attention of cybercriminals. (Adobe cites that Flash is "the world's most pervasive software platform, used by over 2 million professionals and reaching 99% of Internet-enabled desktops.")
Sounds like a huge potential for a lot of cybercrime!
The article also states that many security experts have warned of the potential security risk posed by Abode Flash. In November, Foreground Security identified a flaw in the way Web browsers handle Flash files that could be used to compromise Web sites that have users submit content.
"The short version of all this, of course, is that if I can convince a server to serve up a file on my behalf, I can use that file to attack the server," said Foreground Security researcher Mike Bailey.
Should the security concerns around Adobe Reader and Adobe Flash be of concern for Adobe Connect users? Considering Adobe Connect is 100% built on Flash, the answer would be YES.
The key takeway is to do your due diligence when it comes to researching web conferencing providers. Make sure they have independent 3rd party security certifications, such as SAS-70 certification, ISO attestations, or are in compliance with HIPAA. With advances in technology and cybercrime, SSL data encryption is not enough anymore. Security certifications are a must for every single company that is looking to protect its intellectual property and customer data.
Don't get caught ignoring the security concerns to save a few dollars. Your CIO is most worried about SECURITY in 2010, whether that be security concerns for smartphones, rogue antivirus, or cloud breaches. Risk your CIO's risk by looking for independent 3rd party security certifications when evaluating web conferencing providers.
Sources: Antone Gonsalves and Thomas Claburn from InformationWeek.
Comments