There's been a lot of commotion about electronic commerce. Part of the ruckus involves security. While there's still much to be done in this arena, software on the market right now offers government agencies, companies and individuals the tools to take some of the risk out of doing business over the Internet.

For any government agency, and certainly for individuals, powerful protective tools are important to the success of electronic commerce. The more secure the networks, the further electronic commerce will go.

Enterprise Security

SAFEsuite Decisions outlines the degree of security risks and allows users to make quick and informed decisions about protecting ongoing information.

It automates measurement and analysis of multisource data to enhance enterprise security.It provides valuable reports of enterprise security risks based on consolidated, correlated and coordinated cross-product analysis.

The execution and distribution of SafesuiteDecisions reports can be customized, automated and scheduled.

Central management of enterprise security data provides a scalable relationship database that serves as a central and persistent data store for all enterprise security data.

Secure data collection protects the movement of cross-product security information, including ISS SAFEsuite applications and third-party products.

Additional information is available by contacting Internet Security Systems at 678/443-6000.

Secure Workstation

SecureSuite enhances data security by requiring a fingerprint or other biometrics characteristic to be verified before allowing access.

SecureSuite is a three-in-one software package that provides a suite of biometrics security applications for Microsoft Windows 95/98.

Secure Logon allows users to log on to their workstations using fingerprints, other biometrics characteristic or an optional smart card to prevent unauthorized users from accessing the workstations.

Secure Folder allows file and folder encryption and protects files, folders and Web-page bookmarks. The locking and unlocking of directories, and encryption and decryption of files, are based on biometric authentication. It provides a 40-bit DES encryption engine with option to upgrade to higher 128-bit key length.

SecureSession stores the user name and password information for any Windows application, and releases it upon verification of fingerprint or other biometrics characteristic. After registering an applicant's username and password with SecureSession, a user can simply place his or her finger on the fingerprint scanner when the application requires authentication.

Additional information is available by contacting I/O Software at 909/222-7600.

Symantec

The Symantec AntiVirus Research Center (SARC) has developed an integrated repair solution for the Remote Explorer virus. Files infected by this virus become encrypted and corrupted. It reverses the encryption and repairs the corruption by downloading the Intelligent Updater from Symantec's Web site.

SARC has developed a standalone tool to remove the virus-installed-service from memory in Windows NT systems. It turns off the virus in an infected computer's memory so that it can be removed and repaired safely.

The tool is free for download from the Symantec Web site and it can be used in conjunction with many antivirus software.

Additional information is available from Symantec.

Enter Jonah

In an effort to make Internet security interoperable, IBM and Lotus have initiated Enter Jonah, a project designed to create a common Public Key Infrastructure (PKI) implementation based on the PKIX standards. The PKIX reference implementation provides a common security infrastructure for the use and management of public-key cryptography and certificates, including key, certificate and policy management.

Employing Intel's Common Data Security Architecture, Jonah implements all of the current PKIX

standards. Many leading companies -- General Motors, Netscape, Sun, Intel -- and associations and software vendors have started to support PKIX.

IBM and Lotus will use the code as the common PKI for their own products, including Notes and Domino, IBM Registry, Tivoli System, IBM eNetwork Directory Server and Global Sign-On.