Previous | Table of Contents | Next |
Standalone direct connections and standalone buffered connections differ from full direct connections and full buffered connections because the Internet connection is not directly tied to the enterprise network. Would-be hackers therefore cannot gain access to the companys network. Likewise, employees may not have a direct Internet connection. This option is the most secure but usually the least flexible.
Many companies are implementing standalone buffered connections, in which Internet access not linked to the enterprise network is provided by a third-party, through outsourcing. When a company outsources its Web needs, it subcontracts with another company that specializes in creating and maintaining commercial Web pages. The costs associated with this popular option vary significantly. Organizations must weigh the benefit of increased security against the disadvantages of not having direct access to the Internet. Exhibit 2 summarizes the degrees of flexibility, costs, and security risk associated with each of the four connection options.
Securing a corporate network environment is similar to building a house. No amount of amenities can make up for the lack of a well thought-out design plan and a solid foundation. Without these, the house will always be flawed.
Security policies must also begin with a solid foundation in the form of virus protection and password integrity established before an Internet connection is obtained. Once the foundation has been laid, security managers can build strong and secure protection for a corporate network by moving through five levels of security:
The following sections review these levels and the options available within each.
If virus protection and password integrity form the foundation of a secure environment, the patching of known security holes marks the beginning of a supporting frame. Many of these holes result from the fact that the Internet, and many of the protocols associated with it, were not designed to provide a high level of security.
One known security hole results from the UNIX operating system which was designed by computer engineers to make their work easier to manage. The UNIX OS lets an approved user log in from anywhere at any time to administer the system. By gaining access to the root, system administrators can manipulate all files that reside on the UNIX workstation and from there enter a corporate network. Unfortunately, unauthorized users who know how to exploit these features can do the same thing. Fortunately, much of the server software and many of the operating systems can be altered to greatly improve security.
Although a knowledgeable systems administrator can patch many of the holes in the security armor of a companys server or network, others are not so easily fixed and still others are as yet unknown. As a result, one of the best ways to protect mission-critical information is to move it onto other servers or networks that are not connected to the Internet.
Yet some critical information usually needs to be available on the portion of the corporate network accessible to the Internet. Several steps can be taken to improve the security of this information.
One way to begin to detect holes in the corporate server or network is to run a program designed to identify potential security risks. Many of these programs are controversial because they are also used by hackers. Yet it is precisely for this reason that organizations must use the programs, two of which are SATAN and Internet Scanner.
Other steps a network administrator may take include turning off unneeded UNIX functions that provide security holes and changing the default passwords. Web servers can also be set up in unprivileged mode, and the root directory should not be accessible. Sending NFS files outside the internal network should be prohibited, and send mail and mail aliases should be restricted. If FTP services are necessary, then the network administrator should restrict writable access to FTPs home directory. Files in the anonymous FTP should also not be writable or ownable. Restricting logins and hiding domain name services also helps secure the corporate environment.
Once known holes are patched, network administrators need to stay on top of who may be trying to break into their computers as well as at other Internet sites. Several mailing lists, such as those run by the CERT provide updates of security violations. The alert mailing list, for example, can be subscribed to with an E-mail message to request-alert@iss.net that contains the message subscribe alert. Such information is also available from Web sites.
Because only about 5% of all intrusions are detected and only 5% of these are reported, staying on top of who is trying to break into a corporate computer also requires that server logs be monitored for unusual activities. For instance, one of the new ways for hackers to break into Web sites is to put rogue code onto a Web server by overrunning a software buffer. This gives an intruder unauthorized access to the account under which the HTTP process was running. When oversights such as this are found in the software, the Web server needs to be quickly patched. Copycat hackers are only too ready to exploit the system flaws found and advertised by other hackers.
Once security holes are identified and patched, managers should consider encryption software and authentication. Encryption programs let users encrypt their communications so that they cannot be as easily read by unauthorized parties. Using such software can be likened to locking the doors to a house or sealing an envelope. Encryption programs apply cryptographic algorithms to break down ordinary communication messages (i.e., E-mail) into unique codes that can be unlocked only by individuals who possess the unencryption key.
Previous | Table of Contents | Next |