Previous Table of Contents Next


SECURITY ISSUES

Along with the benefits of enhanced access that corporate intranets provide lie some risks. Increasing the number of people who have access to important data or systems without supplementary protective measures adds vulnerability to an IT infrastructure. Integrating security mechanisms into an intranet minimizes exposure to misuse of corporate data and to overall systems integrity.

A secure intranet solution implies a seamless and consistent security function integrated among desktop clients, application servers, and distributed networks. It should include policies and procedures and the ability to monitor and enforce them, as well as robust software security tools that work well together and do not leave any gaps in protection.

The following basic functions are necessary for broad security coverage:

  Access control Access control software allows varying degrees of access and different granularities of access to applications and data.
  Secure transmission Mechanisms like encryption impede outside parties from eavesdropping or changing data sent over a network.
  Authentication This software validates that the information that appears to have been originated and sent by a particular individual was actually sent by that person.
  Repudiation Repudiation software prevents people who have bought merchandise or services over the network from claiming they never ordered what they received.
  Disaster recovery Disaster recovery entails both software and procedures that assist recovery from loss of data in an organization’s systems.
  Virus protection Antivirus software protects systems from disruptive to destructive viruses by detecting, verifying, and removing them.

Intranets that extend beyond organizational or company boundaries may require integration among various security systems. In addition, because intranets give more people the opportunity to access information, they can cause companies to increase their dependence on computer technology. This increased dependence requires that appropriate backup and emergency recovery measures be in place and that alternative links be available should the network experience an outage.

COSTS

Costs are another important intranet implementation consideration. Beyond the list prices for hardware and software components lie less obvious costs of administration, maintenance, and additional development.

Intranets are most effective if they include the following attributes:

  Reach Reach is the ability to easily connect with one or more employees, a group of contractors, suppliers and other vendors, and even millions of customers.
  Flexibility Flexibility provides the freedom to merge on either a permanent or ad hoc basis with anyone, anywhere, anytime — regardless of hardware or software differences.
  Scalability Scalability means the ability to handle up to the most demanding enterprise-level computing and transaction rates across disparate systems as needs justify.
  Transparency Transparency is the ability to interact with external or remote systems seamlessly and without regard for data location or underlying hardware or software.
  Security Security lets entire organizations come together for maximum synergy without jeopardizing proprietary data or compromising systems integrity.

CASE STUDY

Unisys is one of the many corporations to embrace the intranet concept. The company has already established a public presence on the Internet (www.unisys.com)and has since put into operation two intranets: the Idea Factory and the Marketplace Insider. Both are run from the server that supports the divisional network of the Unisys Computer Systems Group in Blue Bell PA.

Although each intranet was set up for a different purpose, both can be accessed by all employees from any Unisys location over the same communications links used to access the corporate network, including T1 and T3, ISDN (integrated services digital network), and ordinary dial-up connections using such products as NetBlazer and pcAnyWhere. Protection from unauthorized access is provided by Checkpoint Software’s FireWall-1 software.

THE IDEA FACTORY

The Idea Factory — implemented in December 1995 — is a virtual gathering place for members of the Computer Systems Group’s (CSG) technology-oriented community. The primary goals of the Idea Factory are to provide nearly effortless access to a vast technology resources library, connect thousands of employees with complementary skills dispersed around the globe, and promote the development of leading-edge technology solutions for Unisys customers.

One of the ways these goals are achieved is through chat rooms. Essentially, a chat room is a real-time bulletin board system. Instead of posting messages and replies on a bulletin board, a chat room allows participants to converse with each other in text mode. Organized by topic, the chat rooms provide a convenient way for employees to establish new contacts within the organization and tap into each other’s expertise. Some of the chat rooms have 400 to 500participants from all over the world who tune in and out at various times during the ongoing conversations.

For example, a customer’s configuration problem can be discussed in a chat room, allowing participants to brainstorm a possible solution. If the proposed solution proves effective, it is added to a reference database. Should another customer experience a similar problem in the future, a database search will reveal the solution instantly and result in a prompt resolution.

The creators of the Idea Factory focused on a specific community — CSG’s own technology-oriented employees, who are mostly engineers and geographically as well as organizationally dispersed. Initially, the focus was on such subjects as object-oriented architectures, multimedia, the Internet, and high-speed broadband networks. Access was provided to internally developed content and external links to other sources of information so users could have one-stop access to a vast library of technical resources.

The Marketplace Insider

The concept embodied in the Idea Factory was expanded in mid-1996 when the Computer Systems Group introduced the Marketplace Insider, which is intended to have a much broader appeal within CSG. It features a newsstand where employees can stay up to date on company- and industry-related developments. A resource center provides employees access to all the libraries within the division, and a human resources section provides a directory listing of CSG employees. An education area provides links to downloadable education tools. There is also an online organization chart and a swap-and-sell bulletin board.

The Marketplace Insider offers Lotus InterNotes links for the sales and marketing people so they can have intranet access to the competitive analysis database, marketing toolkits, and other resources. It also provides links to the Idea Factory.

Intranet Skills Sets

The skill sets required for developing an intranet are varied and quite specialized. Technical people need knowledge of systems and network architectures, understanding of the Internet protocol, and experience in developing applications. There is also a need for creative people, particularly graphic artists and HTML coders who excel at making the content visually compelling through the integration of images and text.


Previous Table of Contents Next

Copyright © CRC Press LLC