Are you prone to paranoia?
Or just cautious?
Either mindset can work to your benefit when you decide how to secure your network. Given the slippery state and ambiguous nature of cyber crime, there is plenty of opportunity to inject personal style and preference into your company security policy.
Network security is a hot item this summer of 2000. A few high profile events involving state secrets, viruses, and e-commerce websites have raised the level of discussion about computer-based crime and mischief to unprecedented levels.
In and of itself, that's no big deal. Just about everything involving computer technology reaches new levels of attention and notoriety these days. Information technology moves like a whirlwind and is just about as difficult to chart.
Information security, however, is a very big deal for small business.
Let's start with a few fundamentals.
You've got something of value. In a word: Data.
Someone wants to steal it, damage it, or render it useless.
How do you prevent them from doing so?
END OF DRAFT NARRATIVE
July 17, 2000
-------
-------
-------
LOOSE NOTES: How does network security differ from security of other flavours?
Other than the notion that the devil is in the details, computer security is no different from other security issues faced by businesses.
Industrial espionage. Mindless vandalism. Vengeance and retribution.
Padlocks, guard dogs, alarm systems, human watchers, and video cameras protect the security of the physical assets of your business. What parallels can we draw to computer systems?
...
gain access remotely through active online connections.
gain physical access to elements of your systems.
....
Consider this cold fact: If hackers can break into networks at the Pentagon (the Solar Sunrise Pentagon hacking incident), NASA and Microsoft, how can they be stopped from breaking into yours? (The answer is not as cut-and-dried as it may seem. In some cases it's easier to secure a small Local Area Network than it is to protect the mammoth Wide Area Networks of government and multi-national corporations.)
....
Security policy: Computer security experts, firewalls, encryption, passwords
....
What do you have to secure your resources against? How do we identify the enemy?
....
"A few software vulnerabilities account for the majority of successful attacks
because attackers are opportunistic – taking the easiest and most convenient route.
They exploit the best-known flaws with the most effective and widely available attack tools.
They count on organizations not fixing the problems,
and they often attack indiscriminately,
by scanning the Internet for vulnerable systems."
--
The SANS Institute June 2, 2000
....
LINKS: eSecurityOnline.com
....
Firewalls to block known vulnerabilities in applications and operating systems.... ....
The value of data within certain departments -- to protect it from competitors -- customer lists, product pricing, marketing plans....
Raise security consciousness among employees....
You can install software to automatically
encrypt files when they are saved to disk
---------------------
Page launched: July 18, 2000 |
Most recent revision: July 22, 2000 |
Developmental Level: Raw Copy |