Forwarded From: Nicholas Charles Brawn <ncb05at_private> 22Jul98 UK: HIDE BEHIND A FIREWALL TO BEAT CYBER CRIMINALS. ASHOK KHINDRIA. COMPUTER crime in Britain is doubling every year. And as the number of corporate networks reaches record levels, thousands of companies routinely fail to implement security measures to prevent theft of information and corruption to systems. No organisation seems safe as hackers wreak havoc to systems across the corporate and public sectors. According to a recent survey by the Department of Trade and Industry, security lapses have cost companies #1.5 billion since 1992. During this period, the cost of an average security breakdown soared from #2,000 to #9,000, with the single most expensive reported incident a #1.2 million fraud in an insurance company. Computer security is slowly being forced to the top of the corporate IT agenda. Today, protection goes beyond locking confidential floppy disks in a desk drawer. Encryption, virus protection and firewalls are playing an increasing role in these companies' armouries. Networks have enabled organisations to increase their productivity and efficiency by managing the flow and access to information. Businesses are increasingly utilising the internet to improve processes and firewalls represent the net-work's first line of defence against intruders. These software and hardware barriers stand between the private, internal network and its connection to the outside world, such as the internet. The firewall provides an extra layer of protection and regulates and controls communication. The firewall can be configured in such a way as to restrict individual from sending e-mail out of the company and barring them from having access to the internet. External access may also be limited as few companies would allow access to files and information by the general public or competitors. As the pace of technological development accelerates, there are an increasing number of firewall technologies available. For example, simple packet filters will deny access to any piece of information where the source and destination address has not been authorised by the system. To set up the filters, you need to define a set of rules for the filtering code. This will allow the system to decide whether the packet should be allowed to pass or not. On the other hand, proxy-based systems provide additional security. They also offer multiple authentication mechanisms and network address translation (NAT). NAT allows internal internet addresses, or internet protocols, to be hidden. Packets sent from a host behind the firewall will appear to have been sent from the firewall's external address. This makes the sender invisible to the internet, which makes it difficult for hackers to track down the network information and addresses required. Stateful inspection is the most sophisticated technology available. Firewalls modelled around this technology interrogate the packets based on source, destination, protocol and communications port. Addressing external threats is only half the battle, however. The greatest threat to privacy often comes from internal users. Disgruntled employees and saboteurs with limited authorised access to the network can often do more damage than someone accessing the system through the internet. Sometimes, computer security problems can even involve individuals with legitimate access to the system who just do the wrong thing at the wrong time. To combat such internal threats, security should be considered from the outset. It should not be seen as just another aspect of the system that can be thought about at the last minute and added at the end of the project. The long-term needs of the system must also be assessed. While the physical configuration of the network and the software may be sufficient for today's requirements, the question is whether you will be able to accommodate a major upgrade in two years. Networks are playing increasingly mission critical roles in most organisations. By failing to properly address security, companies expose themselves to incalculable risks. Assessing the potential exposure and developing measures to tackle the risks will secure the competitive advantage achieved from a well-managed networking environment. SCOTSMAN 22/07/98 P6 -o- Subscribe: mail majordomoat_private with "subscribe isn". Today's ISN Sponsor: New Dimensions International [www.newdimensions.net]
This archive was generated by hypermail 2b30 : Fri Apr 13 2001 - 13:00:10 PDT