Secure access over the Internet

 

Modern enterprises use public networks to conduct private business. The Internet is a great medium for data exchange, whether that be using Web sites for customer interaction; enabling e-mail or XML data exchange between organisations; or creating Web front ends to existing databases so sales staff can check list prices while mobile. PSTN (Public Switched Telephone Network) and ISDN (Integrated Services Digital Network) are used in similar ways to provide dial-in access to public and private resources to customers and mobile staff.

Both of these solutions give computer systems a tangible address in the physical world, whether it be a phone number or a fixed Internet address. This connection comes at a price. Even though computing resources may be locked in high-security data centres, the security guards can do nothing to stop an electronic assault by someone using a network address to access the system. The age of data connectivity demands consideration of overall system security.

To best understand the tasks ahead, we'll first define some common scenarios where corporate resources are commonly coupled to the public networks and then see how they fit with the security methods we'll discuss later.

Back to top

 

Scenario One: The customer Web site (Back to contents)

Public Web sites no longer consist of just simple, static content such as product information. When that was the case, the primary security concern was avoiding denial of service (DOS) attacks, where hackers would 'flood' a site with requests to make it unavailable to other customers, and site defacements, where pages on a site would be removed or replaced with potentially offensive or embarrassing content.

In order to get closer to their clients, many organisations now build Web applications that integrate into their database systems to allow customers to change their orders, view or modify personal data and otherwise interact with business systems. This has increased the importance of protecting the public Web site, both to ensure internal databases are not modified without authorisation and to meet legal requirements to keep customer information confidential.

Back to top

 

Scenario Two: Linking remote offices (Back to contents)

The cost of dedicated leased data links between any two sites is high enough within the same city. When the requirement is to link two offices across the globe, it becomes prohibitive for many companies. Many companies are looking to use the Internet to move data between sites.

Back to top

 

Scenario Three: Road warriors and telecommuters (Back to contents)

Providing staff with the tools to make them more productive has become standard practice in recent years. It makes sense to provide sales staff with up-to-the-minute information on pricing and availability. Giving staff access to their e-mail and other network resources encourages them to check in while away from the office. What started as providing Web-based e-mail is now about providing all the resources of an in-house desktop to a multitude of devices and locations.

Back to top

 

Scenario Four: Business-to-business data exchange (Back to contents)

Data exchange between organisations doing business together takes many forms. These can include e-mailing documents, creating Web portals, or creating direct data exchanges, using older systems such as EDI (Electronic Data Exchange) or newer options such as XML (Extensible Markup Language). In all these scenarios, nobody wants their competitors to know what they are doing.

Back to top

 

Why worry? (Back to contents)

The amount of computer crime is escalating. All it takes is one disgruntled person to start a Denial Of Service (DOS) attack and an organisation can be crippled for days. Hackers seeking vulnerable but well-connected systems as a base for their attacks need look no further than the growing number of PCs constantly hooked up to broadband connections.

Some hackers like the challenge, ex-employees may hack for revenge and others hope to find something valuable they can sell or trade through the computer underground. No matter how trivial the Internet resources exposed by a company, they will be probed within hours of becoming 'live', and if interesting, attacked soon after. The best hope for securing systems is to make them so hard to access relative to their perceived value that nobody will bother, and ensure that in the time it takes to break in the alarm bells will be set off, allowing administrators to counter the intrusion.

Back to top

Join the newsletter!

Error: Please check your email address.
Rocket to Success - Your 10 Tips for Smarter ERP System Selection
Keep up with the latest tech news, reviews and previews by subscribing to the Good Gear Guide newsletter.

PC World Staff

PC World
Show Comments

Most Popular Reviews

Latest Articles

Resources

PCW Evaluation Team

Ben Ramsden

Sharp PN-40TC1 Huddle Board

Brainstorming, innovation, problem solving, and negotiation have all become much more productive and valuable if people can easily collaborate in real time with minimal friction.

Sarah Ieroianni

Brother QL-820NWB Professional Label Printer

The print quality also does not disappoint, it’s clear, bold, doesn’t smudge and the text is perfectly sized.

Ratchada Dunn

Sharp PN-40TC1 Huddle Board

The Huddle Board’s built in program; Sharp Touch Viewing software allows us to easily manipulate and edit our documents (jpegs and PDFs) all at the same time on the dashboard.

George Khoury

Sharp PN-40TC1 Huddle Board

The biggest perks for me would be that it comes with easy to use and comprehensive programs that make the collaboration process a whole lot more intuitive and organic

David Coyle

Brother PocketJet PJ-773 A4 Portable Thermal Printer

I rate the printer as a 5 out of 5 stars as it has been able to fit seamlessly into my busy and mobile lifestyle.

Kurt Hegetschweiler

Brother PocketJet PJ-773 A4 Portable Thermal Printer

It’s perfect for mobile workers. Just take it out — it’s small enough to sit anywhere — turn it on, load a sheet of paper, and start printing.

Featured Content

Product Launch Showcase

Latest Jobs

Don’t have an account? Sign up here

Don't have an account? Sign up now

Forgot password?