Secure access over the Internet

 

Modern enterprises use public networks to conduct private business. The Internet is a great medium for data exchange, whether that be using Web sites for customer interaction; enabling e-mail or XML data exchange between organisations; or creating Web front ends to existing databases so sales staff can check list prices while mobile. PSTN (Public Switched Telephone Network) and ISDN (Integrated Services Digital Network) are used in similar ways to provide dial-in access to public and private resources to customers and mobile staff.

Both of these solutions give computer systems a tangible address in the physical world, whether it be a phone number or a fixed Internet address. This connection comes at a price. Even though computing resources may be locked in high-security data centres, the security guards can do nothing to stop an electronic assault by someone using a network address to access the system. The age of data connectivity demands consideration of overall system security.

To best understand the tasks ahead, we'll first define some common scenarios where corporate resources are commonly coupled to the public networks and then see how they fit with the security methods we'll discuss later.

Back to top

 

Scenario One: The customer Web site (Back to contents)

Public Web sites no longer consist of just simple, static content such as product information. When that was the case, the primary security concern was avoiding denial of service (DOS) attacks, where hackers would 'flood' a site with requests to make it unavailable to other customers, and site defacements, where pages on a site would be removed or replaced with potentially offensive or embarrassing content.

In order to get closer to their clients, many organisations now build Web applications that integrate into their database systems to allow customers to change their orders, view or modify personal data and otherwise interact with business systems. This has increased the importance of protecting the public Web site, both to ensure internal databases are not modified without authorisation and to meet legal requirements to keep customer information confidential.

Back to top

 

Scenario Two: Linking remote offices (Back to contents)

The cost of dedicated leased data links between any two sites is high enough within the same city. When the requirement is to link two offices across the globe, it becomes prohibitive for many companies. Many companies are looking to use the Internet to move data between sites.

Back to top

 

Scenario Three: Road warriors and telecommuters (Back to contents)

Providing staff with the tools to make them more productive has become standard practice in recent years. It makes sense to provide sales staff with up-to-the-minute information on pricing and availability. Giving staff access to their e-mail and other network resources encourages them to check in while away from the office. What started as providing Web-based e-mail is now about providing all the resources of an in-house desktop to a multitude of devices and locations.

Back to top

 

Scenario Four: Business-to-business data exchange (Back to contents)

Data exchange between organisations doing business together takes many forms. These can include e-mailing documents, creating Web portals, or creating direct data exchanges, using older systems such as EDI (Electronic Data Exchange) or newer options such as XML (Extensible Markup Language). In all these scenarios, nobody wants their competitors to know what they are doing.

Back to top

 

Why worry? (Back to contents)

The amount of computer crime is escalating. All it takes is one disgruntled person to start a Denial Of Service (DOS) attack and an organisation can be crippled for days. Hackers seeking vulnerable but well-connected systems as a base for their attacks need look no further than the growing number of PCs constantly hooked up to broadband connections.

Some hackers like the challenge, ex-employees may hack for revenge and others hope to find something valuable they can sell or trade through the computer underground. No matter how trivial the Internet resources exposed by a company, they will be probed within hours of becoming 'live', and if interesting, attacked soon after. The best hope for securing systems is to make them so hard to access relative to their perceived value that nobody will bother, and ensure that in the time it takes to break in the alarm bells will be set off, allowing administrators to counter the intrusion.

Back to top

Keep up with the latest tech news, reviews and previews by subscribing to the Good Gear Guide newsletter.

PC World Staff

PC World

1 Comment

Anonymous

1

It became useful first to distinguish among different kinds of IP <a href="http://world-secure-channel.com/why/">vpn</a> based on the administrative relationships, not the technology, interconnecting the nodes. Once the relationships were defined, different technologies could be used, depending on requirements such as security and quality of service.

Comments are now closed.

Latest News Articles

Most Popular Articles

Follow Us

GGG Evaluation Team

Kathy Cassidy

STYLISTIC Q702

First impression on unpacking the Q702 test unit was the solid feel and clean, minimalist styling.

Anthony Grifoni

STYLISTIC Q572

For work use, Microsoft Word and Excel programs pre-installed on the device are adequate for preparing short documents.

Steph Mundell

LIFEBOOK UH574

The Fujitsu LifeBook UH574 allowed for great mobility without being obnoxiously heavy or clunky. Its twelve hours of battery life did not disappoint.

Andrew Mitsi

STYLISTIC Q702

The screen was particularly good. It is bright and visible from most angles, however heat is an issue, particularly around the Windows button on the front, and on the back where the battery housing is located.

Simon Harriott

STYLISTIC Q702

My first impression after unboxing the Q702 is that it is a nice looking unit. Styling is somewhat minimalist but very effective. The tablet part, once detached, has a nice weight, and no buttons or switches are located in awkward or intrusive positions.

Resources

Best Deals on GoodGearGuide

Latest Jobs

Don’t have an account? Sign up here

Don't have an account? Sign up now

Forgot password?