Advertisment

NETWORK SECURITY: Secure Your Networks or See Them CRASH

author-image
VoicenData Bureau
New Update

Frank Leu, managing director, South Asia & South East Asia, Trend MicroSecurity

of enterprise networks has taken new dimensions over the last few years. The new

business paradigm puts pressure on businesses to get their employees to access

e-mail and the Internet. Business houses, today, are also required to enter into

electronic relationships with suppliers, vendors and other partners in the form

of VPNs and extranets. They also have to struggle to open their networks for the

outside world where computer viruses threaten to infiltrate. And, also compete

with the professional hackers and ‘script kiddies’ to lay their hands on

enterprise networks. At risk are expensive systems and theft of sensitive data.

Advertisment

About twenty-five years ago, managers of computing facilities were only

concerned of guarding their machines against the unauthorized users. As the

client-server model came into vogue, systems managers discovered that they had

to live with a few security holes in popular operating systems, which could

provide unauthorized access. While working on resources shared by other

computers was exciting, it also meant that TCP/IP introduced security concerns.

Measures like encryption, firewall and anti-virus solutions, coupled with good

old password protection were introduced. However, as such shared services were

limited, the potential for attacks was also low. In the present phase, the

challenges to network security have dramatically increased with the

proliferation of the Internet.

E-business may face threats of web site defacement, DoS, mail bombing,

spoofing, packet sniffing, etc. Viruses, worms and Trojan horses have the

potential to reformat hard disks, delete files or spawn new processes that cause

the entire network to crash.

Security against hacking and viruses should, ideally, be implemented at the

gateway level. It is essential that ISPs incorporate virus protection mechanisms

so that users’ networks are not exposed. Enterprises, in turn, should ensure

that users’ machines are not open to the threats from the Internet and the

mails through an anti-virus wall. The latest gizmos, which provide enterprises a

sense of security, are magnetic card keys, optical retina scanners and

fingerprint readers. But a random deployment of security solutions won’t do

the trick. Network security must be a proactive rather than a reactive. This

implies involvement of the top management along with the representatives of user

departments, besides the network managers.

The time has come for enterprises to conduct a careful assessment of threat

and deploy an optimal solution. Vulnerability analysis and risk assessment

should throw open areas that are critical. This should be followed by careful

selection of vendors to provide a solution but not before designing a security

policy, drafting procedures and standards. User requirements must be kept in

mind and system availability must be evaluated in conjunction with the need for

security. Complete security is ephemeral, thus it is better to pursue good

security now than better- than-perfect security later. Of course, the time

honoured principle of separating the roles so that people responsible for

implementing and running security systems should be separated from users. To

conclude, network security in the Internet era is as essential as your most

important business processes and requires a holistic approach in understanding

the risks and minimizing them.

Frank Leu, managing director, South Asia & South East Asia, Trend Micro

Advertisment