63.3 F
San Diego
Sunday, Oct 6, 2024
-Advertisement-

Computer Files at Risk From Viruses, Illegal Software

Computer Files at Risk From Viruses, Illegal Software

Network Problems Avoided By Attention to Security

BY JOHN HUFFER

Special to the Business Journal

Today, company personnel use their computers to prepare spreadsheets, check e-mail, exchange data, store files, and browse the Internet. However, computer users rarely consider what is going on behind the scenes , until the network breaks down.

Those unfamiliar with the details of a Local Area Network (LAN) believe the network is that mysterious “server room” kept locked by the computer support staff. Although the server room is part of the network, there are many other equally important components. The failure of any single component affects network services to some degree.

The LAN provides each connected computer with communications to other connected computers, e-mail, network printing, access to shared devices, data security, and many other services normally invisible to the user. If the LAN is connected to the Internet, the network also controls which client computers can use the network’s Internet connection.

Providing all necessary network services requires specialized computers called “network servers.” Network servers run “network-class” operating systems (NOS) such as Windows 2000 Server, Novell, or Solaris. A NOS is more stable, more secure (and more expensive) than client-computer operating systems like Windows 98 or Windows ME. More importantly, a NOS allows centralized control over network services.

CEOs speaking with their network administrators may wish to address the following issues:

– Performance of Routine Backups of Important Data

Establishing and adhering to a routine backup schedule is far less expensive than having everyone come in and try to reconstruct days, weeks, or months of lost data.

Do not rely upon users keeping copies on both the server and their local drives alone. Instead, purchase an automated tape backup system to archive important data.

The more often a backup tape is used, the more likely the data stored on it is unusable. Buying a new tape every day (or week) means that for $20 per week, your company has the ability to recover a file someone erased last month.

– Physical Protection

Protecting the network’s physical security is often ignored. Servers must be kept in a locked room or cabinet with adequate ventilation for cooling. Servers should also have uninterruptible power supplies (UPS) attached to protect against power failures.

Although keeping the servers locked up seems obvious, it is often overlooked. One large corporation’s accounting computer kept crashing every Tuesday and Thursday night. The problem remained unsolved until someone discovered the night cleaning crew worked those two nights. Thinking all computers were shut down, they were unplugging the server to plug in their vacuum cleaners.

– Disaster Preparations

Disaster preparedness in this post-Sept. 11 world receives a great deal of publicity. However, more mundane threats can also threaten data, such as a leak in the roof directly above your network server.

Storing backup copies of all critical software off site is a good way to ensure your network can be back up and running within hours, rather than weeks.

– Avoid Peer-to-Peer Networks

Companies with fewer than five computers sometimes use “peer-to-peer” networking. Peer-to-peer networks occur when two or more client computers access each other directly rather than via a server, such as through file sharing

As peer-to-peer networking is by nature decentralized, it is not suited to centralized administration of network-level services such as data backup. Backing up files on a central server is much easier to administrate than backing up the complete contents of every computer on the network.

More importantly, peer-to-peer networks are inherently unstable, and experience far slower performance than those administered via a network server.

– Install Server-Level Anti-Virus Protection

The latest generation of computer viruses or worms attack through a LAN’s Internet connection. Protecting the network from these threats requires anti-virus and anti-intrusion software at the server level rather than at the client’s computer level.

Additionally, the protection your LAN receives from client-level anti-viral software is only as reliable as the LAN’s most careless user. If one employee improperly uses their computer’s anti-viral software, and that employee’s machine becomes infected, all computers on the LAN are exposed to attack.

Several companies, such as Sophos Software (www.sophos.com) and Symantec (www.symantec.com) offer network or “Enterprise” level anti-viral software. Unlike the client programs, the anti-viral settings are configured at the network server-level, preventing users from bypassing the anti-virus program.

– Install and Maintain a Firewall

Firewalls are essentially the locks on your computer network’s gateway to the Internet. The level of lock a company needs depends in large part on the attractiveness of your data to thieves, and the cost of replacing data corrupted by vandalism.

Many of the “Firewall-in-a-Box” packages are the computer equivalent of the lock on a common home’s bathroom door , enough to keep out casual intruders, but easy to bypass with minimal knowledge. Although better than no firewall at all, the costs of recovering data after an intrusion usually justifies an investment in more sophisticated protection.

A managed firewall offers more complete protection. These can be set to prevent unauthorized entry into the network, filter Internet access by users, block unauthorized software downloads, and report attacks by hackers. Several companies, such as San Diego-based NetHere (www.nethere.com), offer managed firewall solutions.

– Humans , The Greatest Security Threat

The single most often-overlooked security risk is the human side. Regardless of the other security measures in place, computers remain vulnerable to the so-called “social engineering” attack, where a con artist calls authorized users and tries to trick them into revealing confidential information such as passwords.

One common security breach occurs when computer users write down their passwords and tape them under their keyboards. This is the computer security equivalent of hiding a house key under the doormat , and is little better than no password system at all.

Another major problem is the installation of unauthorized or illegal software. Companies caught without a license for any software installed on any of their computers face tens of thousands of dollars in fines.

Less spectacular, but more prevalent losses result when employees “customize” their computers with free screensavers downloaded from the Internet. Often, these innocent-looking screensavers destabilize client computers. Tracing these problems back to their source results in increased computer support expenses.

To prevent these types of problems, establish and enforce a companywide employee Internet policy. These policies set formal rules regarding issues such as placing limits on personal Web browsing, forbidding installation of unauthorized software, and prohibiting the sending and receiving of personal e-mail via the company’s servers. Although these policies seem harsh, it helps prevent a wide range of associated problems, such as use of inappropriate personal e-mail as evidence in lawsuits.

For employees already using their corporate e-mail address for personal mail before an employee Internet policy was in place, suggest they obtain a free Web-based e-mail account from Hot Mail (www.hotmail.com) or EudoraMail (www.eudoramail.com.) These free Web-based accounts have the additional advantage of being accessible from any computer with Web access.

– Avoid Hosting Your Own Web Site

Web servers are difficult to secure, and must be kept up and running 24 hours a day, 7 days a week. Most companies can contract with a Web hosting company to perform this work far more economically than by trying to do the work in-house.

– Consider an In-house E-mail Server

Unlike Web servers, there are distinct advantages to setting up an in-house e-mail server. The primary benefit is the availability of specialized server-level anti-virus programs, which remove suspicious e-mail attachments before they reach the recipient. Just as with other server-level anti-virus programs, reliability is greatly increased by centralized management.

Various software products, such as Deerfield’s MDaemon e-mail server (www.deerfield.com) and Symantec’s Mail Gear offer server-level e-mail protection.

Huffer is a technical writer for Carlsbad-based BioComp.

-Advertisement-

Featured Articles

-Advertisement-
-Advertisement-

Related Articles

-Advertisement-
-Advertisement-
-Advertisement-