Foiling Internet Hackers Provides Full-Time Jobs.ARKANSAS' TWO LARGEST technology-based companies, along with many others, devote substantial resources to protecting critical company information and customer data from improper access to its computer networks by computer hackers. While most report that there has been no penetration of those protected systems, many companies are hesitant to tout their successes too much. They are nervous that bragging about that success would "raise red flags" of challenge to those bent on causing damage or merely mischief through infiltration. There have been attempts, they say, but never really anything considered to be a serious or coordinated effort. "A lot of hackers just want to see if they can do it," says Steve Dannaway, a network administrator for one of the computer networks at the University of Arkansas at Little Rock. Alltel Corp.,. known to most as a telecommunications company, also provides information services in the financial realm (applications from Internet banking to mortgage processing) through its Alltel Information Services division. Meanwhile, data manager Acxiom Corp. makes available many of its services to its clients through secure network connections. Both have personnel assigned to monitor the multiple lines of computer defense to protect against unauthorized access, be it an internal company network that allows employees outside access to the Internet or its networks that provide information services to clients. Asked about how companies beginning to develop networks or outside access should approach computer security, most compared it to home security. You don't leave your valuables out in plain sight; and you don't leave the door unlocked. "You've got to pay attention to where your data is and what's on the machine," says Eugene. Jones, president of Connect4Business, a fledging Little Rock firm providing electronic commerce and communications applications between manufacturers and dealers of products. Don't put any critical information on a computer with outside access, he advises. Examples of computer hacking are showing up regularly in the news. In recent weeks, Internet hackers have made the national news. In one case, hackers stole bank card numbers from thousands who bought compact discs at an online store, then threatened to release them on the Internet unless a ransom was paid. There were coordinated computer attacks on some governmental agency computers in Japan that resulted in data being erased and Internet pages being defaced. Hackers have also successfully found a "back door" to gain control over accounts using the popular America Online Instant Messenger. "Internet security is only as good as the people watching it," says Rick Woodham, who works for Alltel Information Systems and has directed the company's e-commerce strategy and helped the company launch its Internet service provider. Alltel has a complement of network administrators monitoring around-the-clock the layers of firewalls (software applications designed to block access, to certain areas of a computer or network) and other defenses. While they don't prevent employees from surfing the Internet, they can monitor what sites are visited (as some sites can send electronic "cookies" that track a computer) and prevent some Web technologies from being used (real-time audio or video, which tend to congest the network, for example). Acxiom also has a team for network security that can monitor those using company networks in real-time. That includes clients logging into the Acxiom Data Network, the secured network through which the company delivers data services to its customers, according to Don Hoffman, who handles computer security for Acxiom. Any attempt to enter the network will notify administrators within 60 seconds, he says. That network has a 128-bit encryption algorithm; he says, which is an industry standard and, would take a substantial effort to crack. With hundreds of customers logging into the virtual private network, there are also expectations of security, Hoffman says. Acxiom must meet the security requirements of its clients and be subject to regular audits, he says. That includes meeting the "three points of security"--confidentiality, integrity and availability. Customers look to Acxiom to protect its data from unauthorized access, Hoffman says, while making it readily available for customer use. "In our business, we have to protect our customers,"' Hoffman says. The banks Alltel deals with, as well as others, also take security seriously. The advent of Internet banking has allowed customers the ability to monitor accounts and conduct transactions online but also has created some apprehension on the part of customers. Woodham says banks, just like other online businesses, must continue to convince the public there is an " acceptable level of risk" for online transactions, much like real-world transactions where you can never totally guarantee that you won't be robbed or have your home burglarized. The key, the computer experts say, is thinking ahead and taking the steps to minimize that threat. |
|
||||||||||||||||||||
Printer friendly
Cite/link
Email
Feedback
Reader Opinion