Protecting against threats to enterprise network security.Life has been revolutionized by computer networks and the Internet. Vital sectors of the economy depend upon networks and the Internet for their existence. The financial, health, and government sectors, for example, all rely on networks for their daily operations. Banks transfer money electronically through the banking system's Automated Clearing House See ACH. Network. Medicare uses an electronic system for patients' billings. Also the Teachers' Retirement System of New York New York, state, United States New York, Middle Atlantic state of the United States. It is bordered by Vermont, Massachusetts, Connecticut, and the Atlantic Ocean (E), New Jersey and Pennsylvania (S), Lakes Erie and Ontario and the Canadian province of and the Social Security Administration make pension payments electronically into pensioners' bank accounts. The Internet also plays an indispensable role in the economy. Witness the explosion in electronic commerce between individuals, businesses, and other organizations. Companies like Amazon, ebay, and other online stores are representative of this new model. The proliferation of wireless and mobile devices, cellphones, wireless modems, and pagers has created a mobile society consisting of millions of telecommuters, field workers, travelling sales personnel, and home-office workers. Users can connect to their office networks from hotels, airports, and other remote locations, as well as from home. The very features of connectivity and accessibility that make networks and the Internet so indispensable to contemporary society, however, create dangerous and unforeseen consequences. Dangers to the Enterprise Security threats to an enterprise are much higher because of network interconnectivity and mobility. Cisco Systems “Cisco” redirects here. For other uses, see Cisco (disambiguation). Cisco System,Inc. (NASDAQ: CSCO, HKSE: 4333 ) is an American multinational corporation with 54,000 employees and annual revenue of US $28.48 billion as of 2006. , a leading provider of security services Security services are state institutions for the provision of intelligence, primarily of a strategic nature, but also including protective security intelligence. Examples include the Security Service (MI5) and the Secret Intelligence Service (MI6) in the United Kingdom, and the , maintains that remote users accessing corporate networks are more exposed than ever to attack from the outside. A personal computer on a network is a common point of attack. A user's laptop can also become infected through a remote Internet connection, and then infect the entire network. Some security threats include viruses, worms, Trojan horses It may never be fully completed or, depending on its its nature, it may be that it can never be completed. However, new and revised entries in the list are always welcome.
Viruses consist of computer code that secretly reproduce on other computers and perform destructive acts such as deleting files and clogging network performance. Worms are destructive programs, usually hidden in e-mail attachments, that shut down computers and networks. Trojan horses are unauthorized computer instructions hidden in a legitimate program that perform secret or damaging activities. Denial -of-service attacks overload an Internet service provider's e-mail server See mail server. with hundreds of e-mail messages per second, causing it to shut down, or causing a network or web server to crash. Last August, Blaster, a worm, shut down 120,000 systems in three minutes "Three Minutes" is the 46th episode of Lost. It is the twenty-second episode of the second season. The episode was directed by Stephen Williams, and written by Edward Kitsis and Adam Horowitz. It first aired on May 17, 2006 on ABC. and eventually shut down businesses around the world. Slammer A worm that caused a billion dollars worth of damage on the Internet on January 25, 2003. Slammer infected computers all over the Internet by generating random IP addresses and causing the computer's buffer to overflow with its own instructions that replicate itself and start the process , another worm, spread worldwide in 11 minutes and infected 55 million hosts per second. According to according to prep. 1. As stated or indicated by; on the authority of: according to historians. 2. In keeping with: according to instructions. 3. Cisco, the cost of viruses and worms is approximately $13 billion a year. Another insidious threat to an enterprise is hacking. Most businesses are susceptible to attack from both outside hackers and internal personnel. Unauthorized users can break into an organization's network to steal information or create damage. Hackers often target business and financial institutions possessing information that can be further exploited. The names, addresses, credit information, and Social Security numbers of a company's employees or customers can be stolen by hackers in order to rob bank accounts, obtain false credit cards, or perpetrate per·pe·trate tr.v. per·pe·trat·ed, per·pe·trat·ing, per·pe·trates To be responsible for; commit: perpetrate a crime; perpetrate a practical joke. other fraudulent acts. Hackers, especially terrorists and rogue governments, also target military, government, and financial networks and can create political and economic havoc. Internal hackers might be disgruntled dis·grun·tle tr.v. dis·grun·tled, dis·grun·tling, dis·grun·tles To make discontented. [dis- + gruntle, to grumble (from Middle English gruntelen; see employees that delete corporate files. The proliferation of these illegal and dangerous activities has become a matter of grave concern for industry and government alike. Protecting the Enterprise An enterprise's network, information systems, databases, and processes are essential for the enterprise's survival and must be protected from both internal and external threats. Remote users connecting to the enterprise's network from outside the enterprise must be protected, as well. The protective measures an enterprise implements make up what the AICPA AICPA See American Institute of Certified Public Accountants (AICPA). defines as information security. Information security consists of the following security measures Noun 1. security measures - measures taken as a precaution against theft or espionage or sabotage etc.; "military security has been stepped up since the recent uprising" security : antivirus protection; firewalls; intrusion detection systems; and password management. Firewalls protect a network from outside hackers and other malicious attacks from the Internet. Through the use of firewalls, inbound Internet traffic Internet traffic is the flow of data around the Internet. It includes web traffic, which is the amount of that data that is related to the World Wide Web, along with the traffic from other major uses of the Internet, such as electronic mail and peer-to-peer networks. can be monitored for any unauthorized web server attempting to access the organization's network, to either download or upload data. Firewalls can limit Internet access See how to access the Internet. to specific, approved websites. Personal firewalls can prevent a hacker from capturing a remote user's logon name or password to get into the user's organization. Intrusion detection systems can determine if an organization is under attack or if unauthorized activity is occurring. Network-based systems monitor all activity on the network itself Host-based systems, on the other hand, monitor a specific server or computer, and can determine if a hacker is attempting to access files or surreptitiously sur·rep·ti·tious adj. 1. Obtained, done, or made by clandestine or stealthy means. 2. Acting with or marked by stealth. See Synonyms at secret. use the computer. Password management includes mandating passwords with a combination of uppercase and lowercase letters and numbers that are connected to the user's name. Passwords should preferably not even be a word, because programs exist that can automatically try millions of combinations to crack a password. Dangers to the Individual Today, more and more personal information is being stored in digital format, in a variety of electronic databases and repositories. The IRS An abbreviation for the Internal Revenue Service, a federal agency charged with the responsibility of administering and enforcing internal revenue laws. , for example, is in the process of converting the tax filing process to electronic format. Individuals surfing the Internet are also compromising their privacy. A web browser The program that serves as your front end to the Web on the Internet. In order to view a site, you type its address (URL) into the browser's Location field; for example, www.computerlanguage.com, and the home page of that site is downloaded to you. such as Internet Explorer or Netscape stores the websites a user has accessed, thereby creating an electronic trail detailing the user's surfing habits. In addition, the server of a visited website creates log files containing detailed information about every single request the server receives, including where the request comes from and which web pages the user visits. Cookies might be, stored on the user's computer, providing specific information to the website about the person who accessed the site. Individual profiles of Internet surfers, including confidential information, can also be created when completing online forms or posting information. Even more insidious threats to the individual's privacy exist in the form of web bugs, spyware, and stealth monitoring programs. Web bugs document the websites and pages a user visits and the frequency of these visits. Spyware and stealth monitoring programs secretly track the user's Internet usage and computer use. Some of these programs can capture the user's keystrokes, such as passwords or credit card data, and send the information across the Internet to an unauthorized site. Protecting the Individual Various security software programs, consisting of a suite of applications, exist to protect the personal computer user against viruses, worms, Trojans, and hostile attacks such as hacking. These suites also provide e-mail protection against spam and unsolicited e-mails that clog up the user's electronic mailbox. Two popular suites are McAfee Internet Security 2004 and Norton Internet Security Norton Internet Security (NIS) is a computer utility suite made by Symantec Corporation, with a focus on providing comprehensive Internet protection. It is available for both Microsoft Windows and Mac OS X. It is one of Symantec's flagship products. 2004. In order for these suites to be effective, they must provide ongoing protection against new viruses and worms and other electronic threats. The suites must be constantly updated, and must provide control over communications over the Internet. Harold C. Gellis, CPA (Computer Press Association, Landing, NJ) An earlier membership organization founded in 1983 that promoted excellence in computer journalism. Its annual awards honored outstanding examples in print, broadcast and electronic media. The CPA disbanded in 2000. , is associate professor of accounting and information technology at York College of the City University of New York The City University of New York (CUNY; acronym: IPA pronunciation: [kjuni]), is the public university system of New York City. . RELATED ARTICLE: Toolbar A row or column of on-screen buttons used to activate functions in the application. Many toolbars are customizable, letting you add and delete buttons as required. Toolbars may be fixed in position or may float, which means they can be dragged to a more convenient location in the Helps Teachers Provide Better Information For Parents A new software toolbar that will help teachers provide more information to parents about the performance and welfare of their children in school is being launched by SYMEX UK, one of Britains education software publishing companies. The 'Coherent Reports Toolbar' is the first software of its kind that pulls together information from all of a school's different Management Information Systems (MIS), Microsoft Excel spreadsheets and other software systems used by teachers to record student achievements. Using the Toolbar, teachers can create school reports and standard letters in Microsoft Word using all of a pupil's available information. The 'Coherent Reports Toolbar' is being launched at a price of [pounds sterling]78.95 per user licence and, for a limited period (until March 31st, 2006), schools purchasing the software will also be given a free 512MB memory stick (pen drive) with every licence. Many schools have separate systems for every area of school life such as attendance and behaviour. Because the systems are not integrated, reports that use all the available information across the school and on individual pupils are impossible to compile. With 'Coherent Reports Toolbar', schools will now be able to report to parents every half-term as well as at the end of each term, providing parents with more information, more regularly. www.symex.com |
|
||||||||||||||||||
Printer friendly
Cite/link
Email
Feedback
Reader Opinion