Printer Friendly

Keeping computers safe and healthy.

Protecting computer data in the face of virus scares, hacker practical jokes, and decentralized information storage may seem daunting, and it is. But knowledge of the threats, vulnerabilities, and security basics can help.

Mitchell Zahler, director of PC and LAN security for Productivity Management Group Inc. of Newark, NJ, spoke on network security at the National Computer Security Association's first International Virus Prevention Conference and Exhibition.

Zahler opened with the following five rules of security:

* Security exposures should never be ignored.

* Security should be transparent to the user.

* Security should never reduce s functionality.

* Security should be implemented by a specialist.

* Security should not be too costly.

Zahler identified one of the biggest obstacles to network security as removable media (disks, tapes, etc.). "When we started using removable media, security went downhill," he said. But the only real solution to this problem is the diskless workstation.

Zahler said, "If you have a diskless workstation, I guarantee you'll never have a virus." Yet, not many people are ready to give up their disk drives. For those who absolutely need floppy drives, he suggested having certain workstations behind locked doors that are capable of reading disks.

He also stressed the importance of making good backups. It isn't enough, however, just to back up every night, he said. Employees must verify the backups are good by periodically trying to restore the data onto the computer.

Computer users must also be aware of where they are storing the backups. If the backup disks are on a shelf above the computer and there is a fire, "It's bye-bye back-ups," he said.

Zahler's other suggestions for improving security included implementing policies and procedures and following them. "A policy is no good unless you follow it," he explained, just like a stop sign is no good unless you stop."

He also recommended tight controls on passwords, vendors, and network files; reviewing access to the LAN; monitoring the integrity of communication lines; securing remote computer sites; and formulating a disaster recovery plan.

The conference was held June 18 and 19 in Crystal City, VA, and was cosponsored by ISPNews, Washington Technology, and the Capital PC User Group. It featured 48 conference sessions on virus prevention and recovery and network security and more than 30 exhibitors.
COPYRIGHT 1992 American Society for Industrial Security
No portion of this article can be reproduced without the express written permission from the copyright holder.
Copyright 1992 Gale, Cengage Learning. All rights reserved.

Article Details
Printer friendly Cite/link Email Feedback
Title Annotation:Security Spotlight
Publication:Security Management
Date:Aug 1, 1992
Previous Article:Are old-fashioned ways for the old-fashioned days?
Next Article:Data base boosts handwriting analysis use.

Related Articles
Searching For Safety.
Chemical industry gets litmus test. (News and Trends).
Keep your computer system safe.

Terms of use | Privacy policy | Copyright © 2020 Farlex, Inc. | Feedback | For webmasters