Microcomputer security and control: six inexpensive and simple techniques.
Six inexpensive and simple techniques.
The accounting professional who has worked around microcomputers for any length of time knows how difficult it is to maintain their security. With very little trouble, a user can access confidential records and change, copy or erase them. Although no internal control system will protect the microcomputer completely from a determined and sophisticated user, some simple and inexpensive techniques can substantially reduce the likelihood of security breaches.
The general strategy behind security is to create layers, or levels, of obstacles through which an intruder must pass before reaching confidential data. The more layers there are, the more difficult it is to access unauthorized information and, hence, the greater the internal control. These layers need not be elaborate or tremendously sophisticated to be effective. That they are in place and it is not immediately apparent how to get around them will increase security.
Some of the suggested techniques involve nothing more than using attributes of Microsoft's disk operating system (MS-DOS); others require purchasing a software package. All of them will increase control over valuable information.
MS-DOS for IBM and compatible machines has several obscure capabilities. For data security purposes, the best of these is the ability to hide files, directories and characters from view. Hiding a file or directory means the user can't see any part of the file or directory name. Hiding characters allows the user to see part of the file or directory name but keeps one character invisible. Hidden files and directories are considered first.
Suppose you have hidden a file named Payroll.90 in the main directory. That file will not appear on the screen when the directory is listed. The advantages of this are obvious. Since the name of the file can't be seen, it's not likely anyone will be able to access it. It will be protected from accidental damage by novice users and from access by intruders, because they will not know where to find it unless an authorized person tells them.
To enhance separation of duties and internal control, only the specific names of hidden files or directories required in an employee's job-related tasks need be disclosed. For example, staff responsible for payables would know the names of specific payables files but not of the receivables files.
In general, the only way to hide a file or directory is by using a disk
utility program such as Professional Master Key Utilities, Norton Utilities or Mace Utilities. (See the software products listing on page 86). These programs are inexpensive and easy to use because they are menu-driven and accomplish tasks that cannot be performed with DOS commands alone.
All utility programs will be slightly different, of course, but the basic methods for hiding a file will be the same: Access the utilities program and call up the files in any given directory. The program will display a menu of the file's "attributes." These are its special characteristics and are not visible to the user. One of these is the hidden/visible option. When the file(s) to be hidden has been located, the attribute can be changed simply from "visible" to "hidden."
While hiding an entire file or a directory name is helpful, hiding a single character within a file or directory name also can be effective. Creating a file or directory with a single invisible character embedded in its name can make the file or directory difficult to access. For instance, to protect a certain directory with several accounting data files in it, an invisible character could be hidden in the directory name. Although the directory would be visible on-screen, most users would not know how to gain access to it because they would not know about the hidden character.
Embedding hidden characters in file or directory names simply requires using DOS's "ALT 255" invisible character capability. There are many ways to do this and no special software is needed. One way is to use the ALT 255 invisible character as an extension since DOS allows directory names to have three-character extensions. For example, when creating a directory named "ACCT", set it up as "ACCT. <ALT 255>". This is done simply by entering a period after ACCT, then holding down the ALT key and typing the numbers 255 on the numeric keypad.
Only the directory name ACCT will appear when it is listed on screen and its form will be indistinguishable from unprotected directory listings. The difference is, when users try to enter it, DOS will return the message "invalid directory" and not allow access.
This technique applies to file names as well. After the ALT 255 invisible character has been included in a file name--say, "PAYROLL <ALT 255>.RPT"--the file will look like others but will be inaccessible to unauthorized users.
ALARM AND LOCKUP PROCEDURES
A second little-known feature of DOS is its ability to reassign its source of input using the "CTTY" command. To change the source of input from the keyboard to some other input device (for example, a communications port), the user would issue a command such as "CTTY COM1:". The keyboard would no longer work and the computer would accept input only from the specified communications port.
This capability allows some creative security measures. Here is a simple example: Enter the "CTTY" command followed by the three letters "NUL" at the DOS prompt; then press the return key. These commands direct the computer to seek its input from another source--in this case, a nonexistent source--and the keyboard no longer works. It is, in effect, locked. The only way out of this condition is to restart (reboot) the computer--press the CONTROL, ALT and DELETE keys simultaneously or turn it off and reboot. So, in its simplest application, the "CTTY NUL" command can serve as an effective keyboard lock when the user leaves the computer.
Used in conjunction with DOS batch files, this command can be even more effective. A batch file is one that contains repetitively used DOS commands to save keystrokes; it typically is used for tasks such as changing directories, switching disk drives or executing software programs. By typing the batch file name, the user tells DOS to carry out all the commands within the file and thus does not have to type them individually.
A batch file also will allow branching, which means it will check whatever it is told to check before issuing the other commands in the file. It is possible to program the batch file to branch over to check, say, a user's password. If the password is correct, the batch file will continue processing the rest of its commands as usual. If the password is incorrect, however, the batch file can be set up to issue the "CTTY NUL" command and lock the keyboard. This command can create some attention-getting effects when used in combination with DOS's alarm features, two of which are discussed.
1. DOS contains a file called "ANSI.SYS", which, among other things, changes the screen color and allows repeated flashing of the screen. This feature can be activated by including the command "DEVICE = ANSI.SYS" in the "CONFIG.SYS" file (found in the main or root directory) and then rebooting the computer.
2. DOS also can activate the computer's internal bell. Both the changed screen color and bell features can be used as an alarm within a batch file if some preestablished condition, such as entering the correct password, is violated. An illustration of this is shown in exhibit 1 A sample batch file sequence on page 87.
If a user tries to access data without the proper password or command sequence, the batch file will branch to the sequence shown in the exhibit and the screen will start flashing, the bell will start ringing and the keyboard will lock. (With a monochromatic monitor, the screen will flash only one color.) The only way out of this situation is to reboot the computer.
Incorporating this batch file sequence as part of a password protection or menu program and placing the batch file in a hidden directory and embedding invisible characters in its name will make it difficult for someone to find it. Any unauthorized intrusion into protected data will be obvious.
Password protection often is violated easily. For instance, password systems can be circumvented simply by booting from a different DOS disk. This allows a user to avoid initial execution of the password program. However, such a program can be effective when used in conjunction with some of the techniques described above. By hiding batch files, files of password lists and other sensitive data files, the password protection becomes harder to avoid. Although not primarily password protection programs, Lockit I (listed with write-protect programs) and Softsafe (listed with data encryption programs) also provide protection against starting the computer from another DOS disk.
Programs offering password protection, such as Automenu Software Management System, Direct Access or Precursor, are recommended because they are easy to use and essentially can control who has access to the computer. Using a series of linked menus and passwords, these programs can
* Block access to DOS (to prevent someone from looking into other files on a hard disk).
* Require the use of multiple passwords to gain access to different files or programs.
* Allow access to files based on a user's specific authorization.
For example, if an employee must use both an accounting package and spreadsheet as part of daily job requirements, the password system will allow access to the accounting program with a first password. A second password is required to access the spreadsheet.
These menu programs generally work best when they are triggered by the last line in the "AUTOEXEC.BAT" file found in the root directory. DOS always checks this file first. The password program therefore will be the first program to run when the computer is turned on or rebooted.
While the password approach is not foolproof, it can add another layer of protection and control to the microcomputer system.
User logging is a technique that, in general, enables the computer to keep track of whoever uses it and the programs or files used. A daily log of all the activity that takes place on the computer can be invaluable in finding out who has been using a particular file or program. User logging is available through commercial software such as Logit! or Logger. These programs can keep detailed records and provide written reports on
* Clock times.
* Elapsed times.
* The number of keystrokes used.
* Keystrokes per hour.
* Path names employed.
* Program names used.
* Percentage of computer time used by a program.
Such software programs can provide internal control by recording the day's computer events. In addition, they can be useful productivity monitors for such things as employee training and merit-based reward systems.
Used with the techniques mentioned above, data encryption adds another layer of security to highly sensitive documents. This technique may not be necessary for general purposes but it is one more effective way to protect vitally important documents, such as those relating to a client's work on federal defense contracts or a CPA's litigation support files.
Basically, the technique permits the computer to scramble data so that, even if someone managed to gain access to a protected document, its contents would appear as gibberish. Data encryption is, in essence, a derivative of secret coding schemes used by the government to protect documents with high-level security classification.
Encryption can be accomplished only by using a commercial program such as Cipher, Private Line or Softsafe.
Finally, disk-level security implies guarding the disk itself, regardless of whether it's a hard or a floppy disk. At this level, there are three ways to protect information:
* Disk branding.
Write-protecting a hard disk protects it by not allowing any information to be added--or written--to the disk. Examples of programs that can accomplish this are Dprotect and Lockit I. When these programs are activated, users can read whatever information is on the disk, but they will be unable to change the information in any way. As a result, write-protecting prevents tampering with information. Such protection is particularly valuable today, given the spread of computer viruses and the increasing use of laptop computers. Computer viruses will be unable to spread to the hard disk. Write-protecting the hard disk in a laptop will keep anyone from tampering with it when it's taken off-site.
Zeroing-out a disk means completely erasing any information on it. The term developed because, when any information is erased or deleted using normal DOS commands, the information is not really erased. It is still on the disk. Only the first letter of the file name has been removed. Anyone with a disk utility package very easily could restore the first letter of the file name and read all the information that supposedly had been deleted.
Given that floppy disks are often reused and may be sent to clients, competitors or government agencies for a variety of purposes, it is important that what the user intends to erase really gets erased. Many disk utility programs or programs such as Sweep'r will overwrite the information with zeros--hence, the term "zeroing-out." In effect, the information will be completely and irrevocably erased.
Disk branding, while it doesn't protect the actual data, allows users to imprint unused disk space with identifying information that is visible only with a disk utility program. It is possible, for example, to brand either the hard disk or floppies with a client's name and federal tax identification number. Branding a disk has the side benefit of providing a useful way to identify ownership when stolen equipment is recovered.
LAYERS OF OBSTACLES
Athough microcomputer security is elusive, it can be enhanced by creating layers of obstacles through which an intruder must pass before reaching vital information. Obviously, the more layers there are and the less obvious they are, the more discouraging getting through them will be to a potential intruder. The six techniques discussed here, if creatively employed, will improve the security surrounding the microcomputer and its data inexpensively.
Disk utility programs
Mace Utilities Paul Mace Software 400 Wiliamson Way Ashland, Oregon 97520 (503) 488-0224
Norton Utilities Advanced Edition Peter Norton Computing, Inc. 2210 Wilshire Boulevard Santa Monica, California 90403 (213) 453-2361
Professional Master Key Utilities RPG Software Farm P.O. Box 9221 Columbus, Missouri 39705-9221 (Don't be misled by the price; this is a full-function utilitiy package.)
Sweep'r Samkhya Corp. 47 Sixth Street Suite 3000 Petaluma, California 94953 (707) 763-2800
Password protection programs
Automenu Software Management System Magee Enterprises 6577 Peachtree Industrial Boulevard Norcross, Georgia 30092-3796 (404) 446-6611
Direct Access (Direct Net, for networks) Delta Technology International, Inc. P.O. Box 1104 1621 Westgate Road Eau Claire, Wisconsin 54702 (715) 832-7525
Precursor The Aldridge Co. 2500 Citywest Boulevard Suite 575 Houston, Texas 77042 (713) 953-1940
User logging programs
Logger System Automation Software, Inc. 8555 Sixteenth Street Silver Spring, Maryland 20910 (301) 565-9400
Logit! Shareware, available through Public Brand Software P.O. Box 51315 Indianapolis, Indiana 46251 (800) 426-3475 $5 duplicating fee, plus $30 user registration fee
Data encryption programs
Cipher Gypsy Services P.O. Box 341050 Los Angeles, California 90034 (213) 836-8914
Private Line Shareware, available through Public Brand Software P.O. Box 51315 Indianapolis, Indiana 46251 (800) 426-3475 $5 duplicating fee, plus $30 user registration fee
Softsafe Software Directions, Inc. 1572 Sussex Turnpike Randolph, New Jersey 07869 (201) 584-8466
Hard disk write-protect programs
Dprotect Shareware, available through Public Brand Software P.O. Box 51315 Indianapolis, Indiana 46251 (800) 426-3475 $5 duplicating fee; no user registration fee
Lockit I Security Microsystems Consultants 215 Cromwell Avenue Staten Island, New York 10305 (800) 345-7390
A sample batch file sequence
ECHO ON PROMPT $e[5;37;41m CLS ECHO <ALT 7> <ALT 7> <ALT 7> <ALT 7> CTTY NUL Here is what this sequence will do, line by line: ECHO ON: prepares the screen for immediate color changes. PROMPT $e[5;37;41m: When followed by "CLS," will cause the screen to flash repeatedly a white foreground on a red background. CLS: clears the screen to the new colors. ECHO <ALT 7> etc.: causes repeated bell ringing. CTTY NUL: locks the keyboard.
DANA FORGIONE, CPA, PhD, is assistant professor of accounting at Texas A&M University, College Station. ALAN BLANKLEY is a doctoral student in accounting at Texas A&M.
|Printer friendly Cite/link Email Feedback|
|Publication:||Journal of Accountancy|
|Date:||Jun 1, 1990|
|Previous Article:||Microcomputer-based manufacturing software: what it can do for you.|
|Next Article:||Why not-for-profits should report their commitments: current GAAP financial reports provide little understanding of future obligations.|