We lock our houses, our cars, even our bicycles. But do we secure our
company’s information? Small businesses need the resources to learn
that their information networks don’t even come with locks installed,
much less any other type of protection. How secure is your company’s
most confidential data? Would your network withstand a hacker or a disgruntled
employee?
How to keep your network secure from invasive
and potentially fatal hackers
If you access the Internet for only a couple
of minutes a day the likelihood of your being ‘hacked’ is small.
Why? Because each time you logon you are issued with a new ‘identity
number’ (IP Number) Hackers access networks through IP Numbers. If
your IP number is constantly changing, it is virtually impossible for
a hacker to locate your IP number quick enough while you are surfing,
and get into your system.
But are you at risk if you have a permanent
link to the internet? – Absolutely YES – In theory any person
or company who knows how can locate your one IP number and access your
system before you know it.
Why a hacker would want to enter your system
is anybody’s guess. Some are merely curious and see hacking as a
challenge. Others will hack your network with the intent to cause untold
malicious damage or worse, steal valuable or confidential data.
With BT and other suppliers now offering affordable,
permanent links to the Internet, it is now more critical than ever to
protect your system. Having a permanent link to the web is time saving
and often more cost effective. But it opens up a very real danger of being
hacked.
Here is the solution
Install a good Firewall if you fall
into either of these two categories:
One, if you connect each time you access the web
and you tend to remain connected for more than a few minutes at a time.
Two, if you have a permanent Internet connection
through your ADSL or ISDN line.
A good Firewall locks all unnecessary entry
points to your network from any outside connections except for essential
items such as email and web browsing. Different firewalls do this in different
ways. I’ll explain. Basically, you’re connected to the web by
a system of ‘ports’. Each port is numbered and has a different
function. By closing all the ports except the ones you need at any one
time a firewall limits the number of point a hacker can access your system.
Not installing a Firewall is like leaving your
front door wide open at night. It is inviting crooks to enter your premises.
The equivalent to a locked and bolted front and back door – in computer
terms – is a firewall.
But is just using a firewall enough?
Once in place, a firewall is a wall around
your network, with a couple of well-chosen gates. A wall has no capability
for detecting someone trying to break in, or for determining whether someone
coming through a gate is an imposter.
It simply restricts access to the designated
points based on rules set by you. Therefore, in general, it will not tell
you if a break-in is occurring, has occurred, or could occur because of
a hole in the wall or a system being protected by it.
You need to give your firewall extra security
software
Some type of network Intrusion
Detection System (IDS) is needed.
An IDS attempts to detect unauthorized use
of computers by monitoring traffic and reacting to the flow of data. Two
IDSs are CyberCop Monitor by Network Associates
Inc., or RealSecure by Internet Security Systems
(ISS), Inc.
There are also packages that run on the Linux
system. With an effective IDS you will be able to detect an attack and
take the appropriate action for your network.
It cannot be overstated how valuable it is
to detect an intrusion and then do something about it, immediately, to
prevent further harm to your data and/or productivity.
What should you do if you are being hacked?
If the attackers do get inside, you need to
keep them from looting your systems by implementing security measures
at each server and workstation. This brings up another point. While firewalls
are keeping Internet intruders out, your internal users might be looting
your systems.
According to the FBI, over
half of all virtual break-ins occur internally.
You may need to separate departments, divisions,
or business partners using the same firewall technology, and you may need
to implement encryption throughout your organization using technologies
like IPsec, ipv6,
and VPNs.
Encryption also yields many benefits such as
deterring packet
sniffing and preventing connection hijacking. Firewalls also do
not protect against leaks, such as users connecting to the outside with
a desktop modem.
How can I get 100% security?
Using a firewall in conjunction with all of
these measures will increase your security but 100% security is not possible.
Even Buckingham Palace gets the odd intruder every year!
But, if you don’t do anything at all and
you still think that you are not a target – well when your email
box is full of “I Love You” messages, your main web page is
on CNN with “Hacked by Everybody” typed all over it, and when
your servers seem to crash all the time for no particular reason due to
denial of service attacks. Just remember... I told you so.
CLICK HERE if
you would like more information about how you can protect your company’s
data
|