-
-
   Home
   Archives
 About Us
   Advertise
 Feedback
 Subscribe

Home >Security > Full Story

Protecting the Enterprise Network
By Joy Ghosh

The Internet has changed the fundamental rules of enterprise security. Now it's a must for enterprises to go beyond firewalls, and think about implementing policy-based security solutions to ensure effective protection

The business productivity gains offered by the WWW and its ubiquitous, user-friendly interface (the browser) are indisputable. The intranet, extranet, and the Internet has escalated intra-business and business-to-business (B2B) processes to new, previously unimagined levels of speed and efficiency.

The Internet has its numerous drawbacks too. Employees may expose enterprise-networked computers to rapidly spreading viruses or other malicious or harmful code by accessing or downloading files of unknown origin. And, unlike earlier viruses that were designed to infect single computers, the latest generation of viruses has been specifically designed to take advantage of the rapid propagating Web environment. Proof-of-concept viruses, such as Melissa, Explore.zip, and Loveletter have clearly demonstrated the potential of these threats to spread through entire networks within minutes.

Also, the same virtual workspace that yields enormous business productivity gains has the potential to diminish worker productivity when used for the wrong purposes.

Recent industry statistics indicate that employees squander both meaningful work hours and precious (and expensive) network bandwidth on Web-based activities that have nothing to do with business. In addition to incurring lost work hours, and negatively affecting network performance, these activities also leave the enterprise vulnerable to a variety of lawsuits. Enterprises may be held accountable for the information that resides in their networked computers, even when that information has no bearing on business and has been downloaded or accessed by an employee strictly for his personal use.

To protect themselves from these threats, enterprises need to implement a comprehensive Internet security program.

Understanding Internet security
Internet security is becoming an essential tool for doing business in the 21st century. While the earlier vectors of delivering harmful content to an enterprise, such as physical access and file sharing via diskettes, are still a concern, the primary vectors for the introduction of harmful content into an enterprise has now shifted to the Web.

Need for Internet content security solutions
The following highlights of the Computer Security Institute (CSI)/FBI 1999 Computer Crime and Security Survey are revealing:

  • System penetration by outsiders increased for the third year in a row; 30 percent of respondents report intrusions.
  • Those reporting their Internet connection as a frequent point of attack rose for the third straight year—from 37 percent of respondents in 1996 to 57 percent in 1999.
  • Insider abuse of Internet access privileges (for example, downloading pornography or pirated software or engaging in inappropriate use of e-mail systems) was reported by 97 percent of respondents.
  • 26 percent of respondents reported theft of proprietary information.

Security starts with effective policies
Security breaches can occur from both within and outside an organization. All good security efforts start with developing reasonable and effective policies. These policies are a critical first step in protecting vital enterprise information assets. They can also be used as a defense against potential legal liabilities. Today, enterprises must define or redefine their security policies to include rules regarding Internet access and acceptable use.

Even with these policies in place, however, some means of enforcing them must be available. Manual enforcement methods are easily defeated. And because Internet/ intranet/extranet access is a necessary prerequisite for business in the 21st century, there is a danger of too much security constraining business—in effect throwing out the baby with the bath water.

The importance of gateway-based solutions
Automated, granular, policy-based solutions can assist the enterprise in providing an effective means to administer and enforce Internet access and appropriate content rules, while still allowing Web-based productivity. Deployment of this technology at Internet gateways allows enterprises to control threats before they have a chance to spread to essential network data and applications behind the firewall.

Centrally managed, granular, policy based solutions provide the enterprise with maximum control and flexibility. Such solutions are highly scalable and can greatly reduce administrative overhead. These measures, when combined with other network security measures, such as e-mail, desktop, and server security, constitute the total Internet security solution that businesses in the 21st century will increasingly require.

Why firewalls are not enough?
It's important to note that in today's Internet-enabled business environment, firewalls alone are no longer sufficient to provide multiple levels of security that are needed. Firewalls are generally very effective at keeping unwanted people out of enterprise networks. They do this by establishing the types of network connections that will be allowed and the kind of session services that will be supported.

This works well when the boundaries of the network are clearly defined, and when there is either limited or no need for collaborative computing.

Today's Web-based business processes, however, have changed the rules for enterprise computing. Enterprises increasingly need to be able to allow and control more applications. With each new application allowed, the risk of security holes is multiplied. With each new user, there is also an increased risk of tampering, misuse, and information falling into the wrong hands, either willfully or by neglect. Policy-based granular controls are also needed to enable many levels of limited access that will be required.

In addition to being able to control who gets to view sensitive information residing behind enterprise firewalls, enterprises must also be able to control what information gets out. Attacks or intrusion may originate from within or without conventional enterprise boundaries. Statistics now show that a great many security breaches originate from behind the firewall—from within the enterprise itself. To protect confidential enterprise information from falling into wrong hands, the ability to monitor the content of files leaving the network is just as important as the ability to monitor files coming in. This is an area where firewalls typically fall short.

Finally, firewalls don't natively support anti-virus measures or granular monitoring and control of today's mobile code files, such as Java applets or ActiveX files. However, these files can contain harmful content capable of crippling enterprise networks. Gateway-based content filtering and strong gateway-based anti-virus measures will both be required to ensure adequate enterprise protection.

Joy Ghosh is the Country Manager-India, Symantec Ltd and can be reached at jghosh@symantec.com
- <Back to Top>-  
© Copyright 2001: Indian Express Group (Mumbai, India). All rights reserved throughout the world. This entire site is compiled in Mumbai by The Business Publications Division of the Indian Express Group of Newspapers. Site managed by BPD