(first image originally printed on Page 1, lower-left corner of the business section)
(article and second originally printed on Page 3 of the business section)
Security key in computer usage
Wednesday, January 20, 1999
By DAVID GOWRIE
Staff Writer
As the world becomes increasingly dependent on the Internet as a means
of communicating vital information, the risk of that information falling prey
to theft, vandalism, or destruction increases.
William Daugherty, director of network services at Integrated Business
Systems in Fairfield, is faced with those issues daily on behalf of customers
who come to him to make their computer systems safer.
Daugherty explained the risks of using the Internet and the security features
available to make this activity safer.
Q. What are the services that IBS offers?
A. We are a full service systems integration shop, so we sell PCs, file
servers, e-mail systems, and Web servers. We will do security needs
analysis for a company. We will provide them with guidance with their
security planning. And we provide the security, setting up any of the
applications they need. We will also set up secure networks for them.
Q. What are the security issues related to using networks?
A. There are three things you have to be concerned about: observation,
manipulation, and destruction. If someone can see your information, either
the information from within your network going out, or information from a
service into your network, . . . they can use the information against you.
Destruction is where your information or your systems can get damaged in
some way . . . and can no longer function. This means down time for your
business. But the most damaging can be manipulation, because it can go on
for a long time and be undetected. This kind of hacking is where someone
gets into your systems and makes changes to information and you don't
know about it.
Q. How can a company protect itself against these risks?
A. The first and most important thing that any company needs to do is form
a security plan. One of the things that's overlooked is creating an
environment where people are required to use strong, secure passwords,
and where people are not permitted to access unauthorized information
within the organization. A lot of unauthorized access occurs within the
company.
The other type of security is perimeter security, which typically refers to
those points at which your network is connected to either the Internet or
other networks.
Q. How does perimeter security work?
A. We use some different tools to make sure that traffic is in fact
authorized and secure. The two biggest tools we have are authentication
and encryption. Authentication means you are who we think you are and
you are permitted to be here doing what you're doing.
Once you've been authenticated, the next step is encryption of the data that
is flowing in and out of the network because someone else could be
observing that traffic. Encryption is a way of encoding the information as it
travels between hosts such that only the person who has the correct
decryption key can understand that information. The most popular way of
implementing authentication and decryption right now is using a fire wall.
Q. What exactly does a fire wall do to provide security for the network?
A. A fire wall is some sort of device, either a piece of hardware or a
computer running special software, that performs authentication, encryption
and decryption. It essentially makes the outside world believe that all traffic
originating from inside your network, is originating from one point. So it
means you only have to secure one point of contact instead of a thousand if
you have a thousand users in your network. It's a gatekeeper that protects
your resources inside by making a single point of contact very difficult to
hack.
Q. How effective are these security measures?
A. The encryption programs today use very clever and sophisticated
algorithms that involve very large numbers as keys. You would have to
have all the supercomputers in the world working on something for a year
to try all the possible combinations to break into your web browser traffic.
These fire walls are strong enough that it would be so prohibitively
expensive to try to hack them that no one bothers.
Q. Who should be interested in getting this security?
A. Anyone who is connected to the Internet who has data they care about.
Anybody who is connected to the Internet who is not taking very secure
measures to secure their information is basically asking for trouble.
Q. Is this risk to information security likely to increase?
A. There is no question about it. Every day the amount of information that
flows over the Internet is growing tremendously. The amount of people
using the Internet is growing tremendously. We are becoming more
dependent on this particular activity. Which means if someone wanted to
injure someone else, or some other group or country, this is clearly a prime
target. So it is surely bound to increase.
Q. What basic advice can you offer to people who are concerned about
their personal security over the Internet?
A. Never send anything over e-mail that you wouldn't put on a postcard
unless you are using some sort of encryption scheme. Never put sensitive
information over your browser, such as credit card numbers, unless you
are using 128 bit encryption, and you never transmit information to
somebody you don't know or trust. You have to know your vendors are
reputable.
Copyright © 1999 Bergen Record Corp.
