Network Security (continued)
But beware of the trap
of implied simplicity. Setting up and maintaining an effective firewall is
definitely “kids, don’t do this at home” stuff! Without in-depth
understanding of the mechanisms involved in specific communications
technologies and applications, a single configuration change can render
the firewall entirely useless. Leave firewall configuration for
non-standard applications to a professional!
about other threats? Here’s a list of “cures”:
There are several great (and in some cases even free) virus protection
software providers in the market. You can get recommendation for these in
any computer magazine or on the Consumer Report web site. While mostly a
PC /Windows dilemma, there are several products in the market that start
to branch out into more sophisticated protection that applies to the Mac
environment as well. Virus protection belongs on every server and
workstation in your network regardless of whether they are frequently used
to access the public Internet or not.
Pop-Up ads utilize Browser internal functionality and can, depending on
the Web Browser you chose for your company, be a platform-independent
problem. The same companies that produce Virus protection programs have
started to create Pop-Up blockers and some Internet Service Provides
(ISPs) actually let their users download and install these blockers for
free. Pop-Up blockers should be installed on any computers that have a Web
Browser installed and are configured for Internet access.
The nasty side effect of email being so easy to use is that there are
quite a few shady individuals out there that bombard you with unsolicited
email messages many of questionable content. There are quite a few SPAM
blocking and tagging tools available. My recommendation is to install an
email Proxy server
(i.e. SpamPal: www.spampal.org)
on your firewall, since you most likely download your email
from an ISPs mail server. That simplifies the maintenance of global allow
or deny lists for specific sender addresses. Alternatively you may have
the option to turn on SPAM filtering as an ISP provided service or install
the tool on each Workstation (beware of the added complexity and
maintenance as well as platform dependence).
matter how you twist it, the best way to protect your business is to train
your employees. They should be able to spot malicious email and phishing
attacks, they should be able to verify and distinguish good web sites from
bad ones. Limit the distribution of critical information to specific
trustworthy individuals and give clear auditable guidelines as to its use.
Just because you’re not paranoid doesn’t mean nobody is out to get you
(or your data)!
Copyright (c) 2008 by In Scope-Solutions,