| |
|
|
 |
 |
5870 West Jefferson Blvd., Suite A
Los Angeles, CA 90016
Tel: 310.815.8855
Fax: 310.815.8808
info@OnlineSecurity.com
© 2010 Online Security
All rights reserved.
|
|
|
Forum| Posted: 01/27/2004 | Basic security is the best foundation Companies sometimes forget the basics in their effort to cover all the bases – or save time and money
| Original Source:
Author: Wayne Rash
I walked down the grassy slope, pausing to knock the soil off my shoes. I looked back at the gravesite in the gathering darkness. The granite cover gleamed a little in the light from the nearly full moon, and it was a peaceful sight hastened only by the bone-chilling wind that seemed to cross the Kansas prairie with no pause between there and the North Pole.
A dear relative who had taught me the law, who had let me clerk for her for years in hopes that I’d make a proper lawyer, had finally given way to the ravages of time. I’m sure she was always secretly dismayed that I chose a path that led to journalism, but she never let on.
However, her family was delighted to have a relative who knew something about networks and security: something was wrong on their network. They thought they might have a worm. They’d had to stop using their cable connection to the Internet. Their law firm was suffering because of the problems. What could they do?
I asked the usual questions. They did, indeed, have a personal firewall on some of their computers, but most had obsolete versions of Windows (95 or 98). That meant that on some computers there really wasn’t any protection at all -- no hardware firewall on their connection to the Internet, and the antivirus software wasn’t updated.
This firm hadn’t made any out-of-the-ordinary mistakes, but rather the same mistakes made by most companies. There was no security policy. In fact, the only policy they really had was to save money at the initial purchase, which meant this firm was buying obsolete copies of Windows at discount prices.
Although it was nice that they saved money, I asked one of the managing partners how they accounted for the lost time spent by lawyers waiting for their computers to function again. Then I asked how they might explain to their clients the fact that a worm had stolen their private information and passed it from their attorney’s hard drive to the outside world. They were terribly embarrassed, and immediately hired a consultant to fix the problem.
But then there are the repercussions to relationships with Fortune 100-sized companies to think about. This firm does work with some Fortune 100 clients; one wormy VPN connection, and the larger corporation could have been ravaged by the worm running loose in both locations.
I pointed out to the firm that if they infected their larger partner, no more work would come their way. The dollars at risk entered the high six figures very quickly. Fortunately, this firm saw the light, but they were my relatives. Not everyone is. Has your company seen the light?
Remember, the basics are just that -- basic. You have to protect yourself against bad things from outside, you have to keep your systems up to date by applying patches and also keeping your software up to date, and you have to check for bad things, such as viruses and worms, that may have made it into your network. Yes, those are basic rules, but they're vital for any enterprise. |
|
|
|
|
