Subcategories

Enterprise Security: The Manager's Defense Guide: David Leon Clark

Posted By: Promo Elite
Enterprise Security: The Manager's Defense Guide: David Leon Clark

Enterprise Security:
The Manager's Defense Guide
By
David Leon Clark


Book Description

A Call to Arms First came Melissa, then "Explore.Zip," and the Love Bug. Their names were provocative, fun and cute. Then came Code Red, Nimda, and more recently, Reeezak. (That is no typo; it's triple "E.") Their names, in contrast, are sinister, apocalyptic and foreboding. So what's in a name? In March 1999, Melissa marked the beginning of the world's reckoning with a new type of Internet Virus - a computer worm. A computer worm is a special type of virus that is designed to copy itself from one computer to another by leveraging email, TCP/IP and related applications. In contrast to normal computer viruses that are occupied with spreading many copies of themselves on a single computer, computer worms are concerned with infecting as many machines as possible. By all accounts, computer worms are nasty critters that have wreaked considerable damage and wasted billions of dollars in computer worker hours. Between the Love Bug, Code Red, and Nimda, the Internet community lost over $11 billion in terms of productivity and wasted IT staff time for cleanup. The Love Bug led the pack, costing the global Internet community close to $8 billion and eventually infecting approximately 45 million email users in May of 2000. Code Red (July 2001) cost the Internet community $2.6 billion and Nimda (September 2001) caused $531 million in damage and cleanup. At this writing, (January 2002) yet another computer worm is unleashing itself on the Internet community, with a somewhat ominous sounding name identified as Reeezak. Reeezak, like other worms, appears in email in boxes with an innocent sounding subject that simply says "Happy New Year." The message of the email also compares in tone, reading: "Hi…I can't describe my feelings, but all I can say is Happy New Year J Bye." It comes with an attachment called "Christmas.exe," which when double clicked, sends itself to all addresses listed in the user's address book while attempting to delete all the files in the Windows directory and anti-virus programs. The worm also disables some keys on the keyboard and propagates using Microsoft's compatible version of IRC (Internet Relay Chat) program. Reeezak, like other worms, only affects users of Microsoft's Outlook or Outlook Express email clients. If the proliferation of email worms is not insidious enough, the Internet community also experienced the effects of another class of attacks just a few months before the love-letter worm (February 2000). The now infamous and very shocking distributed denial of service attacks on several of the largest and most popular eBusiness sites of Amazon, Yahoo, eBay and E-Trade were not only brazen, making the headlines of many major metropolitan newspapers, but a wake-up call to the high flying eCommerce world. The cumulative effects of successfully orchestrated attacks are taking their toll on the Internet economy. At a minimum, users are frustrated and their confidence is shaken. Also, a "cloud" rains on the parade marching with fanfare toward eBusiness horizons. Attacks can be potentially devastating, especially from a financial standpoint. In the case of "E-Trade," livelihoods were affected on both sides of the virtual supply chain, the new business model that is enabling online businesses to reinvent themselves to capitalize on dynamic eBusiness marketplaces. Stock traders that subscribe to the eCommerce service lost the ability to queue up their orders, beginning at 7 a.m. so that the trades could be triggered at the start of the opening bell at 9:30 a.m. In addition to being livid because legitimate orders were being denied by bogus activity flooding the site, the stock traders lost critical financial advantage for certain security tenders. The owners of the breached eBusiness sites were embarrassed, to say the least. They also inherited a potentially explosive problem that raises the question of security immediately and the viability of eCommerce as a long-term business enterprise. More importantly though, if customers lose confidence in the ability to conduct business safely and expediently at these sites, those customers will go elsewhere. Lost customers are unmistakably the death knell for Internet enterprises. The discussion could go on and on with examples, but you get the message. Operating in the Internet economy is risky indeed. So what can be done about it? That is the purpose of this book. Enterprise Security: The Manager's Defense Guide is a comprehensive guide for handling risks and security threats to your internal network as you pursue eBusiness opportunities. Network security, which factors in open access to the enterprise's information assets, is eBusiness security. Open access allows online transactions to incorporate critical information for customers, suppliers, and partners no matter who they are or where they are. eBusiness security is an extension of the security provided by firewalls and virtual private networks (VPNs) integrated with risk management, vulnerability assessment, intrusion detection, content management, and attack prevention. In intranets and extranets and servers in the demilitarized zone (DMZ), firewalls protect the information assets behind its walls. When information is in transit via the Internet, firewalls hand-off protection of transactions to VPNs. But when information assets are residing behind the perimeter of firewalls or not in transit how do you protect them? That's the domain of eSecurity. eSecurity solutions factor in scanning technologies to actively police operating systems, applications and network devices for vulnerabilities in the infrastructure needed to both process, maintain and store the enterprise's information assets. In other words, eSecurity solutions identify potential threats or security events, such as the denial of service kind and/or viruses. eSecurity also provides real-time scanning to detect in-progress port scans or intruders looking for an unsecured Window or door to gain illegal access into your network. After detection, eSecurity solutions facilitate corrective or preventative action before the attack can be launched without disruption to the network. eSecurity also provides a framework for surviving an attack in progress. This book also provides a detailed conceptual review of the most popular detection, assessment, hardening techniques, and real-time security systems that can be integrated to provide lifecycle security solutions. In summary, this book will discuss a systematic process of protecting network information assets by eliminating and managing security threats and risks while doing business in the free society of the Internet. Why Enterprise Security: The Manager's Defense Guide It goes without saying that networks are complex systems and that providing the optimum level of network security has been particularly challenging to the IT community since the first PCs were attached to network cabling decades ago. Today, providing network security could be potentially overwhelming. The prospect of a business going online is so compelling primarily because of the pervasiveness of the Internet and the promised payoff of exponential returns. The technologies of the Internet are also a significant drawing card to the business community. The ability to present your information assets in multimedia views is hard to forego. Suddenly it seems that 3-D graphical views, graphics, animation, video and audio functionality, and low cost communication are the preferred methods of building brand loyalty from consumers or preferred vendor status with customers. It also provides partners and suppliers a strategic advantage if they are connected directly to critical information assets required for competitiveness and meeting business objectives. The technologies of the Internet also make it easy to collaborate through email messaging and workflow processes and to transfer huge amounts of information cost effectively. As easily as these technologies are embraced they are also criticized because of their inherent security problems. TCP/IP, though a communication's marvel, is inherently insecure. When the protocol was a design spec, the creators had no compelling reason to build in basic encryption schemes in the "free spirited" operating climate of the computing world when TCP/IP was conceived in 1967. Basic security could have possibly been built in at that time, setting the stage for other systems to be secure when spawned by the Internet decades later. Microsoft's tools and application systems such as Visual Basic, Outlook, Window's NT, and various office suites are forever being slammed by disappointed users for the company's apparent decisions to trade off security in order to be the first to market. Even Microsoft's security protocol PPTP (Point-to-Point Tunneling Protocol) for dial-up VPN tunneling was also fraught with security problems in the beginning. Even Sun Microsystems System's Java, a secure programming language for creating spectacular eBusiness applications, is not without its problems. And depending on security policy, many enterprises turn applets off in user browsers to prevent malicious code that may be attached to the applets from finding its way into systems when initially downloaded. Therefore, because of the inherent insecurities of web enabled technologies, the complexity of the functional aspects of networks, multiple operational layers and more importantly the skill of hackers, eSecurity must be inherently comprehensive. Consequently, this book reveals how security must be implemented and administered on multiple levels for effective network security. It systematically reviews the processes required to secure your system platform, applications, operating environment, processes, and communication links. Effective eSecurity must also address the application development tools used to develop your information assets consisting of applications, programs, data, remote procedures, and object calls that are integrated to present your intellectual capital through the dynamic multimedia world (virtual supply chain) of the global Inte…