Preventing unauthorised access
In order to prevent intruders from causing damage, the organizations networks need to be secured. There are several preventive controls that can be implemented to help prevent unauthorized access.
It might seem that if companies do not connect their networks to the internet there will be no security problems. However ‘most corporate hacking to PLCs and HMIs on the plant floor comes from inside the firewall’ (Byres, 2004, pg. 32), meaning security issues exist even if the network is not connected to the internet as many employees try to gain unauthorized access to various parts of the network.
Therefore meaning security is needed on networks even if it is not connected to the internet. Two main types of security can be used here; passwords and physical security.
Passwords is a relatively easy and cheap form of security that can be implemented on a network, it also provides a good level of security as long as passwords are well kept by employees. With the use of passwords network managers can monitor the use of the network by its users by being able to see who logs in and where their logged in to, as well as what they have done. With more advanced technology network managers can also detect when and where there is an intruder and what the intruder has done. Fundamentally passwords will keep those who are not authorised away from restricted sections of the network, ultimately sustaining an adequate level of security.
Physical security is basically using physical means to prevent certain employees from using certain sections or computers on the network. This may include computers being kept in secure rooms with key card or identification security.
As organizations connect their networks to the internet, the risk of intruders rises dramatically as there are millions of users online; it also allows users from any part of the world to access your private network. This security issue is heightened as users within the network begin to access areas of the internet that are less secure. The most commonly used method to help prevent intruders and improve the security of the network when connected to the internet is the use of internet firewalls.
‘A firewall is a router or special-purpose computer that examines packets flowing into and out of a network and restricts access to the organisation’s network’ (Fitzgerald, 2002, p.316). Basically a firewall is capable of preventing intruders by determining what can and cannot be accessed by outsiders and those within the network. The firewall determines what services within the network can be accessed by others, and which outsiders are permitted to access inside services. It also is able to provide increased security and help regulate what employees do on the internet by determining what services the employees within the network can access on the internet.
For a firewall to be effective, all of the traffic going in and out of the network and the internet must pass through the firewall so that it can be inspected and then only allowing authorised traffic to pass. A firewall offers great benefits to a company at a relatively cheap cost if you were to compare the potential damage an intruder can cause; this can be seen from the examples given above from InformationWeek and the bank of America. A firewall also helps to simplify security management since network security is consolidated on the firewall systems rather than being distributed to every host in the entire network. Semeria (1996,p.2), who is a network engineer for 3Com, states that the greatest benefit of a firewall is that it ‘allows the network administrator to define a centralized choke point that keeps unauthorised users such as hackers, crackers, vandals and spies out of the protected network’. Basically saying that it offers a convenient point where internet security can be monitored.
Another advantage of using firewalls is that it is relatively cheap. However it can become expensive depending on the complexity and the number of systems required protecting. However more complex firewalls are used for larger businesses such as banks, and here the damage caused for not having a firewall can be enormous making the cost of the firewall somewhat acceptable. The price of a commercial firewall can be from anywhere between U.S$ 4000 and $ 30,000. These costs do not include the required ongoing support and maintenance of a firewall.
As with most things, firewalls have its limitations. A firewall simply regulates activity between the internet and the network and therefore cannot detect and prevent security breaches from within the network. Industrial espionage and other forms of information gathering within the network cannot be prevented by the use of a firewall; this includes employees or guest users within the network deliberately trying to disrupt the functions of the organisations computer systems.
Firewalls also do not provide enough protection against viruses; virus-infected files can be transferred into a network without notice which can cause many problems. ‘Since there are many different viruses, operating systems, and ways of encoding and compressing binary files, an internet firewall cannot be expected to accurately scan each and every file for potential viruses’ (Semeria,1996, p.3). Therefore a firewall should not be the sole use for protecting against intruders, but should be used along other forms of network security to provide a more secured network.
Another commonly used method of preventing unauthorised access is encryption. Encryption ‘is a means of disguising information by the use of mathematical rules known as algorithms’ (Fitzgerald, 2002, p.321). With an increasing amount of personal and business transactions occurring on the internet, the use of cryptography is essential to ensure privacy. With out encrypting data that is to be sent through the internet people can easily gain access to the personal data and also manipulate the intercepted data which can be disastrous from either a personal, business or national perspective.
Encryption is essentially the conversion of data into a form that cannot be easily understood by unauthorised people. This is fundamental for many organizations that wish to send data on the internet. A bank for example will need to encrypt the data it needs to send to another bank for maybe the cashing of a business check. If the bank was to never encrypt the data, people can intercept the message and gain private information that could ultimately cost the bank a lot of money. However, once the data is encrypted it will then need to be decrypted once it has reached the targeted bank.
‘Decryption is basically the process of converting the encrypted data back into its original form’(Siew Lin, 2004, p. 1). This must be done so that the receiver can understand the data that has been sent. With out going into to much detail how the entire process works, cryptography can only be done when there is a specific key or rule that allows data to be encrypted and decrypted properly. On computers this is mostly an algorithm that is capable of decrypting an encrypted algorithm. Therefore if only the sender and intended receiver have this key, unauthorised access to data is very unlikely.
The problem here is that, if given enough time other computers can be used to break the cipher. Major businesses and national organizations use very complex encryption algorithms to ensure that the data will not be intercepted and if it is that it would be very hard to break. However more complex algorithms become more expensive to use.
Encryption and Decryption is especially important nowadays as the use of wireless communications is taking off. ‘This is because wireless circuits are easier to tap than their hard-wired counter parts’ (Siew Lin, 2004, p. 1). Encryption should defiantly be used weather you are using wireless communications or not, some people are easily willing to gain access to sensitive information and transactions that you do on the internet, specifically with credit-card purchases.
Conclusion
Preventing unauthorised access to company information and computer networks is a vital part for any business, especially as businesses around the world rely heavily on computers. Computer hacking, industrial espionage and spies exit, and that is simply something businesses must deal with, and the risks of intruders increases as businesses become connected to the internet, connect to the internet constantly and as they begin to move into wireless communications. It is no longer an issue for managers to decide if security is needed, the issue is how much security is needed and what type of security is needed for their business and those that do not decide to secure their networks and information can face costs in the millions.
The common security methods have been outlined and discussed; this includes the use of passwords, physical security, firewalls and cryptography. Firewalls should be used as it acts as a gateway for networks connected to the internet and cryptography is a must in ensuring that the data is not intercepted and manipulated with. These forms of security controls offer protection but as most things are limited, although a lot of the limitations can be fixed it comes at a higher price.
Ultimately security is a must, and those who are reluctant to increase security measures due to high cost will eventually pay the price when security is breached, and as businesses become more dependent on computers and the internet a 24 hour collapse costing US $50 million will no longer seem extraordinary.
