Corporations Need Protection from Intrusions and Viruses
By Alan Fedeli and Steven Rosenblatt
Whether or not you’re a fan of the Internet, it’s a fact of life that can’t be ignored. Every day brings announcements of new functions, more players and emerging opportunities. Some experts have gone so far as to predict that the Internet will be the single most important factor in the world economy.
Analysts predict that by the year 2000 some $11.5 billion in annual transactions will be conducted via global electronic commerce. Already some three-quarters of large and midsize companies have World Wide Web or Internet access. And with an average of 100 new World Wide Web servers going on-line each day, the “information superhighway” is fast becoming one of society’s most pervasive forces.
Yet along with its promise and vast potential, this “network of networks” poses significant security risks from intrusions and viruses through unprotected connections. Corporate resources may be at risk from corporate spies stealing information or thieves modifying records for financial gain. Viruses can interfere with the workings of the networks and systems, even bring them to a halt. Data segments may be erased, programs disabled and gigabytes of data wiped out. Recovery may be complicated and costly. Days, weeks, years of work, can be lost.
The Carnegie Mellon University Software Engineering Institute (CMU/SEI) in Pittsburgh, a clearing house for Internet security episodes, had reports of nearly 3,000 Internet break-ins in 1995. According to a survey initiated by the Senate’s Permanent Investigations Subcommittee, major banks and other large corporations incurred an estimated $800 million loss last year because of hacker intrusions into their computer systems.
Businesses are concerned about the security risks and rightly so. Internet security cannot be taken for granted. The good news is that there is hardware, software, consulting and services to help companies secure their information technology. Vendors provide the expertise required to plan, design, implement and operate secure solutions for businesses. These offerings are designed to substantially reduce the risk to users involved in Internet access. Companies will be able to connect to the Internet with more confidence in the security and privacy of their transactions.
The offerings, ranging from firewall gateways to scanning tools to full function emergency response services, can address individual needs or provide total enterprise solutions to help companies secure their information technology.
Firewall gateways stand between a corporate network and the Internet acting as a traffic cop. Wanted transmissions are permitted, dangerous transmissions are rejected or blocked.
Emergency response services augment a company’s expertise in Internet security to avoid intrusion emergencies, and usually include, a computer emergency response team or CERT, which responds in the event of a break-in.
CERTS had their roots at Carnegie Mellon’s SEI in 1989 in the wake of the Robert Tappan Morris worm. The CMU CERT broadly assisted Internet sites to defend themselves against intrusions and capture statistics on the nature and number of attacks, akin to the Centers for Disease Control in Atlanta. However, as those with malicious intent became increasingly more persistent and sophisticated in attacking Internet vulnerabilities, it became evident that every institution would benefit from its own CERT in addition to a central clearing house.
For example, IBM created its internal CERT in 1989 and has dealt with intrusion attempts and virus incidents for eight years. IBM’s Emergency Response Service for customers, initiated last year, offers incident management, periodic electronic verification, tailored alerts and workshops to provide full-time intrusion detection expertise.
The subscription service is intended for major corporations who are connecting their internal networks to the Internet. These companies choose to retain the privacy and security of their corporate networks, while capitalizing on the value of accessing the more open Internet. The external ERS gives the company the depth of experience from a team that deals with Internet intrusions daily. All incidents are treated as strictly confidential.
As more and more users access the Internet and other global networks, the possibility of acquiring a computer virus is greater. Computer viruses have become an ongoing, worldwide problem. In most cases, their origin is unknown. There are now more than 8,000 known computer viruses; that number is increasing by three to five new viruses every day. An enormous range and variety of products and services are now available that provide an anti-virus solution for companies.
IBM Anti-Virus software, for example, offers both a Desktop and Enterprise Edition that provide support for multiple operating systems.
The products mentioned briefly here and others, too numerous to mention, help to ensure that a business will continue to run without disruption. Companies of all sizes can feel more confident about opening up their businesses to the world of global computing without opening the door to disaster.
Alan Fedeli is manager of IBM’s worldwide computer emergency response team. Steven Rosenblatt is worldwide segment manager for IBM AntiVirus.
This article adapted from Vol. 9#3.
DR World Main Index | Return to DRJ's Homepage
Disaster Recovery World© 1999, and Disaster Recovery Journal©
1999, are copyrighted by Systems Support, Inc. All rights reserved. Reproduction in whole or
part is prohibited without the express written permission form Systems Support, Inc.