dentifying Vulnerabilities in Networked Systems

Ghosts in the machine. Spooks in the hard drive. It’s natural to worry about everything that can go wrong with the computers we work with – all the more so if those computers are part of a networked system. The arrival of the Information Age means that increasing amounts of critical business information are stored in such systems.

Surprisingly, though, many otherwise technology-savvy organizations still have a long way to go on the road to implementing appropriate security measures. IBM Corp. studies have pointed out that, while 86 per cent of companies in a recent survey used firewalls, 85 per cent had deployed antivirus software, and 74 per cent employed authentication procedures. Only 63 per cent of those surveyed used encryption software, and fewer than 50 per cent used intrusion detection technologies.

Those statistics point to the reality of vulnerabilities in networked systems, and to the inevitability of serious data loss incidents. Since data is often mission-critical to the successful business organization, the consequences can be significant.

Regardless of the cause of a data loss incident, the common denominator to system downtime is the high cost incurred. A survey in 2000 of 450 Fortune 1000 companies by the consulting firm Find/SVP found that the average outage across industries lasted four hours, at a cost of (US)$330,000. According to the survey, a typical company experienced nine outages per year, resulting in annual losses of almost (US)$3 million (excluding the cost of lost employee productivity).

Clearly, identifying and dealing with vulnerabilities is of critical importance. The first step in preventing unauthorized access to the network is the use of intrusion-detection technology, which can be defined as applications which actively monitor operating systems and network traffic for attacks and security breaches.

Intrusion-detection technologies come in two flavours: host-based systems, which use agents, and network-based systems, which use passive monitors. Host-based systems, which take a proactive approach, are deployed in the same manner as virus scanners or network management solutions – an agent is installed on all the system’s servers and a management console is used for reporting. Network-based systems sniff incoming traffic, comparing live traffic patterns to internal lists of attack signatures. Each approach has its own strengths and weaknesses.

In most cases, the cost of an intrusion-detection system can be justified for its forensic value alone. If a system is compromised and the logs are tainted, intrusion-detection system logs may save administrators days of digging.

But there are important steps that should be taken even before network intrusion systems are put in place. They’re based on technologically-savvy preparedness and old-fashioned common sense. What’s required is a strong foundation that can realistically improve security without wasting resources on ineffective security measures.

An appropriate disaster recovery plan is a basic prerequisite – this should be an overall strategy that addresses the technical and organizational factors involving security. That plan should begin with a comprehensive risk assessment analysis of the network, so that acceptable risk levels to the system and the organization can be determined. The results of that risk assessment analysis can then be used to develop and implement a suitable set of security policies and procedures to be used in guiding individuals and workgroups in the organization in the event of a network disruption. That information will allow decisions to be made as to which products and tools will be required by the organization to implement its security policies and procedures.

It’s not enough to simply buy “off the shelf” security software and distribute it to the organization’s systems administrators. That software’s configuration and management need not be tied directly to the particular security policies and procedures of the organization.

Ensuring adequate and appropriate network security is a long-term investment. And it’s an ongoing process, because at no pint can an organization say that every network vulnerability has been dealt with. There’s simply no such thing as “100 per cent secure.” However, the use of suitable network intrusion technologies, built around a carefully thought out business and technical security policy, will do wonders to give peace of mind – and allow the organization to go on doing business as it should.

dentifying Vulnerabilities in Networked Systems Read More »

Glossary of Hard Disk Drive Terminology (Letter Y)

Year 2000 Problem, or Y2K
The risk that computers will be disabled or perform incorrectly if they read the two-digit abbreviation “00” to mean the year 1900 instead of the year 2000, as intended. The problem is said to have originated when early computer programmers abbreviated year dates to save storage space that was scarce and costly at the time. Western Digital hard drives are designed to be “Year 2000-compliant,” and the company’ suppliers are required to demonstrate that their WD-linked communications and products are compliant as well.

Glossary of Hard Disk Drive Terminology (Letter Y) Read More »

Glossary of Hard Disk Drive Terminology (Letter W)

WD Caviar®
The trade name for Western Digital’s line of hard drives for desktop personal computers.

WD Enterprise
The trade name for Western Digital’s line of enterprise hard drives.

Winchester Disk
Former code name for an early IBM hard disk model, sometimes still used to refer to the technology and design of most traditional hard drives.

Windows
Microsoft’s series of operating systems for personal computers. Currently popular versions are Windows 95 and Windows 98.

Word
Two bytes that are processed together in a single operation.

Workstation
A personal computer with exceptional capacity and performance capabilities for use mainly in engineering, design and audiovisual applications demanding immediate access to data and the ability to manipulate it in technically sophisticated ways.

Write
The recording of flux reversals onto the magnetic surface of a disk.

Write Cache
High speed RAM used to buffer data transfer from the host to the hard drive.

Write Verify
Immediately after writing data to the disk, a drive with the Write Verify feature will verify that it can read the data it just wrote to the disk to ensure that it will be able to retrieve it later. If the drive is unable to read the data, it writes it to another area of the disk, where it attempts to write verify it again.

Glossary of Hard Disk Drive Terminology (Letter W) Read More »

Scroll to Top