'System logical security', as vital as physical one

Mon, 14 Apr 2003, 00:00 WIB | Source: JP

Zatni Arbi, Columnist, Jakarta, zatni@cbn.net.id

We know that businesses and other types of organization have to
secure their systems and infrastructure. We know that they have
to physically protect their data centers where their servers,
switches and routers are kept. We also know that each of the PCs
should be secured with padlocks so nobody can open the housing
and steal the hard disk.

We also know that information systems should be protected from
viruses, hackers' and crackers' attacks. Even a home PC needs a
firewall, particularly if it is hooked to the Internet via a
broadband connection 24 hours a day. A firewall is a piece of
software -- or a collection of software -- that acts like palace
guards that keep unwanted guests away. The firewall sits in the
so-termed gateway server, which is located on the border between
a private network and the Internet.

What I have just learned is that the complete set of system
protections based on software is called the "logical security".
Frankly, I found it logical to call the other type of security
"physical", as it relies on physical means to secure the physical
systems. I just could not see the logic in calling the software-
based security logical, as we certainly need to be just as
logical in implementing physical security.

Now, have I succeeded in leaving you as confused as I am?
Name games aside, it turns out that logical security is already
an accepted term in the industry. In fact, it has been recognized
that logical security is just as important as physical security.
Usually, an IT manager does not have much problem in implementing
physical security -- a lockable door, server racks with locks,
etc. However, convincing the company's board of directors to
approve an investment in logical security for their e-business
systems usually turns out to be a grueling task, because, unlike
physical security measures, logical protection is not visible to
the naked eye.

* Threats

Information technology can make businesses far more efficient.
At the same time, it also exposes them to multiple threats. We
have mentioned viruses and hacker attacks as examples of
invisible threats. Others include manholes, or the "back doors"
that a system developer may leave open, either deliberately or
innocently.

The first step in the enforcement of logical security is a
process known as the hardening of the operating system. This
involves removing all the software tools and utilities that are
not used, setting to off all unnecessary administrative options
and activating, as well as optimizing, all the built-in security
features.

For example, if you are running Windows XP on the PC that
serves as your Internet gateway, you can activate the built-in
firewall to reduce the possibility that a computer hacker
somewhere on the Internet will have access to your computer and
do various things -- including using your machine to launch
prescheduled and concerted Denial of Service (DoS) attacks to
push another computer system to its knees.

However, just as protecting your computer from viruses is a
never-ending effort, so is securing a system logically. While
viruses give companies like McAfee, Symantec and Trend Micro a
lot of business, the threats that we have been talking about have
also enabled companies, such as Check Point, TrueSecure, Internet
Security Services (ISS), Computer Associates and so many others,
to flourish. They build their business based on the fact that no
operating system and third-party protection can be 100 percent
tamper-proof, 100 percent of the time.

What do their products do? These companies will keep a
continuously updated database of the threats that loom out there
in cyberspace and provide the necessary fixes, patches,
utilities, etc., to seal the doors that attackers can take
advantage of.

* Check Point

Check Point is one of the rising stars in the area of Internet
security, the others being AXENT Technologies, CyberGuard,
Network Associates and, of course, Cisco Systems. In the past,
logical security products used to be affordable only to large
enterprises, but, since early last year, Check Point has offered
products that are targeted to small businesses and SOHOs (Small
Office Home Office) as well.

Among the products for this segment are a series of Firewall
and VPN combos. VPN, or Virtual Private Network, is an industry
term for a "tunnel" inside the public Internet cloud that
provides authorized users with secure access to a company's
private resources. There is what we call the intranet VPN, which
allows employees to access company data from their home or hotel
room, for example. We also have extranet VPN, which suppliers can
use to place their orders and manage their inventory levels. A
combined firewall and VPN will balance the openness of an
organization's network and the privacy and integrity of its
information assets.

At present, how are our small and medium enterprises embracing
the issue of logical security? "In general, they still regard
logical security as an investment that they can afford to
postpone," said Agus Pracoyo, Channel Manager at PT Indocom
Primanusa, the Indonesia distributor for Check Point and ISS.
That is not very surprising, as we have not really left the
difficult times behind us yet and neither have our IT budgets yet
improved.

View JSON | Print