Mon, 14 Apr 2003

'System logical security', as vital as physical one

Zatni Arbi, Columnist, Jakarta,

We know that businesses and other types of organization have to secure their systems and infrastructure. We know that they have to physically protect their data centers where their servers, switches and routers are kept. We also know that each of the PCs should be secured with padlocks so nobody can open the housing and steal the hard disk.

We also know that information systems should be protected from viruses, hackers' and crackers' attacks. Even a home PC needs a firewall, particularly if it is hooked to the Internet via a broadband connection 24 hours a day. A firewall is a piece of software -- or a collection of software -- that acts like palace guards that keep unwanted guests away. The firewall sits in the so-termed gateway server, which is located on the border between a private network and the Internet.

What I have just learned is that the complete set of system protections based on software is called the "logical security". Frankly, I found it logical to call the other type of security "physical", as it relies on physical means to secure the physical systems. I just could not see the logic in calling the software- based security logical, as we certainly need to be just as logical in implementing physical security.

Now, have I succeeded in leaving you as confused as I am? Name games aside, it turns out that logical security is already an accepted term in the industry. In fact, it has been recognized that logical security is just as important as physical security. Usually, an IT manager does not have much problem in implementing physical security -- a lockable door, server racks with locks, etc. However, convincing the company's board of directors to approve an investment in logical security for their e-business systems usually turns out to be a grueling task, because, unlike physical security measures, logical protection is not visible to the naked eye.

* Threats

Information technology can make businesses far more efficient. At the same time, it also exposes them to multiple threats. We have mentioned viruses and hacker attacks as examples of invisible threats. Others include manholes, or the "back doors" that a system developer may leave open, either deliberately or innocently.

The first step in the enforcement of logical security is a process known as the hardening of the operating system. This involves removing all the software tools and utilities that are not used, setting to off all unnecessary administrative options and activating, as well as optimizing, all the built-in security features.

For example, if you are running Windows XP on the PC that serves as your Internet gateway, you can activate the built-in firewall to reduce the possibility that a computer hacker somewhere on the Internet will have access to your computer and do various things -- including using your machine to launch prescheduled and concerted Denial of Service (DoS) attacks to push another computer system to its knees.

However, just as protecting your computer from viruses is a never-ending effort, so is securing a system logically. While viruses give companies like McAfee, Symantec and Trend Micro a lot of business, the threats that we have been talking about have also enabled companies, such as Check Point, TrueSecure, Internet Security Services (ISS), Computer Associates and so many others, to flourish. They build their business based on the fact that no operating system and third-party protection can be 100 percent tamper-proof, 100 percent of the time.

What do their products do? These companies will keep a continuously updated database of the threats that loom out there in cyberspace and provide the necessary fixes, patches, utilities, etc., to seal the doors that attackers can take advantage of.

* Check Point

Check Point is one of the rising stars in the area of Internet security, the others being AXENT Technologies, CyberGuard, Network Associates and, of course, Cisco Systems. In the past, logical security products used to be affordable only to large enterprises, but, since early last year, Check Point has offered products that are targeted to small businesses and SOHOs (Small Office Home Office) as well.

Among the products for this segment are a series of Firewall and VPN combos. VPN, or Virtual Private Network, is an industry term for a "tunnel" inside the public Internet cloud that provides authorized users with secure access to a company's private resources. There is what we call the intranet VPN, which allows employees to access company data from their home or hotel room, for example. We also have extranet VPN, which suppliers can use to place their orders and manage their inventory levels. A combined firewall and VPN will balance the openness of an organization's network and the privacy and integrity of its information assets.

At present, how are our small and medium enterprises embracing the issue of logical security? "In general, they still regard logical security as an investment that they can afford to postpone," said Agus Pracoyo, Channel Manager at PT Indocom Primanusa, the Indonesia distributor for Check Point and ISS. That is not very surprising, as we have not really left the difficult times behind us yet and neither have our IT budgets yet improved.