| EUROPEAN INTERACTIVE DIRECTORIES |
INTRANET SECURITY
Security is not an issue that should hold companies back from utilising Intranets. A host of very
good solutions are now available. Companies setting up a good firewall and using passwords as well
as other simple measures should be safe from all but the most determined hacker.
The reality is that while the Internet is perceived as being insecure, it is in actual fact more
secure than the conventional telephone. Most people think nothing of holding confidential
conversations or giving their credit card information over the telephone. Few people will be brave
enough to transmit confidential information over the Internet. Internet e-mail, however, is split
into small parcels which are sent via different routes, and is therefore much harder to eavesdrop
than a telephone conversation which travels in a continuous stream along a single wire.
Simple security can be implemented using encryption. This needs to be transparent to the user or
they may forget to use it. For non-critical information, simple software encryption, such as
features available in Netscape Navigator or Netscape Commerce Server, is quite adequate.
Higher levels of security using software alone or special hardware keys can create a secure "tunnel"
direct from the sending application to the receiving application. Some businesses believe that
tunelling is safer than allowing staff to dial into the company's systems, because it is not
dependent on passwords and firewalls.
However, hacking is not the only security issue. A high percentage of damage caused to corporate
networks arises from mistakes and errors made by employees trying to get into the system. From this
two things would appear to be clear.
The first is that there is a need for detect and alert technologies that correlate persistent
behaviour patterns before the damage is done.
The second thing is that the need for proper training for staff cannot be over-emphasised and
would prove a wise investment, saving the company a great deal of trouble and money in the
medium to long term.
