Spotting e-burglars Wednesday 4 April 2001 PDF Print Ian Kilpatrick, managing director Wick Hill Group, looks at the latest breed of firewall reporting software and explains how it can help you improve security and get the best out of your bandwidth. All companies protect the physical security of their premises and would want to know if someone was trying to break in. When it comes to computer network security, where a company's key asset - its information - is at stake, it is just as important to protect yourself and to know if someone is trying to breach defences. Unfortunately, in this area, ignorance, ill-considered cost-saving and web naivety are the rule. Only 18% of web-connected businesses in the UK (DTI survey) have even bothered to install a firewall. The other 82% presumably are labouring under the bizarre belief that it will never happen to them. Consider this then. The odds of shooting your head off playing Russian Roulette are one in six, or around 17%. Most people would consider these pretty poor odds and wouldn't take the chance. The odds of having a corporate breach of security are 60% (DTI survey)! Is this really a risk businesses should be prepared to take? Firewalls for businesses of up to 5000 users range from œ500-œ5,000 and are available from many ISPs for a small monthly charge as part of their service .The cost of the average security breach is thousands of pound, covering disruption, checking for damage and the recovery process. On top of that you have the costs of increased insurance premiums and installing additional security measures. Security risks are internal as well as external. Internally, companies without proper protection are effectively leaving sensitive departmental doors open (human resources, finance etc) with the filing cabinets unlocked so anyone in the company has access to the information A firewall will provide both internal and external protection. If you haven't yet got one or more, you need to formulate a security policy first, apply it, install a firewall and then read on. In the past, the reports which were produced by firewalls were extremely complex and about as useful to IT personnel and senior managers as the government's snooping bill. Managers were unable to understand from the reports the nature of any security threats the firewall had been exposed to and the activity going through the firewall. Clearly, this is not an acceptable way to run a business. If you don't know how many times your firewall has detected inappropriate external scanning, security penetration attempts, denial of service attacks, or unauthorised out of hours access by staff, then you cannot adequately manage your security policies. It's the same as your security guard not telling you that someone had tried to break in into your building several times during a week. Most people would consider such an omission to be a serious dereliction of duty, possibly even endangering the continued existence of the company. There are, however, a number of tools now (such as WebTrends Firewall Suite) which produce easy-to-understand , visually interesting and helpful reports which clearly explain the incoming and outgoing activity on your firewall. This information has a range of benefits for both IT and business managers. The most obvious benefit is that you get a clear, exception-based picture of any security event on your network. So if someone has been trying to hack into your system once a month, once a week, every day or several times a day, you will know about it. Armed with this information, informed decisions can be made about how effective a security policy is. IT staff will have the information necessary to discuss with senior management whether the risks to the network are so high that it is necessary to increase security levels or incur additional cost. This makes such a tool very handy for budget negotiations. Security reporting gives IT staff the information they need to show management that security policies are working well. This information is also useful for the next stage of e-security - education. Management can use the information on security successes to reinforce security policies and remind staff of the benefits and importance of security. Another major benefit of firewall activity reporting is that they show how your extranet is performing. Reports will highlight heavy usage and when the busy periods are - so you may decide to limit web use to essential work at certain times of day. You may discover that a lot of people are downloading large files from the web and clogging up your bandwidth - so you may decide to make these available locally to cut down on web traffic. Information from the reports will also help you plan for more effective bandwidth use in the future. Finally, the reports will provide information on staff web activity, so you will be able to manage staff use of non work-related sites. In conclusion, easy-to-understand reports on firewall activity are essential for the successful implementation of security policies. They help to educate staff on the importance of security and reinforce the security message. Understanding the threats from inside and outside your organisation helps maintain security awareness. ENDS Wick Hill specialises in infrastructure solutions for e-business, with a heavy emphasis on security. Contact 01483 466500, e-mail email@example.com, web www.wickhill.com. For press information contact Annabelle Brown on 01483 466500, e-mail firstname.lastname@example.org This press release was distributed by ResponseSource Press Release Wire on behalf of Annabelle Brown in the following categories: Consumer Technology, Personal Finance, Business & Finance, Computing & Telecoms, for more information visit https://pressreleasewire.responsesource.com/about.