In this article we
will focus on security towards the public Internet. If your company
utilizes the public Internet in any way shape or form then you are exposed
to risk of a very diverse nature.
no - this is not a “non-issue” for you Mac® users as a certain
manufacturer would like you to believe!
Internet is full of tools, toys and traps that are inadvertently invited
into your environment by the simple use of the services they provide.
“Cookies” are a very common and user platform independent threat.
Pop-up ads are a nuisance that keeps all employees from staying focused on
the task at hand and SPAM email is downloaded by Mac-based email programs
just the same as by PC-based ones. Viruses and Trojans may primarily
target the PC world but they, as well as internet worms, are getting
smarter and are starting to propagate via platform independent mechanisms
like Java classes and embedded browser functionality. And finally there is
the so called “phishing” (not a typo) for personal information by the
assailant utilizing official looking email solicitation to entice the
receiver to click a link and log into “your XYZ bank’s account”
re-directing the user to a look-alike dummy site that does nothing other
than collect their login and password information and display a
“temporarily unavailable” message.
only do you want to protect yourself from these attacks and distractions
but you also want to keep some control around the access to your local
data from the public Internet.
it this way: Would you openly publish your financial records for the
current year, including your bank account and security code for your
credit cards, by hanging them in your shop’s front window? – Probably
not. However, if you’re accessing the public Internet from a computer
with no password protection and no network Firewall, that is the
electronic equivalent of doing exactly such a posting.
protect yourself, you can apply a fairly simple principal: “I will deny
everything unless I explicitly allow it.” That’s what a firewall is
intended to do. It denies access to your company network from the public
Internet but it allows your network’s users to access what they need to
on the Internet.
Copyright (c) 2008 by In Scope-Solutions,