Today’s guest speaker was Roy Isbell, a very experienced computer and network security professional in both the public and private sectors. The theme of the presentation was computer attacks and their detection and prevention. The talk itself provided an interesting overview with some areas going into greater detail. The speaker himself came across as a charismatic, well-informed professional, delivering a good mix of knowledge and humour.
One aim of the presentation was to bring home both the severity and diversity of computer based security threats; virtually every aspect of our lives is at least partly managed by a computer of some variety and more and more of these are connecting to the world wide web. Whether it’s the computer systems that hold our money, keep supermarkets stocked or just our family photos on the home computer they all connect to the same worldwide network. So how can you keep control?
As a network administrator I know it can be tough enough to stay on top of even a small, single location network, and you must ensure all computers regularly have any vulnerabilities patched, old devices are removed when no longer in use and try to keep people from accidentally breaching your security measures. However, this is nothing in comparison to the threats you open yourself up to when connecting to the internet. Now that the world is on your network, the connected hardware, software and protocols vary vastly, as do the users. Not only are you trying to prevent accidental security breaches, but now you have to be far more aware of malicious attacks. But the most daunting aspect of connecting a network to the internet has to be that there are many people out there that know far more than you, and as network administrator it will be deemed your responsibility to fend them off. So how do you protect against such a potentially overwhelming threat?
The first instinct is to lock the door: don’t connect. I am aware of businesses that do this, running two networks – the “working network” where there product is produced and the “internet network” which acts as the gateway to the web for communication and reference. However, the more technologies you close off to your network, the more resources you deny. A big example of this would be remote access, a highly valuable asset to most firms, yet comes with equally high levels of threat if not managed effectively. Unfortunately security comes at a cost, so much so that it is not economically viable for a small company to implement many of the remote technologies with sufficient security to be sure that they are entirely safe from attack.
But how secure do you need to be? Technically you need to be secure enough to fend off your greatest threat. The size of that threat will depend on several aspects of your company: the value of the assets you are trying to secure, company size, fame, and ethics, just to name a few. Essentially, this boils down to how much of a target is your company? The bigger the target, the greater level of security you require. For example, at home you simply need a lock on your door, whereas a bank requires a vault. In order to assess yourself as a target you need to look at yourself from an outside perspective. Would you even be aware of your company if you didn’t work there? Are there any large rivals looking to gain that competitive edge? Does the company do to anything to antagonise any activist organisations? Essentially you need to perform a risk assessment, determining the damage and likelihood of each threat and cost to protect against them; the decision is likely to then be made by whoever controls the purse strings.
Although computer security is very much on the rise, security in general has been around a very long time. Security is not a new term; like many terms in computing they relate back to far older systems. In the title of the presentation “Computer & Network Security”, all three words predate the electronic computer of today, as do the issues. If it weren’t for undesirable traits in humanity we would not have locks on our doors and alarms on our cars; similarly we would not have firewall and antivirus software. Yet houses get broken into, cars get stolen and computers will still get hacked and infected, so in essence human nature is simply progressing alongside technology and until we can address ourselves, how can we expect to address Computer & Network Security?
As you can see the presentation left me contemplating these issues, answering a few questions while at the same time posing dozens more, as any good talk should.