What's the Password?
Used properly, password protection can keep the IT environment secure.
Given all the high-profile security breaches in recent weeks, business people are
rightfully concerned about the safety of their computers and data. Clearly, it's critical
that companies of all sizes develop a security policy and implement a variety of security
solutions -- from firewalls to virus protection.
It doesn't end there, however. A security system is only effective if used properly. And
one of the weak links is proper use of passwords.
According to researchers at the CERT Coordination Center, a Carnegie Mellon University
organization that collects reports on computer security problems, password theft is one
of the easiest ways for hackers to break in to a company computer. And the number of
password-based hacker attacks is growing steadily.
Of course, when used properly, passwords can shield applications from even the most
diligent and clever hackers. Security problems commonly associated with passwords actually
have less to do with passwords and more with how they are used. The biggest problem with
passwords is they are usually too easy to guess.
It's Not the Password ...
It's How You Use It
Understandably, people want passwords that are easy to remember -- and these usually are,
of course, easy to guess. Complicated passwords are hard to remember and, thus, hard to
guess. To avoid remembering difficult passwords, people typically write them down and put
them somewhere convenient. One mediocre snoop could gain unauthorized access with very
little effort.
If you can't remember a password and need to write it down, do so with a flair of
inventiveness. Keep passwords in address books and disguise them as addresses or telephone
numbers. For example, if your password is "Jonb2389," make up a fictitious entry such as
Jon Brown 555-2389 or Jon Brown 2389 Pennsylvania Avenue.
For Web site passwords, Netscape 3.0 and higher provides a place to stash passwords in
the bookmark's description field. First, go to Edit Bookmarks and right click the bookmark
where you wish to stash your password. Then select Bookmark Properties. Finally, enter
your user name and password, or a password hint, in the description box.
Quick Crackers
Hackers can crack a six-character password in less than 15 minutes, according to industry
analysts. Instead of using a single-word password, use a pass phrase that has specific
significance to the user -- for example, "All the world's a stage." Be sure to include
capital letters to further complicate matters for hackers -- All The World's A Stage or
ALL THE WORLD'S A STAGE or aLL the WorLD's a staGE, etc.
This method requires that password mechanisms be case-sensitive. Case-sensitive identification mechanisms read upper and lower case letters as separate characters, which significantly strengthens security. Phrases should range from 16 to 24 characters, and system administrators should set a default length to ensure passwords meet the minimum value.
Don't use the same password for different applications or purposes. By using the same password to check e-mail, access various applications and log in to the Internet at home, people are leaving the door open for hackers to come into their homes as well as their businesses.
By making all characters available for use in passwords, systems administrators can better their odds in the cyberwar against hackers. In addition to A-Z and 0-9, make other keyboard characters like (<*}^%) available. Such allowances stretch the scope of passwords and make available combinations, such as 5*4<50 (five times four is less than 50) or 10-6=four (10 minus six equals four).
Additionally, employ a lock-out command that locks users out after two or three failed login attempts. By limiting the number of tries a hacker can attempt, his/her chances of gaining unauthorized system access sharply diminishes.
Helping Hand for Hackers
Further muddying the reputation of passwords is the growing number of password-cracking programs available on the Web. The trick to overcoming these programs, such as L0phtcrack, John the Ripper or Password Appraiser, is all about size.
The more characters used in a password, the harder it is to crack through brute-force analysis or a dictionary attack, which occurs when an adversary uses an extensive list of words to guess a password. To thwart dictionary attacks, use a pass phrase with a misspelled word, such as "TuffasNails." Additionally, put password-cracking tools and dictionary attacks to good use testing your users' password choices.
The other prevalent problem with passwords is that users are required to remember too many of them and enter them too many times to gain access to various applications. Single sign-on (SSO) technology solves this issue.
The Single Sign-on Solution
SSO technology is making the IT environment a more secure and user-friendly place. Multiple sign-on procedures are riddled with inefficiencies, ranging from decreased user productivity to increased IT security risks, and have left many users looking for a more pragmatic alternative to multiple sign-on requirements.
After a user authenticates his or her identity at the beginning of a session, the user is transparently granted access to all permitted resources. No additional identification procedures are necessary.
SSO is based on two security sub-disciplines -- authentication and authorization. With authentication, a system verifies the user's identity. Authentication assesses precisely what a user is permitted to access and grants access only to those predefined areas. The bulk of SSOs centralize authentication, though more sophisticated SSOs can centralize authorization as well.
Passwords have garnered unfair criticism and skepticism. If properly employed and embellished with single sign-on technology, passwords are a viable security solution.
Copyright © 2000 by Adventure Publishing.
[ back to top ]
Inside Job
Get the most out of your network by creating a company intranet.
Networks are the backbone and communications channel of "new economy" organizations. The connectivity and ease with which information can be transferred across the company make the Sneaker 'Net -- walking diskettes from cube to cube -- a distant, tired memory.
However, file transfer and print services are just part of what a network can accomplish. The larger an organization gets, the harder it becomes to communicate. Information from all levels of the organization finds its way to the network, clogging e-mail boxes and reducing productivity.
Creating an intranet is the next stage in the growth of the company network. It increases communication while reducing network congestion and cost.
As an interior, company-only Web, an intranet functions just like the Internet and uses the same technologies. Any company that has a network probably has the basis for an intranet -- though the more sophisticated the Web, the more add-on software will be necessary.
With some effort from the IT department and a little help from product vendors, any company can create a company information site that will eliminate excessive e-mail traffic and enhance communication.
Build a Web?
An intranet is a secure, protected Web site that contains content designed for use by a company's employees or business partners.
Where once company training seminars might be advertised by posting a notice in the lunchroom, now these notices can be posted to the company intranet. Where employees used to call the human resource (HR) department with questions on benefits or insurance problems, the latest revisions of the employee handbook can now be posted online.
Emirates Airline is one example of an intranet as information hub. The national airline of the United Arab Emirates runs an internal travel department, which books travel for staff members on the company's aircraft as well as other airlines.
Employees were issued travel books that detailed discounts and eligibility requirements, but they weren't utilized. Staff preferred to call the Emirates travel department for explanations. This brought productivity to a slow crawl.
The solution to this problem was to post travel forms on an intranet so that employees could sign up for travel privileges from their desktops. Eligibility and conditions for travel were handled electronically, eliminating intervention from staff in most cases.
Web O' Pages
An intranet can be as plain as a few pages or as complex as the Internet itself. The site can contain basic functions, like calendars, schedules and reminders, or more complex applications, like collaboration or discussion groups. It can also be used for company mailing lists, which let employees receive just the information they need, reducing the bulk e-mail approach.
To create a basic Web site requires a knowledge of hypertext markup language (HTML) and some Java and common gateway interface (CGI) languages like Perl. While the most basic functions will run on servers that are already part of a basic network, adding functions like threaded discussion groups and mailing lists requires additional software.
A standard network is supported by a Web server, an e-mail server, and a file and print server -- but an intranet needs more. For threaded discussion groups, an intranet needs an application like Eshare or HyperThread. If subscription-style mailing lists are desired, software such as Majordomo or Listserv will be needed.
Getting Sophisticated
The most complex functions of an intranet deal with database queries and database search functions. This is done by encoding the structured query language (SQL) into the intranet pages. SQL allows users to access databases like Oracle, FoxPro and Microsoft Access.
An even more sophisticated feature of an intranet is the addition of a search engine, such as those from Infoseek and AltaVista. These search engines reside on the Web server and search the intranet -- keeping the results in-house -- or the Internet.
An example of an intranet that encompasses a large database is that of Kettering Medical Center. The doctors at Kettering can access the hospital's medical library and patient records through the hospital's intranet. When student physicians are presented with problems by teaching doctors, they can also access the medical library for instant clarification and concrete examples.
Web pages require knowledge of programming languages like HTML, Java and Perl, but organizing them into an intranet can also be complex. Products are available that can help organize the site and do some of the brute force coding. Some, like Microsoft Front Page, allow users to drag and drop objects to pages and are called "wysiwyg" for "what you see is what you get" editors.
These drag-and-drop tools can be somewhat comprehensive, but they contain some design limitations. More complex pages will call for tools like Allaire's HomeSite, which lets users write in HTML code and then check for page code integrity. Some contain wizards that keep hypertext links indexed and updated.
What Can Be Done With an Intranet?
There are many needs that can be met by a company intranet. All users, or just users of a certain group, can have controlled access to company files and work collaboratively, keeping information on the network and using it as a workgroup hub.
Security of transactions is assured by assigning passwords to all users, and the space can also be kept separate from the Internet at large to ensure complete privacy.
Departmental information can be posted to an intranet. Catalogs can be kept online for the sales department, and notices of updates can be posted to the company's intranet front page. The HR department can post notices of the newest changes to company policy and benefits to the front page as well. Messages concerning insurance and compensation for users or certain groups of users can be sent to that group's department page or to the individual.
Company e-mail can be brought under control as well. In many organizations, it's common practice to send bulk e-mails of all company events and notices. Using an intranet, general notices can be posted to a news page, and employees can read them as time permits.
For information that users want to see daily, mailing lists allow subscriptions that push that data to the user's e-mail box. This reduces e-mail saturation and reduces the amount of time spent deleting unwanted messages.
Staying Connected
Surfing for information has become an integral part of the wired corporation. Utilizing this facet of corporate culture to reduce printing costs and increase collaboration and communication is what an intranet is all about.
An intranet may be the most beneficial to those organizations that are segmented geographically. By utilizing the existing wired connection between locations, an intranet can keep the whole organization up to date with company-wide news and information.
For members of the new economy, surfing to the intranet may be the start and end of a productive working day. Creating an intranet spreads company news across an organization fast and targets individuals or groups within the organization with specific information.
With an intranet, communication is faster and more accurate across the organization without a bottleneck in the e-mail box.
Copyright © 2000 by Adventure Publishing.
[ back to top ]
ERP Is On Its Way
Enterprise resource planning vendors are moving out of the high end and into the mid-market with new product offerings.
Midsize businesses are getting a taste of what large businesses have long been enjoying -- enterprise resource planning (ERP). Among the first to target this market segment was Great Plains Software; however, high-end vendors such as SAP AG, Baan, J.D. Edwards and PeopleSoft are readjusting their aim.
According to AMR Research, the ERP market will grow from $20.2 billion in 1999 to $27.7 billion in 2000 and leap frog to $52 billion by 2002. With the mid-range market heating up, high-end ERP vendors are rushing to develop distribution channels and repackage their products to establish a foothold in this promising market.
Smaller vendors needn't feel too threatened; in this new market segment, no single company has a head start over another, according to AMR Research. Large ERP vendors maintain an enormous sales advantage over smaller companies at the high-end, regardless of the quality of products small companies offer.
AMR Research speculates that any of the dozens of $10-million to $50-million ERP vendors can beat "the big guys" in these smaller deals if their sales team executes well and they offer products and services that are better suited to the small manufacturer.
ERP ... Good and Good for You
According to industry research, companies can reduce inventory values by as much as 25 percent to 40 percent by implementing an integrated manufacturing resource planning software system. Resource planning software improves purchasing practices and customer service while reducing labor costs, scrap levels and carrying costs.
Recent polls indicate that most mid-market companies don't even know what ERP stands for. Those who do are anxious to capitalize on ERP applications to gain a competitive edge; however, knowing how to go about it is something altogether different.
Until recently, installing an ERP system was considered an enormously complex and expensive undertaking. International Data Corp. (IDC) says this commonly held perception just isn't so.
In a report titled "ERP Customers and Prospects 1999," IDC debunks claims that ERP is too expensive or takes too long to implement. Moreover, ERP vendors are working to change the image of ERP, making it more accessible to smaller companies.
In the long run, the benefits of an ERP system should outweigh the costs associated with implementation and maintenance.
The goal of ERP vendors hoping to cash in on this new market segment is to minimize customizations that can cause problems during deployments. Ideally, vendors will load as much of the code as possible before the solution arrives at its destination.
They can then set up the computing environment and test it before the customer does. By doing so, they eliminate many potential incompatibility snags.
Spanning the Plains
ERP systems link human resources, finance, inventory controls, order entry and data warehousing, helping companies push ahead of the pack. Great Plains Software is an ERP vendor that has established a stellar reputation for providing a competitive edge for companies with revenues from $10 million to $250 million.
"We have positioned Great Plains as a market leader because of the strength in both vision and execution of its pure mid-range strategy," according to the GartnerGroup, a leading research and consulting firm. "As the market has evolved, so has Great Plains, adding function and incrementing technology, while maintaining its service and distribution model."
Well-suited for the mid-market, Great Plains' solutions require little IT infrastructure. According to the company, some of its customers have very small in-house IT department, or none at all.
Based on Microsoft technology, Great Plains' enterprise applications are easier to install and operate, making the job of finding a consultant who understands the products a much easier one than hiring a considerably more expensive consultant necessary for big ERP systems.
"Given that services represent 55 percent to 70 percent of the total cost of an ERP implementation as compared to software licenses, which comprise 20 percent, this strategy appears at first view to be a viable one," said Nicole France, analyst at Dataquest.
Some Sage Advice
Another company on the leading edge of providing mid-market ERP applications is Sage Software. Providing ERP applications for the mid-market requires a new take on traditional ERP solutions -- a challenge Sage has successfully met with Envision ERP.
"Most ERP systems support multiple databases, such as SQL Server, Oracle and Sybase -- sacrificing software performance because the application interface has to be generic enough to work with each database," said William Henslee, president and founder of Haitek Solutions. "Envision ERP is optimized to harness the true power of the SQL server database, which is the leading database for the Windows NT platform. Envision ERP can scale from small 10-user implementations to large, worldwide projects -- something that other ERP products can not accomplish on Windows NT."
If making an investment in an ERP system is still beyond the financial and technological grasp of your company, Sun Microsystems has another interesting alternative -- an application hosting service that combines the strength of Sun, EDS and SAP.
This service allows companies to have the business benefits of ERP from industry leaders without the headaches of developing and managing it in-house.
"This service provides a number of important advantages to businesses that couldn't otherwise purchase or maintain a major enterprise resource planning solution," said Harry Tse, research director, Yankee Group. "The offering from this alliance has been well planned to provide mid-market companies with an ERP solution that meets their key considerations, including the need for system reliability, scalability and data security."
By implementing an ERP solution, mid-market companies can streamline operations through the integration of back-office applications.
Copyright © 2000 by Adventure Publishing.
[ back to top ]
Big Things in Small Packages
Network appliances bring versatility and power to small business networks.
Think a powerful network and impressive Internet presence are only for enterprise players who can afford to pay for an expensive system?
If so, you'd better think again. A growing number of highly functional, robust and affordable network appliances are making it possible for small businesses to get into the game.
The problem faced by small businesses looking either to establish or upgrade their networks is twofold. They often don't have the funds to spend on costly networking equipment -- equipment that usually is geared toward larger enterprises anyway. And, they frequently don't possess the technical expertise required to configure and administer their networks.
So what's a small business to do? The answer may very well lie in appliances -- compact, relatively inexpensive devices that can be plugged into an existing system to provide a range of functions from increased storage space and e-mail services to network security and Web publishing.
"The appliance industry has emerged as one of the most promising areas for delivering customer value beyond traditional computing," said Jean-Yves Chevallier, director of marketing at Microtest's Network Appliances and Storage.
What Makes an Appliance?
Network appliances are essentially small, specialized devices that can be set up quickly and easily to perform specific tasks, or when bundled together in a compact unit, to perform a range of tasks.
In order to be classified as a network appliance, a device must possess certain characteristics, according to Dataquest, an IT research and consulting firm.
First of all, appliances must have a minimal operating architecture, relying on operating system subsets rather than complete, proprietary operating systems. This allows appliances from file servers to firewalls to operate over a number of different platforms and even on mixed platforms.
They should also be quick to install. A reseller or other skilled technician can have one going in minutes.
Additionally, appliances must be simple to manage. Many rely on browser-based software for remote configuration and management -- ideal for small companies without a dedicated IT department.
Finally, they must be low-cost, with the total expense reflected both in initial price of the appliance and the cost of maintenance.
With these considerations in mind, many manufacturers have developed compact appliances aimed at the small to midsize business market, a market that is in the midst of explosive growth. The network attached storage (NAS) market alone is poised to climb as much as 500 percent this year, totaling more than $151 million, according to Dataquest. Growth should exceed $1.4 billion in two years.
What's Out There?
Among NAS appliances recently introduced was Microtest's FileZerver, a powerful Linux-based solution designed to be installed and configured within minutes. While many file storage systems have been developed for the enterprise market, FileZerver was created specifically to meet the demands of small to mid-range users.
"FileZerver is highly scalable," said Chevallier. "It provides users with a long-term solution to the rapidly growing need for file storage and management."
Some companies are now offering a range of appliances bundled together into compact units, making them, in effect, a network in a box. Cobalt's Qube 2 is just such a solution -- providing the components needed to help small businesses leverage Internet technology quickly and easily. The Qube comes configured with nearly everything a business needs to establish a powerful network, including storage, e-mail and Web publishing capabilities.
Steve Creek Toyota of San Jose, Calif. recently installed the Qube at its automobile dealership. The company, which had been experiencing support issues with its NT server, needed a solution that could create and publish Web pages, host e-mail, provide security, perform administration and facilitate internal communication. In a short time, the Qube had been installed as a dynamic host configuration protocol server (DHCP), intranet Web server and e-mail server.
Quantum's Snap Server is a file server appliance with versions that come with a range of options for network storage. Like the others in its class, Snap Server is designed to be installed and operating within minutes, supporting Microsoft, Novell, Apple and Unix networks simultaneously. Using Internet Explorer or Netscape browsers, the Snap Server can be accessed from anywhere on the network, supporting up to 100 users.
Flying Beyond, a San Jose, Calif.-based multimedia design company, employed Snap Server to run its network of 10 mixed-platform workstations. The company produces huge graphics files -- from 300MB to 600MB of multimedia per project -- and these files have to be archived for later retrieval.
"The day [it was installed], it just showed up on people's machines, and they could use it," said Justin Sturges, multimedia specialist at the firm. "It was easier than setting up an e-mail account. We dumped gigs of stuff on it, including videos and interactive games. The performance was so good, we even burned CDs right off it."
Intel also has jumped into the fray with InBusiness Small Office Network, its own network in a box. Targeted for small businesses, the appliance comes in two versions. The high-end variation is armed with a 466MHz processor and a 13GB hard drive.
On the security front, Check Point Software is offering its VPN-1 solution. With this appliance, organizations can deploy virtual private networks (VPNs) to protect the privacy and integrity of their business communications over the Internet. VPN-1 is also designed to protect internal network resources from external threats. The centralized management capability of the VPN-1 enables routing and network security to be managed from a single console.
Good, Fast, Affordable
Nearly all manufacturers offer different versions of their appliances, depending on the functionality desired. Some appliances come as cheaply as $499 and range up into the low thousands.
While they may be relatively inexpensive, appliances are also proving themselves to be robust and functional. Thanks to their ease of use, quick setup, low cost, ease of maintenance and, in some cases, scalability, they may be the network solution many small to midsize businesses are looking for.
Copyright © 2000 by Adventure Publishing.
[ back to top ]
Log On Without Wires
LANs come out of the closet.
After a slow start, the wireless LAN (WLAN) is gaining wider acceptance in companies of all sizes.
For the smaller company, WLANs offer the convenience of an instant network without the typical hard-wire issues, plus the portability of these network investments. For larger enterprises, the WLAN is being used for its productivity benefits from the shop floor to the executive boardroom. Advances in vendor device interoperability and more attractive pricing are making the WLAN a viable alternative to wired LANs.
WLAN users in the U.S. are expected to increase tenfold over the next five years, growing from 2.3 million in 1999 to 23 million in 2003, reports Cahners In-Stat Group, a high-tech market research firm. Cahners estimates more than 200,000 companies used WLAN technology in 1999.
"New low-end, more cost-effective WLAN products are attracting smaller customers for their first networks; and in larger firms, a growing number of remote/branch offices needing networks are considering wireless alternatives because they are portable," said Kneko Burney, director with Cahners In-Stat Group.
Radio-free Office
Wireless LANs use radio frequency to transmit network traffic across short distances, usually less than a few hundred feet. The WLAN is designed for use in a campus or building environment. The industry standard for WLAN is the Institute of Electrical and Electronics Engineers' (IEEE's) 802.11 standard, which allows for data transfer rates from 1Mbps to 11Mbps.
A typical WLAN configuration consists of access points and adapters. Access points are the transmitting/receiving devices that provide connectivity to wired LANs. Access points can also act as relays between other WLAN access points.
Adapters are transmitting/receiving devices installed in desktop PCs, portable PCs, peripheral devices or built into dedicated wireless devices, such as bar-code scanners. The adapter replaces the network interface cards (NICs) that connect wired LANs.
WLANs are relatively easy to implement, but they do require some configuration to maximize their potential. Most WLAN solutions include administration software to set up and perform diagnostics on the network, as well as add new access points and adapters from a central location.
Full of Potential
Although they have yet to replace traditional LANs, WLANs are growing in popularity for three basic reasons -- flexibility, mobility and ease of deployment.
With no wires needed, WLANs are ideal in small settings where extensive rewiring is either impractical or expensive. Companies that rent their office space or occupy non-traditional structures find that WLANs offer an alternative to running cables, digging trenches and purchasing office furnishings that can hide the network wiring from view.
Adding new workstations to a WLAN is a snap because they can be added without considering the location of wiring. This benefit is particularly appealing for creating short-term collaborative workgroups. However, the location of the access points and the adapter devices is still important, because while WLAN radio signals can penetrate most walls and objects, the fewer impediments the better. Moving a WLAN-enabled device even a few feet in any direction can significantly improve or deteriorate the rate of data transfer.
Network portability is also important, and a WLAN can enable a company to quickly reconfigure the network in another location in a matter of minutes. End-users are also given mobility with WLAN solutions -- employees can have access to all of their information regardless of where they are in the campus or building. Wireless solutions have proven themselves in areas where mobility is just as important as information access, such as healthcare, retail and warehouse environments.
Spectrum Perspectives
Because WLAN traffic travels through the air instead of closed wiring, some question its security. One of two basic technologies are used to ensure the secure delivery of WLAN traffic -- frequency hopping spread spectrum (FHSS) or direct sequence spread spectrum (DSSS). FHSS spreads the transmission across several radio frequencies in a pattern known only to the transmitter and receiver. Anyone trying to listen to the transmission only hears small parts of it.
DSSS is a technique whereby data is mixed with a much higher data-rate pseudo-random data stream. The resulting bit stream transmitted over radio frequencies consists of these pseudo-random bits, either transmitted as-is (indicating a data bit 1), or inverted (indicating a data bit 0). To a snoop this method results in garbled noise.
Adding encryption and access control to these techniques makes WLAN traffic just as safe as wired networks.
Until recently, wireless systems were just too expensive of an investment for most businesses. Lack of vendor interoperability and technology standards impeded the adoption of WLANs by all but the leading-edge companies. This is quickly changing with the adoption of the 802.11 standard last fall.
"Small businesses struggle with wired network connections, workstation moves and a lack of flexible network access to information, whether on their LAN or the Internet," said Ron Willis, senior vice president of sales and marketing for Aironet. "Products on the market just haven't met the bandwidth needs of small businesses at prices they could afford."
Aironet, a pioneer in wireless networking technology and products that was purchased by Cisco Systems last fall, and Lucent Technologies, a major manufacturer of telecommunications equipment, are leading the way in wireless development. Prices for their entry-level WLANs are approaching attractive levels -- especially for the creation of LANs from scratch. Access points are currently selling in the $1,000 to $1,500 range, while peripheral component interconnect or industry standard architecture cards are priced around $500 each; PC cards are even less. These costs are still more than traditional wired LAN hardware, but savings in setup and administration can make up the difference.
Industry analysts predict a surge in popularity for WLANs -- and for good reason. The technology is becoming more affordable and the performance compares favorably to wired networks. Toss in network portability, installation savings and increased productivity, and it's easy to see why companies of all sizes are going wireless.
Copyright © 2000 by Adventure Publishing.
[ back to top ]
A Little Inside Surfing
An intranet keeps employees informed.
Surfing the Web is fast becoming part of the culture of organizations both large and small. For many, connecting to the Internet for e-mail and news is the beginning of every business day. A survey by Middleberg + Associates, an online media and public relations firm, found that three out of four journalists use the Internet for research on a daily basis. Surfing the Web can also be used to gather company information.
While the Internet is the first thing most folks think of when they hear "Web browser," these same tools can also be used to communicate within an organization through an intranet.
Many companies communicate by sending out company e-mail, printing flyers and posting notices to the lunchroom bulletin board. When an organization reaches a certain size, however, the amount of information can become more than this rather informal system can handle. It can drive printing costs through the roof and flood users' e-mail accounts.
The solution to this information overload is an internal company Web or intranet. Intranet technology can both eliminate the bill for the printed materials as well as reduce the flow of e-mail across a company's network.
Who Needs It?
Any organization currently printing newsletters, employee handbooks, price lists and training guides is a candidate for an intranet. Companies that require close communication between users in multiple, connected company locations could also benefit. An interesting example is the Harvest Park Middle School in Pleasanton, Calif.
The students of teacher Bill Ragsdale's class were introduced to the Internet in a big way when Ragsdale brought a Cobalt Qube 2 to school. The teacher and his students used the Web server appliance to build a school Web site and intranet. Each student now has an e-mail address and a personal Web site.
The school project allows closer cooperation between teachers, students and parents by creating a secure online environment. Along with sending notices home with students, teachers can now e-mail news and information directly to students via the school's intranet.
Homework assignments are now available online, and absent students can e-mail completed homework to their teachers. Test scores can be sent to students via e-mail, and all school news and events are posted on the school's internal front page.
The Proof Is in the Bottom Line
For any organization that uses handbooks and other printed materials for communication, an intranet can reduce costs. Instead of printing handbooks for everyone in the organization, information can be posted once to the intranet with the same effect.
An intranet can also be the solution to the rising printing costs associated with newsletters and posted notices. Intranets can also reduce the overwhelming glut of e-mail many organizations face.
An intranet creates an inside system of communication that members of an organization can access using a common Web browser. General knowledge can be posted to the company-wide pages, while departmental issues can be handled among those members only. Communication on the network is confidential, and the outside Web is denied access using a firewall.
Surfing the Web has become a common method for gathering information. Intranets create a way for users to gather inside information -- surfing inside -- on a private network.
Copyright © 2000 by Adventure Publishing.
[ back to top ]
Help for Stolen Laptops
CyberAngel offers password protection and even helps track down stolen laptops.
There's nothing quite as frustrating as losing a word processing document or a spreadsheet file -- except losing your whole computer to theft. In a 1999 survey about computer crime, conducted by the Computer Security Institute and the Federal Bureau of Investigation, participating companies reported losses totaling $13 million from laptop theft alone.
Those figures are just the tip of the iceberg, analysts say, as most laptop computer thefts go unreported. Vendors have responded with a slew of gadgets and gizmos that address the issue of prevention, but few have tackled the problem of retrieval.
A new solution from Computer Sentry Software (CSS) promises to not only deter laptop theft, but also lets a stolen laptop call for help. CyberAngel is a software-only solution that resides on a laptop's hard drive and acts as a password protection deterrent. But if the laptop is stolen, it really goes into action.
The solution begins during the installation process, where the user is asked to enter contact information and passwords. The software then connects to CCS's Security Monitoring Center via the Internet and registers the computer, the user and the user's preference -- either fax or another e-mail address -- for notification in the event of unauthorized use.
The software is automatically loaded each time the computer is turned on, and the user must enter a password before using any application. If the password is not entered, or is entered incorrectly more than three times, CyberAngel assumes the computer has been stolen or someone is trying to gain unauthorized access.
The software turns off the modem speaker and silently attempts to connect to the Internet to notify the CSS Security Monitoring Center. If the computer is not connected to a telephone line or a network, it periodically retries to connect until it makes a successful connection. The software will automatically dial prefix numbers and will even work behind network firewalls.
When not attempting to contact the monitoring center, CyberAngel locks all of the computer's communication ports to prevent them from being used. The keyboard and mouse can also be locked, making the computer virtually useless and impossible to sell.
Once the monitoring center is contacted, CyberAngel reports the Internet Protocol address of the thief and the phone number from where the call was made, plus any physical address associated with the numbers. The center will then forward the information to the user by fax or e-mail for use by law enforcement officials.
If the authorized user accidentally forgets to enter the password or enters the wrong one, the system will lock down. However, the user only has to reboot the computer again and reattempt the password.
An advanced version of the software also utilizes encryption to protect files on the computer from being read by unauthorized users. It uses the same password access method to determine which files should be encrypted/decrypted.
In addition to the small office user, a network administrator can use CyberAngel to keep tabs on several laptops and desktop systems within a network and install the software remotely.
After making investments in laptops to mobilize yourself or your employees, make sure your company's information doesn't become too mobile. Developing a security policy for IT resources and enforcing it can help prevent loss. But a product like CyberAngel can go even further, helping recover the computer hardware and, more importantly, the business-critical data on it.
Copyright © 2000 by Adventure Publishing.
[ back to top ]
