| Return to Articles List
Reprinted From: The News Journal
Written By: Richard P. Sommer, CPA & Steven T. Martin
Just a few years ago, security was usually a minor concern when
businesses bought personal computers, because each PC stood alone.
With networks commonplace now, though, security considerations have
become critical.
One way to protect your system is to assure physical security.
Surge protectors and uninterrupted power supplies will protect
your system from electrical surges and provide backup in case
of a power loss. Only authorized personnel should have access
to the equipment.
Virus protection is equally important. There are thousands
of extremely talented people who write programs designed to
penetrate a computer system and spread onto other computers
via floppy disks, modem communication or network access. Most
of these programs are harmless although some virus programs
may distort, corrupt and delete entire volumes of data.
But there are ways to avoid virus penetration. Software programs
will scan your computer memory and disk drives for virus activity
and eliminate it. The key to staying virus free is to maintain
the most recent updates of the software because new viruses
pop up constantly.
On-line services, bulletin boards, e-mail services and the
Internet are other security concerns. For the user who calls
in to bulletin boards, the most important security issue is
making sure downloaded software is checked for viruses.
A new type of security called the firewall has arisen
out of increased crime on the Internet. a firewall is a program
with a high-security interface using state-of-the-art encryption
techniques designed to keep out even the most sophisticated
hackers.
The best protection, though, is to keep sensitive information
off the server or computer that allows outside connections.
Internal security is another matter.
It's usually handled by your computer network's administrator,
who can limit user access to particular volumes or file manipulation.
How will you know when your system has been violated? It's
hard to know whether someone has been inside your system unless
the guilty party lets you know or data turns up corrupted,
or is simply gone.
There have been instances of hackers getting inside financial
systems and moving monetary data around undetected for months.
The only way to find this kind of manipulation is by keeping
strong audit trails of data, generating exception reports
and reviewing this information on a regular basis. |
