Security: It's all a matter of priorities...

How much time and effort do you need to expend on ensuring adequate security for your computer systems?

To answer such a question, you need to assess the uses of the computer, the value of the physical machine and it's data, and the ease of access to the system, both physically and via the 'net.

Four common examples:

1. The game machine

This is the computer that is set up for playing Quake and Doom. It probably isn't networked and the only important data on the machine are your saved games.

Security threat: Neglible.

2. The home computer with a PPP link

Your home Linux box, complete with a dial-on-demand PPP connection to an ISP. This machine may store important files, such as copies of files from work.

Threats from the network are minimal, but the possibility of theft is very real.

Security threat: Minimal.

3. The ISP server

This may be a web, news or e-mail server (possibly all three!) that is permanently connected to the Internet. The machine may contain customer information such as client information, passwords, account details and even credit card billing details (stupid, but true).

The visibility of the ISP is bound to attract security problems from both customers and outside sources, including rival ISPs.

Security threat: High.

4. The corporate development machine

This may be a CAD system, containing the blueprints for the injection moulding of a new widget, or a software development machine containing the source code for the next must-have application.
Either way, the files on that computer could be worth millions of dollars.

Hopefully, the computer is not connected to the outside world, but may be on an internal network.

Systems like this are typically under threat from corporate espionage and disgruntled employees.

Security threat: Very high.

The bottom line

Assess the usage of your computer and the value of the data stored on that computer before deciding upon the level of security required.

  1. Is your computer easily accessed by other people?

  2. Does the computer need to be connected to a network?

  3. How much harm would be caused by people deleting, stealing or modifying files?

  4. If the computer was taken off-line by a security breach (eg. theft of the computer or rm -rf /, what effect would it have?

  5. What is the dollar value of your computer, in terms of hardware, software and time?

Home | Next