Chapter 14. Workstation Security

Previous page
Table of content
Next page
   

Workstations are the most common source of internal attacks on a corporate network. The obvious reason is there are more workstations on a network than any other type of device. A less obvious, but related , reason is users are generally not as concerned about security, nor are they sure what constitutes good network security practices.

Attacks originate from, or through, workstations because of lax file permissions, bad passwords, older software, installation of insecure software, and every administrator's favorite: opening viruses or worms sent via e-mail.

Because workstations are so prevalent in the network, it is crucial that workstation security policies be enforced and communicated to the users. The trick when communicating workstation security policies is to do it in plain language that even non-technical users can understand. Often, workstation security policies are developed and written by technical staff. There is nothing inherently wrong with this, but non-technical staff should review the policies and ensure they are readable. This is not to say that technical staff members are incapable of communicating clearly, but there is a difference between communicating with other technical staff and end users. Documentation provided to users may need to reflect this, although ideally , it should not because much of the responsibility for workstation security administration should be removed from the hands of the end users.

In this respect, there are really two aspects to workstation security:

  1. The steps taken by security and administrative staff to control the people who have workstation access, and what the people who have access can do

  2. The security steps that have to be followed by the workstation users

Again, the ideal situation is to eliminate as many of the security risks as possible at the administrative level and provide simpler, common sense guidelines to the workstation users.

This balance can be difficult to maintain, especially with users who are more technically advanced and determined to treat a corporate machine as if it were their own. Once again, this illustrates the importance of buy-in from senior management when implementing security policies. If the support for these policies is in place, it will make it much easier to enforce. Violation of these policies should have real consequences. [1] While playing the latest elf bowling game sent by a friend may seem harmless to Jack in accounting, the virus hidden in the software that takes out the entire network and takes three server administrators two days to clean up is not. [2]

[1] No, public floggings are not allowed.

[2] Yes, public flogging is really not allowed.

   

Previous page
Table of content
Next page
The Practice of Network Security. Deployment Strategies for Production Environments
The Practice of Network Security: Deployment Strategies for Production Environments
ISBN: 0130462233
EAN: 2147483647
Year: 2002
Pages: 131
Authors: Allan Liska
BUY ON AMAZON
FileMaker Pro 8: The Missing Manual
SQL Hacks
Microsoft Windows Server 2003(c) TCP/IP Protocols and Services (c) Technical Reference
Service-Oriented Architecture (SOA): Concepts, Technology, and Design
Oracle SQL*Plus: The Definitive Guide (Definitive Guides)
.NET-A Complete Development Cycle
flylib.com © 2008-2017.
If you may any questions please contact us: flylib@qtcs.net
Privacy policy