16.2 Evaluating Web Assets and Risks
In Chapter 7, we looked at the steps you could take to generate and implement an effective and enforceable security approach. Before you establish a web site, you need to consider the potential risks and benefits involved with hosting such a site. You will want to decide how secure your site really needs to be and how much it will cost, both in actual cash outlay for software and in the number of hours it will take to implement and maintain the degree of security you need to keep your site safe.
As with every area of computing, there are specific potential risks involved with hosting a web site. There are several different forms of losses to your computer system and Oracle database that could be suffered if someone manages to break into your system. Some of these risks are:
Loss of the operating system and its contents from a virus
Loss of data
Financial loss (if another company obtains data from your system, giving them a competitive edge)
Cost in both personnel effort during recovery and delay of access to data if damage occurs
Loss of personal (or personnel) privacy
An intranet can be either stand-alone or connected to the Internet. If your intranet is a stand-alone system, the risk of the system or database being compromised is potentially reduced. If your intranet is connected to the Internet, the risk is much greater. The larger the Internet to which you are connected, the greater the risk becomes. The Internet is very global and many of the sites offer information, trial copies of their software, and other free materials in the hope of gaining your business. Even Oracle Corporation offers trial software and other " goodies " from their web site.
You need to determine the type of information you plan to offer from your site and how much and what forms of access will be permitted to your database. The degree of sensitivity of the data that will be viewed must also be considered . Some sites offer two versions of their site one site is more secure than the other and offers much more privileged information. Other companies choose to incorporate different levels of access within one site through the use of password-protected areas.
Let's look at each of the potential losses more closely.
16.2.1 Viruses = disaster!
Ten years ago, the risk of a computer file containing a virus was very low. But over the past decade , more and more incidents of different and more harmful viruses have infected our sites. Like the flu, a virus can be mild and do little or no damage to your files or computer system. But a virus can wreak irreparable damage destroying the boot sectors of your hard drive or erasing all of the data in your system. One type of virus might replace a word in your document with another word or message just to let you know that your file has been compromised. Other types of viruses might scramble data or make information disappear completely.
There are now thousands of different types and strains of viruses to guard against. Viruses can now be passed from one system to another in Microsoft Word documents, or even through electronic mail, without the sender ever realizing that the file that was forwarded is infected. An article on the front page of The Washington Post Business section on Saturday, August 8, 1998, was titled "Flaws Found in 4th E-Mail Program" and subtitled "Hackers Could Hurt Some Eudora Users." The article discussed a security hole which has been identified in Microsoft Corporation's Outlook and Outlook Express, Netscape Communications Corporation's Communicator, and Qualcomm Inc.'s Eudora. The security hole "allows a hacker to create a `booby trap' with a file that comes attached to a message and looks like a harmless link to an Internet site, but when opened attacks data on the computer." The article stated that both Microsoft and Netscape are providing patches for their flaws on their web sites. Quoting from the article:
"Computer specialists said the problems highlight the risks involved as e-mail is used to send not just text messages but also rich multimedia documents and computer programs. Such transmissions can contain instructions that venture beyond the confines of the mail software, enabling hackers to spy on or destroy other files..."
You can unwittingly download a virus in a file from the Internet or from a floppy disk.
Viruses do their damage in a variety of ways. Some viruses are designed to enable the attacker to gain entrance to your system. The virus might be designed to help disable some aspect of system security to help the attacker to compromise your system. The virus might establish itself to gather password information and transmit it back to the originator, thereby giving an intruder access to files and data on your system or within your database. Other viruses are like time bombs set to go off at a later time or date.
You must realize that no matter what type of virus you end up dealing with, viruses can be spread either by accident or intentionally and can potentially do substantial damage. If you or your company have not already done so, you might want to invest in a really good virus detection package and pay to receive the monthly update software to help guard against the worst of these insidious attacks.
126.96.36.199 It was here just a minute ago...
There are really only two types of computer users in the world: those who have lost data and those who will. And, just as there are two types of computer users, there are two types of data loss: accidental and deliberate .
Loss of data can be the most damaging event with which you might have to cope. If a computer crashes, you may be delayed in performing work, but you can repair the damage fairly easily. You can buy new components to repair an existing system or even buy new equipment, depending on how severe a loss of hardware you face. If vendor software has been damaged, you can always reinstall the code and, if necessary, apply any required patches to bring your software back to where it was before the damage occurred. But replacing data that was stored in a database but has been deleted either accidentally or maliciously can be very difficult.
Accidental loss of data can encompass any action you might take to remove information from your system. A friend of ours was sure she was in a directory on her test machine when she began to delete files from the directory. Unfortunately, the directory from which she was deleting files was on her production machine. Accidents resulting in loss of data can be costly.
| || |
You can't necessarily prevent against every possible loss of data. But you can plan ahead so the loss of data does not cripple your organization. Frequent backups of your system, coupled with enabling archive logging, can help you recover from loss of data; although the process may not be easy or quick, careful planning can keep the loss from being a catastrophe.
Another way data can be lost is through files being deliberately deleted from your system or through a user intentionally deleting data from your database. As mentioned in Chapter 2, you should make sure that no one but authorized personnel have access to the system and database files within your operating system.
188.8.131.52 Loss of competitive edge
Corporate espionage can be ruinous to a business. Let's say that you own a construction company and you have the opportunity to bid on a job that will generate a great deal of income. You have labored night and day to determine exactly how you will implement the specifications and have carefully calculated how much the materials and labor will cost you to accomplish the task. You are almost ready to present your bid when your corporate computer is broken into and your proposal is either copied or removed from your system. Your competition for the job underbids you by just enough to win the contract. Not only have you lost the job, but you've lost the amount of time it took to create the proposal and all the resources you had invested in laying the groundwork to win the job. Unfortunately, this scenario happens far too frequently in the business world. Protecting your computers and databases is vital to ensure that your company is not compromised by either an internal or external corporate spy.
184.108.40.206 Where did the time go?
As we discussed in Chapter 12, you must balance the amount of time and effort you spend implementing backup procedures and resources with the amount of time and data your company can afford to lose. If you are supporting a web site on which the data supplied can be easily replaced , you will not have to take as costly measures as would a business offering much less easily replaceable data.
On the other hand, if your data must be available 24 hours a day, 7 days a week, you may need to build redundant systems, including stand-by databases, to support constant data availability.
220.127.116.11 Breach of privacy
In an ideal world, you should be able to trust everyone. Unfortunately, we do not live in an ideal world, and not everyone is as honest as we would like them to be. Each of us has areas of information we want to keep private from those with whom we do business. The threat to privacy is twofold: from the outside world and internal (as an employee).
If you are conducting commerce from your web site and require your customer to supply a credit card number in order to purchase goods or services, you have an obligation to your customers to treat their credit card information with complete confidentiality. While you, yourself, might be honest and above reproach, your employees might not be as trustworthy. You must be able to assure your customers that none of your employees will tamper with or misuse their information.
You also have an obligation to your employees to ensure that their private information is not compromised in any way. We have mentioned before that salary information is one area that is normally kept very private. How about medical records? You might suffer from a medical condition you might want to keep private from your work associates . You might have gone through a tough time with your spouse or loved one and sought out professional support to help you get through it. You might have participated in a program your company's medical policy paid for. Any of these situations could cause data to be entered into a database. Compromise of your personal medical information is a betrayal of your trust in your company to keep your records private.