Team 12 Corporate Defenses

--Chris DuPuis 21:01, 23 October 2005 (PDT) This is just a list of items involved in defending corporate and financial networks. I will write up this section later, but, if you have anything to add, please do so here.

Network Security for Corporations

These are all supposed to be things that the DHS can recommend as policy for companies to adopt.

Firewall to keep out external intruders

- Co. should define policy listing services (specific servers and applications) that need to be accessible from outside the corporate network. (For example, most sites will require external web access to their web server.)

- Set firewall rules to refuse all other types of service requests from outside.

Firewall to keep out internal intruders

- Security isn't just a matter of outside=bad, inside=good.

- Issues include insider hacking, unauthorized access to sensitive information, and worm containment (keeping worms from spreading to other machines on the LAN).

- Also, the definition of "inside" and "outside" for the network gets fuzzy when factors such as laptops, wireless networks, and VPN access are added. Could a visitor with a laptop plug into your network and do bad things? Could someone sit in your parking lot and access your network wirelessly?

Server security for "internal" users - In order to grant access to anything outside of public services, you need to be sure of the identity of the user (authentication) and to verify his right to access the service (authorization).

- At the least, this means checking to see that users have strong passwords. There are tools available to do this automatically.

- Also, give serious consideration to adopting stronger methods of authentication, such as Kerberos, or two-factor authentication, in which one factor is something that the user knows (such as a password) and the other is something that the user has (like a "smart card").