An Introduction to Client-Server Security

Jack Maynard

The explosion of companies rushing to connect to the Internet in recent years has encouraged information sharing like never before. In haste, some companies have neglected to consider the implications of exposing their businesses to potentially millions of outsiders. Some of these visitors will have less than honest intentions. Studies of computer crime show an ever-increasing growth in unauthorized penetrations (see Figure 1), resulting in a projected financial loss of billions of dollars per year (see Figure 2). How is it that these individuals are able to compromise the security of these sites? Computer security has been called a trade-off in convenience. The stronger the security measures, the more inconvenient it can be to use the system. However with the increasing industry focus on security, some managers are beginning to tighten up. This article examines high-level concerns to help you tighten security in your environment.

Security Perspective

Many information systems managers and system administrators cut their teeth in a different era. In those days, security meant locking the door to the data center. The network consisted of a mainframe with some serial terminals and printers all contained nicely in one room. You could literally guard the door and maintain effective security. Today's business networks of LANs and WANs can span the globe, calling for more sophisticated measures. Some administrators simply haven't caught up. If they have not experienced a major security-related loss, it may not be a high priority. Before a loss occurs, smart companies will take steps to strengthen their enterprise.

In the old westerns, bad guys always wore black hats. Today, it's not that simple. The bad guy could be an industrial spy, a disgruntled or bored employee, or a teenager down the street. Each of these individuals has a different motivation for potentially c