Ask the Expert

Basics of implementing security on an intranet or hosted services

What are the basic steps of implementing security, in terms of your business intranet or hosted upon some service provider?

    Requires Free Membership to View

Today when corporations are turning to Web-based communication channels, the security issue should be one of the prime concerns. Unfortunately, this is not always true, especially when it comes to intranets. Studies have shown that a majority of the attacks originate from within the company. If you are the Intranet content owner, don't fall into the trap of believing that all is well because your intranet is protected by the corporate firewall. To come up with a good security model, you first need to answer some serious questions. The answers to these questions will work as basic steps towards security:

  • Identify what needs to be secured: Here you identify the content.
  • Distinguish between public and internal intellectual property information. This can further be divided into loose and sensitive information.
  • Identification of User groups
  • Access authorization and control procedures
  • Incident response, in case of misuse or attack
  • Backup procedure and disaster recovery
  • From a network security standpoint:

  • Never have a false sense of security. Consider this as the first and most important rule.
  • Have a well defined security policy
  • Never create too many pin holes in your firewall to allow access.
  • Use a good VPN solution to provide secure Intranet access to your remote clients.
  • At a bare minimum, encrypt the login process using SSL.
  • If the site is hosted at an ISP, make sure all the security guidelines are in place.

Let me know if you need more information .

-Puneet

This was first published in April 2002

There are Comments. Add yours.

 
TIP: Want to include a code block in your comment? Use <pre> or <code> tags around the desired text. Ex: <code>insert code</code>

REGISTER or login:

Forgot Password?
By submitting you agree to receive email from TechTarget and its partners. If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States. Privacy
Sort by: OldestNewest

Forgot Password?

No problem! Submit your e-mail address below. We'll send you an email containing your password.

Your password has been sent to: