ANY small and medium enterprises (SMEs) in Singapore are still surviving
on a single dial-up Internet account -- of the likes of abc@isp.com.sg -- where everyone
in a company uses just one account to surf the Web, do file downloads, and send/retrieve
e-mail.
The managing director, secretary, sales executive, and others may all use the same
Internet account -- this could lead to an Internet security nightmare for the firm.
Miscreants can easily access thousands of hacker Web sites out there that provide the
tools to hack into most Windows and Unix systems; Mac users are less susceptible since
their hard disk file systems are proprietary.
With such hacking tools, Trojan Horses (virus-like computer programs) can be easily
planted to intercept your Internet sessions (by pretending to be you), steal your
passwords and hijack your information while you are on-line, or even wreak havoc on your
hard disk.
An individual analog (modem) dial-up Internet user is not protected from malicious and
undesirable content on the Internet because he is in the public access area. This means
that the user is not protected by a firewall (a shield that protects a computer from being
hacked). As such, innocent users can attract e-mail spam, malicious viruses and unintended
software, and risk the security of the company, if he is on an unprotected corporate
network.
What can an individual user do to prevent this from happening?
* Change your passwords often, at least once in three months. In fact, Internet service
providers (ISPs) advise users to change their passwords regularly. However, those who use
one Internet account for the entire company may find this difficult to implement.
* Check your Web-browser, file transfer and e-mail software preferences and settings to
ensure that you have the highest level of security. For example, if you don't configure
your Web-browser to protect against ActiveX components, some devious Web sites with
ActiveX components can download automatically to your hard disk and even wipe out your
existing data.
* If you are using a single Internet dial-up account for the entire company, change to
a network-based one with a router (hardware that manages data traffic) and firewall. The
best bet is to set up a Virtual Private Network (VPN), which protects every user on the
network, as well as remote access users (including customers and suppliers). For example,
try Check Point Software's FireWall-1 and VPN-1 solutions. These are used by many
government undertakings, multinational companies and educational institutions. SMEs can
try a hardware router with a built-in firewall (like those from Ascend Communications or
Netopia Inc). However, such routers do not offer comprehensive protection and speed like
dedicated firewalls, but should suffice. For speed with reasonable protection, look for a
separate router and a hardware firewall such as the SonicWall.
* Don't be tempted by "free" content -- news, e-mail, software and so on. If
you are willing to take the risk, be ready for the consequences. Run anti-virus and other
hard disk protection utility software and keep updating it. Viruses and other malicious
content change faster than you think, and hackers are always one step ahead. Do not fall
prey to a false sense of economy.
As we move into the next millennium with the Internet establishing itself as the fabric
of communication, can you risk subscribing to a false sense of economy by sticking to a
cheap dial-up account, or should you move into a network set-up? Beyond hardware, are your
people educated enough to harness the power of the Internet without being tempted by the
psychedelic junk that litters the Web?
Copyright (c) 1991-1999 Seamus Phan
