With all the serious security Internet hacking of government and privat corporations, I am a little surprised. Obviously the whole problem is foreseeable if people would just take a little thought about how to stop Internet hackers. Well apparently they haven't. I am no expert, but I have the answer and it is simple and a lot less expensive than what all these government and non government companies are doing.
The problem is that theses companies just have scaled up home computer security. They rely on better hackers securing their system against the other hackers. They rely on computer anti virus software to detect and quash attempts to invade their computers and their networks. And that is the problem, because a network is only as strong as its weakest link and all networks have week links. Weak because of old software, missed updates, old hardware and sloppy people. And you can try to prevent all that from happening, but it is next to impossible.
There is a simple clear solution. Actually a couple simple solutions on a theme. And my solution is to stop your network from connecting to the network. There are three ways that any company can do this, depending on the sensitivity of the business or information.
First:
For high security networks such as government income tax information, spy agencies, police forces and Research and development companies, have two networks, one that connects to the Internet and one that does not. If someone needs to work on the Internet, they use that computer and if they don't they work on that computer. If they need to transfer information from one computer to the next the data needs to be moved physically. The idea is to limit the hackers to hacking the public front and have the sensitive information locked behind a wall no hacker can hack across: physical space.
Second:
For medium security networks which are government and private companies and probably a number of banks that require Internet access to people's accounts and such, the one and a half networks approach. This is when you have one network split into two with a tiny computer network inbetween of two powerful computer s that specialize in fast data transfer. Each network has one part of the pair included in it. Every set period of time, a day or an hour or whatever the two computers isolate themselves from their networks and transfer updates and change sand when complete the computers sever the connection and rejoin their associated networks. This won't stop malicious software programs from invading computers, but it would stopp real time hackers from getting information. Both networks would require virus detection and prevention software, but the two connection captures would get the best of the best protection.
Third:
Low security or inexpensive networks. If your business thrives on the Internet and you can't do without a connection for all computers and you are low security, you are probably also not a target for hackers. Ofcourse you could make sure that your backup of your system is on a computer with no access to the Internet. All your most sensitive information could be kept off the server and away from prying eyes. Updates could be made when the business is closed and Internet access is shut off. Simple and inexpensive.
With the concerns of Sony Pictures in the news and past hackers stealing social insurance numbers I thought that these agencies should wake up and get a clue. A hacker can't hack a computer that is not on an accessible computer.
No comments:
Post a Comment