The worst threat against your computer files and databases may be an employee or contractor with legitimate access. It's a lot easier for someone on the inside to copy sensitive information to a disk than it is to penetrate a firewall. Use these precautions with everyone from clients and employees to contractors:
- Watch your back. Exercise due caution when allowing employees and contractors access to your network. Pay attention to their actions. Are they copying files to a disk? Having secretive telephone conversations or sending confidential faxes? They may be stealing company information. Don't get paranoid, but don't get lackadaisical either.
- Whom do you trust? Sometimes, it may be a dishonest customer who tries to get the upper hand. "In January of last year, we found our server was hanging unexpectedly," says Dan Arndt, sales director and VPO for Rockliffe Systems Inc., an Internet-based e-mail software developing company that recently moved out of founder John Davies' home to new headquarters in San Jose, California. "We learned that certain hacking attempts on Microsoft servers could cause this. We upgraded the server but couldn't determine the types of attacks and where they were coming from. [Later,] we got involved with the beta testing of a product called BlackICE."
Greg Gilliom, president and CEO of NetworkICE, the company that created BlackICE, says of the software, "If you have any valuable information on your server and someone tries to break in and get it, you'll know about it and BlackICE blocks the attempt." The program runs in the background, logging intrusion attempts along with identification information, while providing a customizable firewall for sites that allow database information retrieval by site visitors. By setting the software to a "paranoid" access level, for instance, all attempts to access the server that don't fit into a pre-determined range are rejected. This allows your customers to spend money freely but keeps nosey crooks out.
After Rockliffe began running the product on its server, the hacker made another attack on the system. This time, the company was able to track the identity of the hacker, contact his Internet service provider and have his account closed. Probably the work of a stranger, right? Not according to Rockliffe owner John Davies. "We linked the hacker's domain name to his customer record in our database. I guess he really liked our software. He was trying to see if he could find any license keys."