February 23, 2005
NETWORKING / 10 STEPS TO A SAFER COMPUTER ENVIRONMENT

Rules for setting up an almost perfectly-secured LAN

by LOUIS MENTHON
Faultless network security remains as elusive as ever and it is nearly impossible to completely secure a LAN since a lot of factors come into the picture. I would say "network security is as strong as your weakest link." You will find below a list of non-exhaustive rules. I could have added certificates, VPN, biometrics, radius server, IDS, IPS plus other methods to harden and secure a network, but the subject is endless and space is limited.
Probably the weakest security link is the human factor. No matter how well-equipped you are, if your devices / software are not set correctly you will be in trouble.
My first five rules apply to any computer owner and the second five are in addition for small- or medium-sized enterprises.
Some IT managers would say that a perfectly secured PC is one that is turned-off, and I would agree with this. When you switch a PC on, the probability of losing your data will rise, even when not connected to the Internet, for the simple reason that hardware can fail any time. The hard disk is one of the weakest points of a PC and the possibility of your IDE/ATA hard drive falling apart is much greater than you might imagine. You might also delete a file by mistake. To be sure of not losing anything, you need to have a back-up for your data: DAT, DLT, AIT, CD, DVD, or other media.
Therefore, my rule number one is make a backup for/of your valuable data.
Just 15-20 years ago, the chances of being infected by a virus were rather low and few had access to the Internet, while people were using incompatible operating systems. The main source of contamination was the exchange of diskettes and pirated software. But now that most people use Microsoft Windows, viruses are spreading at the speed of light, and within half a day the entire world can be at risk. Viruses and worms are pieces of code that attach to a file and then replicate, usually arriving as executable files or macros although recently a virus was found in picture file (jpg). Some kinds of virus can be really destructive and having an antivirus program is mandatory and it must be frequently updated, or it is useless.