Digg this story   Add to del.icio.us  
Real Security is Tailored to Fit
Shane Coursen, 2001-10-21

Sometimes one good programmer is the best security solution.

The late hour and dimmed light setting made the programmer's eyes sting even more. He had been working on his creation for at least eleven hours now, with only a half-burnt pot of coffee and one too many vending machine cookies as sustenance. Yet it would be clear to anybody within eyeshot of the covert programmer that a large devilish grin had just spread across his face.

He was sure his was the only physical presence in the building. It didn't bother him too much -- the lack of audience. Fame wasn't what he was looking for. He was in it for the power.

Finally, the deed was done. He'd already tested the concept successfully on a small closed network, and now with two clicks of the mouse the program went out across the company intranet, locating, identifying and transforming documents...

Grinning, he shut down his computer, knowing his company's email server was once again void of potential macro virus Word document files.

Scenes like this are playing out around the globe, as more mid-sized and large corporations are learning that supplementing their commercial security software with proprietary, internally developed programs is often the best defense against the growing threat posed by Internet viruses and worms.

If applied properly, a software program or process 'tailored to fit' often results in the most efficient, well managed security of a network.

One company I know developed custom script code for one of its Internet-facing products that scans every email, and identifies and quarantines anything containing malformed code. In most cases the misshapen email is caught by commercial antivirus scanners. But in a few instances, it's the company's proprietary scripting that detects the threat first, and those cases made the custom development effort worthwhile.

At a large East Coast financial firm, in-house security gurus developed a custom process for purging the corporate LAN of old user accounts, belonging to former employees or long-gone contractors. The company looks at specially designed network usage reports that present a picture of who is using the various areas of the network, and how. Accounts with usage falling outside of a defined 'normal' are identified and inspected.

"That might seem simple, but is actually rather complicated and an issue many companies are struggling with," a company representative told me.

Indeed, the existence of obsolete user accounts presents tremendous housekeeping and security issues. From a security point of view, for somebody with the determination to do bad things, forgotten accounts provide for easy ports of entry. In some organizations, administrators spend hours each week locating and removing obsolete accounts.

The company representative continued on to say, "In addition to good housekeeping and security, our bottom line is also happy. We pay many of our software licenses by the number of user accounts we have active." In a world where projects start and finish and where users regularly move from one company department to another, keeping track of who is using what is an arduous task.

As you would expect, custom solutions arrive with a higher cost than commercial software. If you start a project like this, you have to be committed to its continued development and maintenance. For smaller enterprises, this is simply too demanding of a project.

However, developing a customized solution doesn't always require the financial resources of a large commercial software house or a Fortune 100 company. Many of the programming tools required to develop a program are already available in the Microsoft Office Suite, and other packages.

Sometimes all it takes is a single creative, motivated employee with idea on how to solve a problem, and eleven extra hours in which to code it.


Shane Coursen has worked in the field of antivirus research since 1992. He is currently CEO of WildList Organization International.
    Digg this story   Add to del.icio.us  
Comments Mode:


 

Privacy Statement
Copyright 2010, SecurityFocus