The rapid adoption of e-business by organizations globally in recent years has transformed the concept of the physical and logical boundaries of an organization. Although some industries, such as financial services, have been using private networks for many decades to connect trading partners electronically, the e-business revolution has seen two major changes emerge:
- Ubiquitous usage of intercompany networks across many industries to electronically integrate trading partners in new ways
- Emergence of large-scale usage of public networks, such as the Internet, for this intercompany connectivity
The use of networking technologies to integrate trading partners electronically brings many benefits, such as rapid access to information, improved communications, reduced costs, increased collaboration with business partners, improved customer service and an unprecedented ability to conduct electronic commerce.
It also, of course, presents organizations with a new set of security concerns. In the early days of the Internet, companies could simply put a strong barrier, known as a firewall, between their internal systems and networks and those of the hostile outside world.
With the deliberate and systematic integration of networks between organizations to facilitate electronic commerce and e-business, such simple solutions to security are no longer appropriate or possible. This book sets out to identify key security risks and best practice countermeasures for controlling the connection of proprietary enterprise networks to one or more external parties over private or public networks.
This book is the fourth technical reference guide in ISACA's e-Commerce Security series. The material in this book supports and supplements the other technical reference guides in the series, which deal with other aspects of information security in the context of e-commerce, and builds on the framework laid out in the ISACF publication e-Commerce Security-Enterprise Best Practices. It also provides a link to the issues associated with virtual private networks, addressed through the ISACF publication Virtual Private Networking-New Issues for Network Security.
Security responsibilities, along with key information assets to be protected, should be defined in a policy conforming to relevant standards. Identification and analysis of business risks provides the definition of what should be protected. The enterprise should address identified risks in an overall security strategy for the enterprise. The strategy should specify the types of controls to be implemented to reduce risk exposure to an acceptable level for the enterprise. The security policy and strategy are supported by detailed security standards procedures and architectures, which provide direction for configuration, monitoring and actions to be taken when security is breached. Policy, strategy, procedures and standards together form the top-down security model.
Every enterprise should have a comprehensive security architecture to protect its network and components. Perimeter security should be supported by a strong internal security foundation. Connections can be classified into trust levels and segmented into zones accordingly. Required protocols can be restricted to appropriate destinations. The design of these safe or demilitarized zones (DMZs) is a critical factor of defense-in-depth.
Operating systems should be secured by disabling standard services that are not required or by filtering specific services at a firewall. The system administrator should keep abreast of weaknesses and install patches or work-arounds, as they are made available. Use of unencrypted protocols should be avoided and effective virus protection software installed, including on external perimeters such as mail servers. Default privileged user accounts and passwords and guest accounts should be changed. Users should be allowed system access to only that which is required specifically for the performance of authorized tasks, and duties should be separated to reduce the risk of fraud. A warning message should appear when accessing the system remotely to deter hackers and for legal recourse against them. As well, routers, switches, firewalls, virtual private networks (VPNs) and intrusion detection systems (IDSs) are security components that should be evaluated and applied as independent layers for defense-in-depth along with an appropriate perimeter architecture.
To assess network security, a live test of the effectiveness of security defenses should be performed by mimicking the actions of actual attackers. This penetration testing requires the use of a scanning tool to determine access ports for an attacker and how far each connection will allow access. A penetration test can determine whether proper controls are in place or indicate any vulnerability to be addressed. It also can evaluate the enterprise's intrusion detection and response capability. Penetration testing should begin with a strategic planning process and have quality assurance built into testing procedures. Logical, objective test results with metrics should be communicated effectively to management and used to upgrade policies and procedures.
Perimeter security in today's electronic world involves complex architectures and continually emerging and evolving technologies. To ensure an organization has a secure external perimeter, all appropriate technologies must be evaluated. By following the basic fundamental design concepts, such as using the top-down security model to identify and evaluate security assets, applying the connection trust model to external connections and implementing a multiple trust zone architecture appropriate to the organization, a sound perimeter architecture should result.
Implementing the architecture by utilizing the various component technologies available today and adopting a defense-in-depth approach to the security of the external network perimeter will help to ensure the perimeter security of any network will be well protected.