Seattle.internet.com recently caught up with security expert Ric Steingberger to get the latest on what it takes to keep your business secure.
Steinberger is currently responsible for the management, technical oversight, and future direction of NetRadarEWS at Seattle-based Security Portal.
Ric has worked for nearly 20 years as a software engineer developing complex applications in speech recognition, active noise control, client-server design, programming of data acquisition systems, system and network administration for Unix and VMS computers, and computer and network
Seattle.internet.com: Security has to be a top priority for businesses operating on the Internet. What is the most important thing online entrepreneurs should consider in regards to security?
Ric Steingberger: It’s basically coming up with an effective set of measures to ensure that the appropriate people get access to the resources they need access to and inappropriate people, that is attackers and untrustworthy insiders, do not.
Seattle.internet.com: Is there a surefire way to accomplish this?
Ric Steingberger: Nothing in computer science is 100%, but you can get very close to it. Depending on what type of company you are and how much effort you put into it, you can get a fair amount closer than other companies. As far as loss of confidential information, details like that are notoriously hard to get a hold of. It’s only when something leaks out, or when they just can’t prevent it anymore and they have to call in the FBI.
Seattle.internet.com: What are the ramifications for the companies of these high profile cases of security breaches, like the DoS attacks at Microsoft a few weeks back?
Ric Steingberger: It has some pretty bad ramifications. The problem is this: there are a number of people in the country and in the world that understand the Internet pretty well, and know that while this was a bad thing to happen and it isn’t the end of the world. Most people when they see stories in their local paper about Microsoft sites getting attacked have a hard time understanding what that means and what went on unless they have a decent technology background, which most people don’t. Therefore, it would be very easy to draw the conclusion that, in fact, “wow, if Microsoft is vulnerable to attack, I sure as heck don’t want to put my credit card number into any system and buy anything.”
Seattle.internet.com: What kind of threat do virus attacks pose to online businesses?
Ric Steingberger: Viruses don’t have to be a serious problem, and by in large are a fact of life that aren’t likely to go away soon in the computer world any more than likely to go away in the medical world, but they don’t have to be terrible. By reasonable methods of prevention and response, companies can really limit the damage significantly.
Seattle.internet.com: What kind of reasonable methods should people be taking?
Ric Steingberger: Reasonable preparations includes having up-to-date anti-virus software on everyone’s computer, includes having virus and content filtering software at least on the mail servers, and some places actually put content filtering software right on their firewalls.
Seattle.internet.com: What kind of protections can that provide?
Ric Steingberger: For instance, if employees go out and visit web sites and download something that some piece of software inspects that download to make sure that there’s no dangerous content, like viruses in it.
Seattle.internet.com: Is there anything else businesses can do to further protect themselves?
Ric Steingberger: Another thing that companies can do is have emergency response teams in place, so that when it becomes apparent that some kind of virus has in fact worked its way into the system, that they have people who are trained t
o deal with it and know what to do, and know how to get information out, and know how to essentially work out the problem.
Seattle.internet.com: A lot of the viruses that go around now are simply people proving their programming skills and taking pride in being able to beat the system. Will the future see viruses becoming a method of terrorism?
Ric Steingberger: There’s a fair amount of info war already going on between the Israelis and the Palestinians, bringing down each other’s Web sites. We’ve seen some of it in the war in Yugoslavia a couple of years ago. It is going on today already at relatively modest levels, in that the Palestinians and other radical groups have been reasonably content to just attack not the whole world, but just that very small portion of the world that they consider their enemies. Whether this is going to spread to a much larger scope really is unknown, but it would be pretty difficult for any group to carry it off. There are just too many things that they would need to overcome.