Why Care About Security?
It is remarkably easy to gain unauthorized access to information in an
insecure networked environment, and it is hard to catch the intruders. Even if
users have nothing stored on their computer that they consider important, that
computer can be a "weak link", allowing unauthorized access to the
organization's systems and information.
Seemingly innocuous information can expose a computer system to compromise.
Information that intruders find useful includes which hardware and software are
being used, system configuration, type of network connections, phone numbers,
and access and authentication procedures. Security-related information can
enable unauthorized individuals to get access to important files and programs,
thus compromising the security of the system. Examples of important information
are passwords, access control files and keys, personnel information, and
Judging from CERT® Coordination Center (CERT/CC) data and the
computer abuse reported in the media, no one on the Internet is immune. Those
affected include banks and financial companies, insurance companies, brokerage
houses, consultants, government contractors, government agencies, hospitals and
medical laboratories, network service providers, utility companies, the textile
business, universities, and wholesale and retail trades.
The consequences of a break-in cover a broad range of possibilities: a minor
loss of time in recovering from the problem, a decrease in productivity, a
significant loss of money or staff-hours, a devastating loss of credibility or
market opportunity, a business no longer able to compete, legal liability, and
the loss of life.
Internet FAQ top