Every new operating
system starts out with a trial by fire. Its security is exposed to both
the rigors of the Internet and internal users. A good example is Windows
NT, a recent wave of attacks made the front page of USA Today. These
denial-of-service attacks point out that there are two security issues
involved. The first is the security architecture of the operating system
itself. The second is a combination of tools and procedures to keep
security levels acceptable.
NT is not Unix
While it is true that Windows NT security is well-designed, the product
is relatively immature and simply needs a few more years to achieve
the Unix type robustness. But if system administrators don't implement
NT security features correctly, apply the latest service packs, and
give NT the paranoia it requires to create a secure environment, security
will be compromised.
Security holes
NT comes out of the box in a trusting mode. The security holes that
were found by intruders are primarily caused by errors in the implementation
and in bugs in NT. That is where the trial by fire comes in. This last
year many of these bugs were exposed by hackers that in most cases simply
wanted to demonstrate they were smarter than Microsoft.
Redmond countered
with many post-SP 3 fixes that are downloadable from their WebSite.
But it does require an alert system administrator to keep up with these
changes. A great place to keep up-to-date is www.bugtraq.com.
Self Protection
If you do not follow Microsoft's security guidelines, and keep your
systems updated you exposure yourself to attacks from both outside and
inside. Protecting yourself is usually done by implementing two very
different strategies. First of these is internal policies geared to
protect the corporate data. These policies are known to be successful
actions and used by many organizations. An example would be to not have
passwords written on sticky notes. It is surprising though, how little
these policies are actually being used.
Security tools are needed
Companies that require tight security like insurance companies, banks
and government organizations would be helped by using Windows NT workstation
instead of Windows 95 for their workstations. NT (network) security
is a lot better, but in many cases need additional security tools to
batten down the hatches. Firewalls and Audit tools are really needed
to have a watertight security picture, combined with internally approved
and enforced security policies. These policies have to have full Top
Management backup, as without that they are doomed to fail.
Fill the holes now
Microsoft is continuously improving NT security, and in the coming Service
Pack 4, a new tool will see the light. It is called the Security Configuration
Editor (SCE) that will help to integrate the internal security policies.
The next major evolution of increased security will be NT 5.0 with its
Activity Directory enhancements. As we all now that will likely be next
year at the earliest.
Today, NT provides
acceptable basic security when administrators carefully deploy it and
keep up with the patches that come out on a regular basis. But this
alone is not enough. Security policies need to be established and enforced,
and third party tools still provide an essential link in the security
chain
Stu Sjouwerman, Exec Vice Pres.,
Sunbelt Software Distribution, Inc.
ntnews@gte.net
WebSite: http://www.sunbelt-software.com
