 |  |  |  |  |  |  |  |
Help locking down access to client data from "outside" hacking.
 |
My situation is this:
I have a small business with 5 users. Each user can access our clients data from our internal file server. All users are running XP Professional, as is the server machine.
All of us require daily internet access, which is broadband cable behind a router. Each system is running a Security Suite with personal firewall.
What I need to do is be as certain as is "practically" possible that our clients data is not "compromised" from the outside ( via our broadband connection ).
What - if anything - should I add to this setup to be more secure from "outside" hacking?
All comments are certainly appreciated.
I have a small business with 5 users. Each user can access our clients data from our internal file server. All users are running XP Professional, as is the server machine.
All of us require daily internet access, which is broadband cable behind a router. Each system is running a Security Suite with personal firewall.
What I need to do is be as certain as is "practically" possible that our clients data is not "compromised" from the outside ( via our broadband connection ).
What - if anything - should I add to this setup to be more secure from "outside" hacking?
All comments are certainly appreciated.
•
•
Join Date: Apr 2006
Posts: 5,050
Reputation: 
Solved Threads: 331
•
•
•
•
Originally Posted by grindy
Each system is running a Security Suite with personal firewall.
What I need to do is be as certain as is "practically" possible that our clients data is not "compromised" from the outside ( via our broadband connection ).
What - if anything - should I add to this setup to be more secure from "outside" hacking?
- One Internet gateway firewall that's extremely secure, and all the other computers insecure. This is the most common model. Benefits of this model are that security updates only need to done on one system, disadvantages are that once the hacker is in, your whole system is compromised.
- Firewall is in place on main gateway, but firewalls are also installed on every network client machine. Benefits of this is that it's very secure, disadvantages are that it will become increasingly difficult to maintain security updates on all machine and still keep the network running.
Your router has a built-in firewall, so your router can double as an Internet gateway. However, you might want to consider getting a seperate Internet gateway machine (woud have 2 network cards, one connected to the Internet, and the other connected to the WAN port in the router) that all the data has to pass through before it gets to the router, if you find the router's built-in firewall to limited.
Hope this helps
"Technological progress is like an axe in the hands of a pathological criminal."
What kind of router are you using? Is it a cheapo LinkSys/D-Link/Netgear/etc or is it a more robust FIREWALL (Netopia/Cyberguard/etc.)? Do you have access controls in place? Do you allow VPN access into your network (so people can work from home)?
What KIND of data are you trying to protect? Do you fall under GLBA/SOX/HIPAA and are therefor required to meet government regulations for securing data access?
Do you have antivirus installed on all systems? What kind of spyware protection do you have? How are you preventing your inside users from downloading potentially harmful files from the Net that can initiate connections that bring in potentially unsafe content?
Some more details would help..
What KIND of data are you trying to protect? Do you fall under GLBA/SOX/HIPAA and are therefor required to meet government regulations for securing data access?
Do you have antivirus installed on all systems? What kind of spyware protection do you have? How are you preventing your inside users from downloading potentially harmful files from the Net that can initiate connections that bring in potentially unsafe content?
Some more details would help..
If you spend more on coffee than on IT security, you will be hacked.
What's more, you deserve to be hacked.
-- former White House cybersecurity czar Richard Clarke
What's more, you deserve to be hacked.
-- former White House cybersecurity czar Richard Clarke
|
Similar Threads
- 2nd SATA HDD - won't let me access "My Documents" (Storage)
- I have error in connection codefor coonect toMS access with OLEDB data source (VB.NET)
- Just another "Best Offer" Need for Help! (Viruses, Spyware and other Nasties)
- google "keyword" question (Search Engine Optimization)
- Hijacked Repeatedly "about:blank" - Please Help (Viruses, Spyware and other Nasties)
- Can't remove "about:blank" homepage. Please help. (Viruses, Spyware and other Nasties)
Other Threads in the Network Security Forum
- Previous Thread: Re: How do you bypass school/corporate internate filters
- Next Thread: Local Area Connection Question
| Thread Tools | Search this Thread |
You need to join our community in order to build your list of favorite forums. You can visit the forum index for a listing of all forums.
Related Forum Features
Latest Network Security Posts
- Today's Posts
- Unanswered Threads
adobe advice antivirus apple banking blackhat botnet browser business china confidentiality crack crime cybercrime daniweb data database dataloss dataprotection development email emailretention encryption europe exploit facebook fail firefox flash forensic fraud gmail google government hack hacker hacking hardware hotmail idtheft information internet iphone kaspersky koobface law linux malware mcafee mckinnon microsoft military mobile music nasa nationalsecurity network networks news obama password passwords paypal pentagon phishing php politics privacy realplayer report research review sans satnav scam school search security skype socialnetworking software spam sqlinjection survey symantec symbian terrorism terrorist theft trends trojan twitter uk usb virus vulnerability web worm yahoo zeroday