The risks associated with the Internet are advertised every day by the trade and mainstream media. Whether it’s someone accessing your credit card numbers, prying into your legal troubles, or erasing your files, there’s a new scare every month about the (supposedly) private information someone can find out about you on the Internet. (Not to mention the perceived risk that you might happen upon some information that you find offensive, or that you might not want your children to see.)
For corporations, the risks are even more real and apparent. Stolen or deleted corporate data can adversely affect people’s livelihoods, and cost the company money. If a small company is robbed of its project files or customer database, it could put them out of business.
Since the Internet is a public network, you always risk having someone access any system you connect to it. It used to be that a system intruder would have to dial into your network to crack a system. This meant that they would have to find a phone number connected to a modem bank that would give them access, and risk the possibility of the line being traced. But if your corporate network is connected over the Internet and your security is lax, the system cracker might be able to access your network using any standard dial-up account from any ISP in the world. Even unsophisticated users can obtain and use automated “security check” tools to seek out holes in a company’s network. What’s worse is that, chances are, you’ll never know that it’s happening.
Before we put our private data out on the Internet, we’d better make sure a VPN is robust enough to protect it.
The first things that come to mind when you think of protection are the files on your networked computers: documents that contain your company’s future plans, spreadsheets that detail the financial analysis of a new product introduction, databases of your payroll and tax records, or even a security assessment of your network pointing out holes and problematic machinery. These files are a good starting point, but don’t forget about the other, less tangible assets that you connect to the Internet when you go online. These include the services that you grant your employees and customers, the computing resources that are available for use, and even your reputation. For instance, a security failure can cause your vendors’ email to bounce back to them, or prevent your users from making connections to other sites.
The easiest thing would be to isolate, tabulate, and lock down your private data. Well over half the data you manage and distribute might call for some sort of security. Just think, even something as innocuous as customer records and addresses could be used against you in a negative advertising campaign; this might hurt you far worse than a negative campaign aimed at a random slice of the population.
Unfortunately, in the client-server world of telecommuters, field sales agents, and home offices, it’s not so easy to keep all private data locked down in a single, protected area. The chief financial officer of a company may need to access financial information on the road, or a programmer working from home may need to access source code. VPNs help alleviate some of the worry of transmitting secure files outside of your network. In Chapter 2, we will examine possible threats to your network and data, and explore the technologies that VPNs use to avoid them.