PREVIOUS PAGE • SUBSCRIBE TO THE NEWSLETTER • CLIENT LOGIN

Absolute security guaranteed!

I was talking with a friend and client the other day when he asked about my cable modem Internet connection. When you have a cable modem, your computer is on-line whenever it's powered.

"Aren't you worried about security?" he asked. I told him that I'm not, but I didn't tell him about my foolproof method for making any computer totally secure.

So many people seem to be worried about computer security, that I thought I'd explain that method here this month. You can make your computer 100% secure (with a confidence level of about 99.999%). Why the fudge factor? If an art thief can figure out how to steal a priceless art treasure from a guarded museum, a data thief can figure out how to steal your data no matter how secure it is.

But if you're really serious about making your data secure, here are 11 "easy" steps you can take:

1. Disconnect the computer from any network (intranet, local area network, and particularly the Internet).

2. Remove any network interface card from the computer.

3. Remove any serial ports or internal modem from the computer.

4. Remove any parallel ports from the computer.

5. Remove any USB ports from the computer.

6. Remove any Firewire ports from the computer.

7. Remove the floppy disk drive from the computer or disable it internally.

8. Position the computer inside a windowless room at the center of an RF-shielded building. To avoid break-ins, the room should be on a middle floor. The floor, walls, ceiling, and doors should be reinforced with quarter-inch stainless steel.

9. Place security cameras inside and outside the room, making certain that no camera shows what's on the monitor. Also avoid having any camera show what keys the user is pressing.

10. Station guards outside the room. The guards will be observed by the surveillance cameras, so to avoid collusion, the guards and those who view the surveillance video must not know each other. Ideally, those who view the output of the cameras should not know where the video is coming from - not even the city or state.

11. No more than one user may be in the room with the computer at any time. Arrival and departure times must be logged both by the video monitors and the guards. No user may carry anything into or out of the room.

Of course, this makes the computer somewhat less functional than it might otherwise be. Without serial, parallel, USB, or Firewire ports, the only way the computer can obtain input is from the keyboard or mouse; the only way the computer can produce output is on the screen. The user cannot bring files to the computer on a floppy disk or take files elsewhere to work on them. Information from the corporate intranet or LAN, or the Internet, will not be available.

Security, but at what cost?

This installation would be secure - unless somebody figured out how to bribe at least one guard and one video monitor, or impersonated a repair technician, or found a way to plant a bug that could transmit information from the computer to an outside receiver. That's why I left that 0.001% doubt in my confidence factor.

Anything that one human (or group of humans) devises to provide security, another human (or group of humans) can eventually defeat.

Omit any of the 11 steps shown above and you'll compromise security. Most of us omit them all because people don't do their best work when they're being watched by television monitors and guards. We also know that it's convenient to be able to print reports, that networked computers allow us to share data with co-workers, that the Internet is useful for gleaning information from around the world, and that RF-shielded rooms with metal-clad walls are expensive to build and maintain.

So we purposely create systems with security holes. We consider the risks reasonable for the ease-of-use benefits we receive.

Why you shouldn't worry

If you were a big-time computer crook who steals valuable data and sells it to the highest bidder, what computer would you try to crack? If a computer doesn't belong to the president of the United States, the chief scientist at a research and development firm, or a credit card processor, you'll have little interest in the data.

Remember what Willie Sutton, the infamous bank robber, said about why he robbed banks: That's where the money is! Data thieves are no less discerning. Not to demean the data on your PC, but why would anyone be interested in it?

Still concerned? If so, you need to check one important setting under Network in the Control Panel. Make sure you've not selected "share files and printers". This will eliminate most threats. Most!? Yes, there are other ways to get in, but the cracker who goes after an individual's PC isn't too bright to begin with and probably won't know the advanced tricks of the trade.

By now you've concluded that my suggested list of 11 steps to take if you want your computer to be secure are made tongue-in-cheek, but only a little. Each of these procedures is in use somewhere. Others include: Data encryption, removable hard drives that are stored in a safe when not in use, and more secure operating systems such as Unix (Linux) and Windows NT.

For more information on security, see http://ciac.llnl.gov/ciac/SecurityTools.html and http://www.microsoft.com/windows/ie/security/default.asp.

William Blinn Communications - All Rights Reserved
Subscribe to the Newsletter
179 Caren Avenue • Worthington, Ohio 43085
Phone: 614-785-9359
(Telemarketers please note: This number is listed on the national Do Not Call registry.)