Select Committee on European Union Written Evidence

Annex 1


Keep the doors locked

Connecting a network to the Internet opens the doors to the interconnected world. Networks have to be protected from hackers, malicious attack and other unauthorised access. Firewalls, perimeter security and intrusion detection systems are essential to any enterprise security system to prevent unauthorised access.

Know who users are

  Allowing access through the firewall to known personnel is required if business communication is to use the Internet effectively. The management of these connections forms a major part of the enterprise security policy. The key security issue is authentication—knowing who users really are.

Don't say anything

  Using the public Internet for business communications, browsing, e-mailing, establishing Intranets or extranets all expose data to threat. Only by encrypting connections can data be guaranteed to be kept secret.

  Encryption has developed to stay ahead of the technologies used to crack codes. The strongest levels of encryption now render the task of cracking it almost impossible—and certainly never at real time data transmission speeds.

Controlling content in and out

  Not all data transmitted and received will be appropriate to a business—indeed, some may be dangerous or illegal. It's essential that any security policy builds in the ability to protect the corporate network from both malicious virus attack and deny access to inappropriate material like pornography.

  Virus protection software and content screening systems have developed to high levels of sophistication and offer peace of mind for the secure enterprise.

Controlling traffic

  A corporate level Internet connection generates a lot of extra traffic. Though costs are falling, demands on available bandwidth still need managing. Software solutions are available to manage traffic flows, and to assign priority at various levels to data and applications.

  Users and their machines also need to be managed. Internet connections are based on IP addressing, and pose many management problems—especially with mobile and remote users.

Extending the network

  Virtual Private Networks (VPNs) exploit the potential of an Internet connection to the highest level for business. A well-designed VPN will significantly cut communication costs and improve business potential. However, the OPSEC Alliance is becoming the accepted interoperability standard throughout the industry. Its members include all the major vendors and its scope covers all aspects of network security. With more than 200 members producing OPSEC-compliant products that are guaranteed to work together the choice of additional or upgrade components is being made easier and safer.

previous page contents next page

House of Lords home page Parliament home page House of Commons home page search page enquiries index

© Parliamentary copyright 2000