Home > Security Tips > Tech Tips > Securing the intranet
Security Tips:
EMAIL THIS
 TIPS & NEWSLETTERS TOPICS 

TECH TIPS

Securing the intranet


Adesh Rampat
06.05.2001
Rating: -3.86- (out of 5)


Digg This!    StumbleUpon Toolbar StumbleUpon    Bookmark with Delicious Del.icio.us   


Securing the intranet
By Adesh Rampat

Many companies have set up an intranet that provides Web-style company information for employees. Procedure manuals and online knowledge sharing can be made possible through the intranet. However, having information on the intranet can also present some security risks. The following examines some of the risks involved:

  • Information is shared on the intranet from various servers located within the organization. The network administrator should make sure that proper security permissions are assigned to the folders so that users who will be accessing the information can get to it. In some instances, depending on the information being presented, the users can be allowed to copy the files onto their hard drives but not allowed to copy back on to the server.

  • All shared folders should be hidden to prevent any user from being tempted to scan through the folders.

  • Information available to the intranet is for the company's employees at large. Before any information is posted, the confidentiality of such information should be investigated. If information with a certain level of confidentiality should be posted, then passwords to the page should be assigned.

  • The server that is hosting the Web page should have the latest security service packs installed, especially where IIS is concerned.

  • If CGI scripting is to be used, the network administrator should ensure that proper security permissions are in place. This is because CGI scripts may intentionally or unintentionally leak information about the host system that can result in a break in.

Adesh Rampat has 10 years of experience with network and IT administration. He is a member of the Association of Internet Professionals, the Institute for Network Professionals and the International Webmasters Association. He has also lectured extensively on a variety of topics.

Did you like this tip? If so, (or if not) why not let us know. Send an email to us and sound off. Or visit our tips page to rate this tip, or submit one of your own.

Related Book

Practical Guide to Implementing Secure Intranets and Extranets
Author : Kaustubh M. Phaltankar
Publisher : Artech House
ISBN/CODE : 0890064474
Cover Type : Hard Cover
Pages : 428
Published : Dec. 1999
Summary :
This invaluable book provides hands-on methodology for designing effective network-level security systems for your corporate intranet or extranet. Using real-world examples and referencing the latest intranet and extranet technology, this essential guidebook for IT professionals shows how to configure network and security elements such as routers, switches, servers and firewalls to achieve top-notch security.

Rate this Tip
To rate tips, you must be a member of SearchSecurity.com.
Register now to start rating these tips. Log in if you are already a member.


Submit a Tip




BROWSE BY TAG
Tech Tips,   VIEW ALL TAGS

Digg This!    StumbleUpon Toolbar StumbleUpon    Bookmark with Delicious Del.icio.us   



RELATED CONTENT
Tech Tips
Video: The foundation of an email security strategy
The 5 A's of functional SAN security
Effective storage security policies
Smart options for safeguarding stored data
Outfox SOX: How to make regulations work for you
Roberta Bragg's 10 Windows hardening tips in 10 minutes
Using free network intrusion detection and prevention tools to stop hacks
Hacker techniques and exploits: Prevent system fingerprinting, probing
How to stop hacker theft: Employee awareness, risk assessment policies
Information Security Decisions Fall 2004: Speaker presentations

RELATED RESOURCES
2020software.com, trial software downloads for accounting software, ERP software, CRM software and business software systems
Search Bitpipe.com for the latest white papers and business webcasts
Whatis.com, the online computer dictionary

DISCLAIMER: Our Tips Exchange is a forum for you to share technical advice and expertise with your peers and to learn from other enterprise IT professionals. TechTarget provides the infrastructure to facilitate this sharing of information. However, we cannot guarantee the accuracy or validity of the material submitted. You agree that your use of the Ask The Expert services and your reliance on any questions, answers, information or other materials received through this Web site is at your own risk.



Research Solutions for Network Security, Access Control and Security Threats
TechTarget Security Media
Information Security View this month\\'s issue and subscribe today.
Information Security Decisions Apply online for free conference admission.
SearchSecurity.com
HomeNewsMagazineMultimediaWhite PapersLearningAdviceTopicsEventsAbout Us
SEARCH :     Site Index Powered by: Search Powered by Google

About Us  |  Contact Us  |  For Advertisers  |  For Business Partners  |  Site Index  |  RSS
TechTarget provides technology professionals with the information they need to perform their jobs - from developing strategy, to making cost-effective purchase decisions and managing their organizations' technology projects - with its network of technology-specific websites, events and online magazines.

TechTarget Corporate Web Site  |  Media Kits  |  Site Map




All Rights Reserved, Copyright 2003 - 2009, TechTarget | Read our Privacy Policy 		  TechTarget - The IT Media ROI Experts