Tip

Securing the intranet

Securing the intranet
By Adesh Rampat

Many companies have set up an intranet that provides Web-style company information for employees. Procedure manuals and online knowledge sharing can be made possible through the intranet. However, having information on the intranet can also present some security risks. The following examines some of the risks involved:

  • Information is shared on the intranet from various servers located within the organization. The network administrator should make sure that proper security permissions are assigned to the folders so that users who will be accessing the information can get to it. In some instances, depending on the information being presented, the users can be allowed to copy the files onto their hard drives but not allowed to copy back on to the server.

  • All shared folders should be hidden to prevent any user from being tempted to scan through the folders.

  • Information available to the intranet is for the company's employees at large. Before any information is posted, the confidentiality of such information should be investigated. If information with a certain level of confidentiality should be posted, then passwords to the page should be assigned.

  • The server that is hosting the Web page should have the latest security service packs installed, especially where IIS is concerned.

  • If CGI scripting is to be used, the network administrator should ensure that proper security

    Requires Free Membership to View

  • permissions are in place. This is because CGI scripts may intentionally or unintentionally leak information about the host system that can result in a break in.

Adesh Rampat has 10 years of experience with network and IT administration. He is a member of the Association of Internet Professionals, the Institute for Network Professionals and the International Webmasters Association. He has also lectured extensively on a variety of topics.

Did you like this tip? If so, (or if not) why not let us know. Send an email to us and sound off. Or visit our tips page to rate this tip, or submit one of your own.

Related Book

Practical Guide to Implementing Secure Intranets and Extranets
Author : Kaustubh M. Phaltankar
Publisher : Artech House
ISBN/CODE : 0890064474
Cover Type : Hard Cover
Pages : 428
Published : Dec. 1999
Summary :
This invaluable book provides hands-on methodology for designing effective network-level security systems for your corporate intranet or extranet. Using real-world examples and referencing the latest intranet and extranet technology, this essential guidebook for IT professionals shows how to configure network and security elements such as routers, switches, servers and firewalls to achieve top-notch security.


This was first published in June 2001

There are Comments. Add yours.

 
TIP: Want to include a code block in your comment? Use <pre> or <code> tags around the desired text. Ex: <code>insert code</code>

REGISTER or login:

Forgot Password?
By submitting you agree to receive email from TechTarget and its partners. If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States. Privacy
Sort by: OldestNewest

Forgot Password?

No problem! Submit your e-mail address below. We'll send you an email containing your password.

Your password has been sent to:

Disclaimer: Our Tips Exchange is a forum for you to share technical advice and expertise with your peers and to learn from other enterprise IT professionals. TechTarget provides the infrastructure to facilitate this sharing of information. However, we cannot guarantee the accuracy or validity of the material submitted. You agree that your use of the Ask The Expert services and your reliance on any questions, answers, information or other materials received through this Web site is at your own risk.