Lesson 1: Enabling Secure Access to Internet Resources
What Is Secure Access to Internet Resources?
Almost all organizations provide some level of Internet access for their users. The use of the Internet as a source of information and e-mail as a communication tool means that most organizations cannot afford to be without access to the Internet. At the same time, ensuring that the connection to the Internet is secure is critical.
So what is secure access to the Internet? At a minimum, providing secure Internet access for users in an organization means the following:
1- Users can access the resources that they need. To do their jobs, users in many organizations must be able to use a Web browser or other application to access Internet resources.
2- The connection to the Internet is secure. Users must be reasonably sure that they will not be attacked through the Internet connection. Ideally, the connection to the Internet should not reveal any information about the internal system that can be used to launch an attack against the client computer. Information about the computer, such as the computer name, user logon name, and shared folders, as well as details about the network configuration for the client computer, such as the client Internet Protocol (IP) address, should be hidden.
3- The data that users transfer to and from the Internet is secure. In some cases, users might send confidential personal information such as credit card information to the Internet or they might send private or confidential organizational information such as client data to the Internet. This data must be secured when it leaves the organization. If the data cannot be protected, you must prevent users from sending the information to the Internet.
4- Users cannot download malicious programs from the Internet. One of the ways attackers gain access to your network is by getting users to download malicious content. You must prevent users from inadvertently or deliberately causing damage to the network by downloading viruses or Trojan horse applications to their client computers.
Secure access to the Internet also means that the user’s actions comply with the organization’s
security or Internet usage policy. This means the following:
1- Only users who have permission to access the Internet can access the Internet.
2- These users can use only approved protocols and applications to access Internet resources.
3- These users can gain access only to approved Internet resources, or these users cannot gain access to denied Internet resources.
4- These users can gain access to the Internet only in accordance with any other restrictions the organization may establish, such as when and from which computers access is permitted.
What Is Secure Access to Internet Resources?
Almost all organizations provide some level of Internet access for their users. The use of the Internet as a source of information and e-mail as a communication tool means that most organizations cannot afford to be without access to the Internet. At the same time, ensuring that the connection to the Internet is secure is critical.
So what is secure access to the Internet? At a minimum, providing secure Internet access for users in an organization means the following:
1- Users can access the resources that they need. To do their jobs, users in many organizations must be able to use a Web browser or other application to access Internet resources.
2- The connection to the Internet is secure. Users must be reasonably sure that they will not be attacked through the Internet connection. Ideally, the connection to the Internet should not reveal any information about the internal system that can be used to launch an attack against the client computer. Information about the computer, such as the computer name, user logon name, and shared folders, as well as details about the network configuration for the client computer, such as the client Internet Protocol (IP) address, should be hidden.
3- The data that users transfer to and from the Internet is secure. In some cases, users might send confidential personal information such as credit card information to the Internet or they might send private or confidential organizational information such as client data to the Internet. This data must be secured when it leaves the organization. If the data cannot be protected, you must prevent users from sending the information to the Internet.
4- Users cannot download malicious programs from the Internet. One of the ways attackers gain access to your network is by getting users to download malicious content. You must prevent users from inadvertently or deliberately causing damage to the network by downloading viruses or Trojan horse applications to their client computers.
Secure access to the Internet also means that the user’s actions comply with the organization’s
security or Internet usage policy. This means the following:
1- Only users who have permission to access the Internet can access the Internet.
2- These users can use only approved protocols and applications to access Internet resources.
3- These users can gain access only to approved Internet resources, or these users cannot gain access to denied Internet resources.
4- These users can gain access to the Internet only in accordance with any other restrictions the organization may establish, such as when and from which computers access is permitted.