May 95

Situation: Computer networks contain security loopholes.

Solution: With proper planning and security tools, governments can minimize security breaks.

Jurisdictions: San Diego, Calif.

Vendors: Novell, Security Integration Inc., Mergent International, TGV Inc., Ernst & Young, Lotus, Banyan, IBM, DEC.

Contacts: Stephen Talnose, Security Integration Inc. (617/861-8800.

By Tod Newcombe

News Editor

Last fall, a virus swept through San Diego County government, forcing hundreds of people to stop working. But no one went home sick. Instead, the virus struck more than 100 computers, disabling access to office automation applications and information on mainframes, and reducing the county's productivity by more than 50 percent for several days.

Going by the name Die Hard 2, the virus had originated from South Africa. No one from the county could determine how it got into the network where it crippled desktop computers and servers. Virus scanners, which can detect viruses and protect computers from similar attacks, were not being used by the county because of budget priorities.

The incident in San Diego County highlights one of the more sobering dilemmas governments face with computing today. States and localities increasingly rely on networks of computers to perform everything from general office activities to mission-critical operations.

But the growing reliance on computers has also increased security risks. In a survey conducted last year by the consulting group Ernst & Young, 79 percent of respondents in organizations with over 2,500 employees believe their information security risks have increased, and more than 80 percent report that risks have increased at a rate equal to or greater than the growth of computing resources.

When computing was done almost entirely on mainframes and minicomputers, security was tightly integrated into the system and controlled by the highly centralized data center. Viruses have been and still are almost nonexistent in this environment, according to Richard J. Connaughton, president and CEO of Security Integration Inc. "Host computers never have virus problems because everything is always authenticated and authorized through the data center and mainframe security tools," he said.

With the proliferation of networks, control and security issues have shifted away from the data center to the individual departments and agencies. Instead of having one large system with one set of security tools, governments now have a variety of systems and a range of security measures. Local area networks, client/server and open systems are all part of the new wave of computing, yet these technologies are often deployed without fully understanding how they impact and alter security.

The number of workers who use computers has grown as well. Governments are allowing greater percentages of users to view and edit information, but are not keeping them informed about the responsibilities associated with protecting data. Public access to government information is another growing trend that increases security risks.

WHERE TO LOOK FOR PROBLEMS

Despite recent news accounts about rogue hackers breaching computer security and wreaking havoc, the majority of security problems come from inside an organization. "Problems occur with the people who know the system," said Connaughton. He and other security experts believe disgruntled workers are responsible for a large share of the breaches in computer security. Break-ins from the outside usually occur because someone is able to get hold of a worker's password, which hasn't been changed, or someone has left their computer on because they don't want to log back into the system.

Viruses can also wreak havoc, but often their prevalence is exaggerated and, when they occur, they can usually be kept at bay by installing virus scanners on computers. To further impede the spread of viruses, last year's crime bill signed into law by President Clinton includes a revised federal computer crime statute that outlaws the transmission of rogue computer code, such