To really take advantage of the Internet, users must be able to retrieve information from it. Many people think of the Internet as all fun and games, but there is a wealth of useful business information available, as well. This section will discuss ways to allow users to access such information from the Internet safely.
Internet Threats There are two main threats when allowing users to access the Internet. They are: viruses, and information leaks. The risks from both can be reduced by a few simple technical solutions and by educating prospective users.
Viruses Viruses are programs that replicate themselves to other files on the same machine and also to other machines. They may or may not be destructive, but they are most certainly always a nuisance.
Viruses can only be controlled by having users scan files on their local machines before using them. Even though all traffic may go through a firewall, it is still not possible to check all the information for viruses.
Even if it were possible to have your firewall scan for viruses, if people transfer files via other means (such as floppies or tapes) they are still vulnerable.
There are many different type of virus software available both free and commercially. Choose one that is most suitable and make a definite practice of running it.
Virus software must be current to be effective. New viruses are found every day; some can't be found with older virus scanners. Always get the latest version available and keep upgrades current.
Information Leaks There are many ways for outsiders to break into your network and it is important to reduce the risk if they do. By limiting ease of access to information from within the company, confidential data is protected in the event your site is compromised.
One of the most popular ways to limit information leakage is by using a firewall to limit who can send out information. Information can be sent many different ways, however, and can't be eliminated without disconnecting from the Internet entirely.
The easiest way to limit exposure is to limit what information can get out to the Internet. This is done by blocking direct access out of the company at the router. To allow people to get out to the Internet, install either a proxy server or SOCKS.
Proxy servers are transparent to the user and are available for many different protocols. However, each protocol must have a separate proxy server.
SOCKS, on the other hand, is a more generic tool which can be used with any protocol; however, SOCKS necessitates some changes to the client software. Such software is considered to be SOCKSified.