November 2001

HOT NEWS IN THIS REPORT:
1. PROTECT YOUR NETWORK SECURITY - OR ELSE!
2. ONLINE MARKETING TOOL: GOOGLE ADWORDS
3. COOL TOOL: MAKE A SHORTER LINK

Executive Technology Briefing (ETB)
Editor/Publisher: Jordan Ayan
Contributing Editor: Chuck Frey

Please feel free to forward this issue to others who may be interested in learning about these new technology developments. Questions? Feedback? Suggestions for future topics? Please contact us at: etb@create-it.com

Subscriptions are free. If you would like to be added as a subscriber, go to http://www.create-it.com and enter your e-mail address in the subscriber box.

------------------------------------------------------------------------

PROTECT YOUR NETWORK SECURITY - OR ELSE!

“Worms” - a powerful new breed of viruses that can breach your network security, exploit weaknesses and wreak havoc on your company's data - are a growing threat to companies of all sizes. IT research organization Computer Economics documented over 8.3 million strikes on servers and PCs as of October 2, and estimates the economic impact of this fast-moving virus at $590 million. Just this week, as we were preparing this issue of ETB, another worm, called W32.Badtrans.b@mm was distributed across the web through from many unsuspecting e-mail users.

These sophisticated viruses can damage or delete files, steal network passwords, and customer account information, and can even replicate themselves across a network of PCs and servers. In this day and age, your company cannot afford to have its e-mail and critical e-business services compromised by hackers. Not only are your company's key data increasingly at risk, but also your organization's reputation. According to the 2001 Computer Crime & Security Survey (http://www.gocsi.com/prelea/000321.html), conducted by the Computer Security Institute, 64 percent of respondents experienced financial losses due to computer security breaches, and 70 percent identified their Internet connection as a frequent point of attack.

In this issue of ETB, our goal is to help you to rethink your company's network security strategy, and to outline some simple tactics you can employ today to protect your organization's most valuable data from malicious viruses and hackers.

Worms represent a growing threat

During the last decade, most viruses were delivered as e-mail attachments. Hackers relied on “social engineering” - tricking recipients into opening e-mail attachments - to execute their damaging payloads. Anti-virus software such as McAfee VirusScan (http://www.mcafee.com), Norton Antivirus (http://www.norton.com), and Trend Micro (http://www.antivirus.com), has been valuable tools to protect office networks and desktop PCs from “traditional” viruses.

In recent years, however, a new breed of sophisticated viruses called "Trojan horses" or "worms" have become an even bigger threat to corporate computer networks. Worms, as their name implies, are designed to breach network security in new ways. For example, the recent Nimda virus simultaneously propagated itself in four different ways, including: - Scanning the Internet looking for vulnerable servers, - Attacking the hard disks of systems that have enabled file sharing on the network, - Capturing users’ e-mail address books and sending itself as an attachment to additional users, and - By spreading the virus to visitors to infected Web sites.

“What makes Nimda different from other Internet worms is that it requires no human interaction to spread. Instead, it uses known software vulnerabilities and multiple vectors of infection,” explains Doak Adams, a senior director of product line sales at Symantec. Because Nimda hit corporate networks on several fronts at the same time – what Adams calls a “blended threat” -- it caught many companies off guard. The Code Red worm did its damage by exploiting vulnerabilities on Web servers, defaced Web sites and left behind Trojan viruses for later execution. Because it was designed to run in the memory of the servers it infected (rather than saving itself to the hard drive), it escaped detection by some anti-virus products

Some of these next-generation worms can also burrow their way into the inner workings of servers and desktop computers and lie dormant for long periods of time, only to rise up on preprogrammed dates to cause more problems. Because they are stealthier that conventional e-mail borne viruses, network administrators may succeed in only eradicating the most obvious infestations of the worm. As a result, thousands of businesses are still fighting re-infestations of Nimda, SirCam and other virus “worms” today.

Internal security threats

While a great many potential security threats may come from outside of your organization, security breaches within organizations are also a growing problem. According to a 1999 Computer Security Institute/FBI Computer Crime & Security survey, 38 percent of respondents said that they experienced one to five security breaches that originated from within their organizations. Another 16 percent of respondents had six to ten internal breaches in the same time period.

Most companies never train their employees on how their computer usage habits can impact corporate security. For example, employees may open unsolicited e-mail attachments or may fail to scan these attachments before opening them. Also, most companies rely on employees to keep their virus definitions updated, instead of "pushing" new virus definitions to the desktop. As a result, their anti-virus software may miss some newer viruses and worms.

Employees can also compromise network security by surfing the Web for personal use. Inappropriate Web surfing increases the chances that an employee will visit sites that use potentially damaging Web scripting languages such as ActiveX or Javascript, which can give hackers access to data on your computer and potentially on your company's network.

An effective security strategy

Because hackers are constantly developing new and improved viruses and worms, network security requires an ongoing strategy of risk assessment and management. One of the simplest and most effective tactics you can use to protect your network is a “layered” security system, which combines several different components:

- Antivirus software - Firewalls - Intrusion detection software

Working together, these tools can help you to create a barrier many times stronger than its individual parts. Let's look at recommendations for each component:

ANTI-VIRUS SOFTWARE: For best results, the anti-virus solution you select should scan for viruses at both the server and desktop level. The server software should be able to automatically download the latest virus definition files from the vendor's Web site on a schedule that you specify, and automatically propagate it to every desktop computer on your network. However, most anti-virus programs are not designed to prevent attacks by next-generation worms; Nimda propagates itself via Web (http) traffic, which traditional anti-virus software doesn’t detect.

FIREWALL: A network firewall restricts what types of data come into and go out of your network. Hackers employ automated software that can scan thousands of Internet addresses, looking for servers with vulnerable ports where they can gain entry to your network. These port scans may also reveal your network’s structure, and may enable them to gain access to servers and desktop PCs far beyond your firewall. To help prevent this, make sure that your network administrator installs the latest security-related patches on your server software. Failing to do so is inviting disaster.

Symantec’s Adams says that many organizations use Layer 4 firewalls, which provide some protection against virus attacks. But in the age of powerful worms like Nimda, it’s time to move to a Level 7 firewall, which is more secure. “Nimda passed through Level 4 firewalls undetected, but was stopped by Level 7 firewalls,” he indicated. Vendors of Level 7 firewalls include PGP Gauntlet 6.0 (http://www.pgp.com/products/gauntlet/default.asp) and Symantec Enterprise Firewall (www.symantec.com).

You may also want to consider having an outside firm conduct a network security analysis. These firms can look at how your network firewalls and servers are arranged, and can provide you with valuable feedback on how to restructure your firewall and servers so that a hacker cannot “see” into your network. If your company uses Microsoft Internet Explorer or Microsoft Outlook, make sure that you install any security related patches on all of your desktop computers as well, since these programs are popular targets for hackers.

INTRUSION DETECTION SOFTWARE: As a third level of protection, I recommend that you install an intrusion detection program such as Black Ice Defender (http://www.networkice.com/products/blackice_defender.html) on each of your servers that are connected to the Internet. These programs perform real-time analysis of incoming and outgoing packets of data, looking for virus files and port scanning attempts. BlackIce Defender provides useful reports on which Internet addresses are attempting to communicate with your servers, and allows you to block or reject any further queries from those addresses. This capability can help to defend your network against “denial of service” attacks, in which multiple infected servers on the Internet simultaneously send a torrent of meaningless data packets to your server, overwhelming it with data and causing it to crash.

In addition, any laptops used by traveling executives should also run intrusion detection software. Hotels with high-speed Internet access are particularly vulnerable to attack. Road warriors should also turn off file sharing while on the road if connecting through hotels to insure that outsiders cannot access files. Without this level of protection, your company's laptops can easily become infected with viruses, which could then spread to your network when your executives return to the office.

As a final step, you may want to consider purchasing software that detects known vulnerabilities on your servers. This software, such as Symantec Enterprise Security Manager (http://www.symantec.com), both reports known vulnerabilities as well as a network’s level of adherence to security policies for passwords and open file shares. By eliminating the known vulnerabilities that these new worms tend to exploit, this proactive strategy should help to ensure a much greater level of security for your corporate network and its valuable data.

Conclusions

E-mail, Web access, and interconnectivity of corporate data have become a critical part of many companies' day-to-day operations. We can’t imagine doing business without it. But the success and well being of your business depends on these services being operational and problem-free 24 hours a day, 7 days a week. The cost of damaged or ruined data to your company, plus the lost productivity it can cause, could be astronomical. Additionally, if the critical online business services your company provides to your customers or other key constituencies are destroyed or rendered unusable by virus attacks, you could potentially face legal action from these important groups.

No matter what the size of your company, there is too much at stake today to leave network security to chance. I recommend that you take a proactive approach to protect your company’s most valuable assets from the rising tide of hackers, viruses and worms that are trying to get at it.

------------------------------------------------------------------------

ONLINE MARKETING TOOL: GOOGLE ADWORDS

http://www.google.com/ads/

One of the great things about the Web is the ability to experiment with different online marketing methods and measure the effectiveness of each tactic. A case in point is Google AdWords, the search engine's cool new text-based advertising program.

These text advertisements appear in small boxes along the right side of Google search results pages, and are based on matches between the keywords you've purchased and those searched by users. Just like Google search results, these ads are sorted based upon the click through rate, so that the most effective ads gravitate to the top of the page.

What makes Google AdWords especially valuable from an advertising standpoint is the excellent set of self-service ad creation and traffic reporting tools. These administrative Web pages make it easy to set up several text ads and keywords, monitor the click through rate, and experiment with different headlines and copy. Because the entire content of each ad is text, you can easily tweak your ads any time you want; these efforts should help you to increase the ranking of your ads.

For one of my clients, I created 6 Google text ads, and used the click through results to quickly narrow that down to the four that were most effective. I was also able to experiment with different combinations of keywords and text messages in these ads, and quickly determine which offers drew the best responses. I was impressed with AdWords, and I think you will be, too. Advertising rates range from $10-$15 per thousand views, depending on what position you want on the page. Payment is handled by credit card and no minimum deposit is required.

Google is now the most popular search engine on the Web. Because your ads only appear when users search on terms that match the ones you’ve selected, the click throughs to your Web site should be highly qualified prospects. If you create special “landing” pages that reinforce your Google AdWords offers (rather than directing click throughs to the home page of your company’s Web site), your results should be even better. Another advantage of Google AdWords is that you don’t have to spend a lot of money to compete with other advertisers for popular keywords. Your ad’s performance is based solely on the number of times Google users click on it, making AdWords particularly valuable for smaller companies seeking to improve their visibility to prospective customers on the Web.

Even if you aren’t convinced of the power of online advertising, this innovative, targeted tool is so inexpensive that you can’t afford not to experiment with it.

------------------------------------------------------------------------

COOL TOOL: MAKE A SHORTER LINK

http://www.makeashorterlink.com

If your Web site structure results in pages with long, complex URLs that are impossible for your customers and other key audiences to remember, then check out Make A Shorter Link, a free service created by a group of programmers that call themselves the Pants Collective. Make A Shorter Link converts long, alphanumeric URLs into shorter, simpler Web page addresses that are much easier to type and are more likely to be clicked on in e-mail messages that you send to others. The shorter link this site creates “redirects” the user’s Web browser to the actual, longer URLs – simple and effective.

To use this service, simply copy the long, original URL, paste it into the text entry box on the Make A Shorter Link home page and click on the submit button. The site will then display a new page with your new, shorter link, ready for you to copy and paste it elsewhere. Here is an example, using the actual URL of the last issue of ETB:

Before: http://www.create-it.com/etb.cfm?op=issue&issueid=26
After: http://makeashorterlink.com/?R2665203

Try clicking on both URLs, and you’ll see that they both lead to the same Web page on the Create-It! Web site. I think this is a very simple, elegant solution to a common problem. It's a wonder it took this long for someone to create such a valuable service!

==========================================

That's all for now. I welcome your comments and feedback on the Executive Technology Briefing.

Jordan Ayan President Create-It! Inc.

==========================================