[Agenda] [Examples] [Network Partitioning] [Concepts] [Policy] [Process] [Organization] [HW-SW] [Cases studies] [Conclusion] [Resources]
[first slide] Solutions? [previous slide] [next slide]
* What folks might suggest initially

o A trainee sniffs the network and gets all mailboxes passwords
o (1) Move to a full switched network and avoid network sniffing

o A subcontractor shuts down all the 300 WNT servers with a DoS
o (2) Secure your WNT servers, upgrade WNT, apply hot-fixes

o Employees look at web site of a subsidiary in another country
o (3) Add user authentication and access control on the company web servers (100 +) and subsidiaries (30 +)

o Someone hacked the bank wire transfers
o (4) Cut off the connection from internal network to the database server (it remains connected to the bank)

o A cooperative partner steals the specifications of version N+1
o (5) Add stronger user access-security at the operating system layer on all servers

HSC ® © Hervé Schauer Consultants December 1999 - 142, rue de Rivoli - F-75001 Paris - France
Phone: +33 141 409 700 - Fax: +33 141 409 709 - Email: <secretariat@hsc.fr>
- Page 5 -