Basic Information for Businesses on:
the Internet, Computers, Security & Privacy

Membrane Domain / InternetU.org Business Security Advisory

We suggest the use of at least three (3) separate computers (or computer networks.) These computers should have the following designations/functions:

  1. personal use (including personal internet use)
  2. public business use (including business internet use)
  3. private business (including databases, spreadsheets, etc.)

We suggest that data does NOT flow between any of these computers.

If data must flow between these machines, because it is an essential part of the business process, we strongly recommend that such data exchange be regulated and monitored by firewall(s) separating the networks. We must emphasize that the firewalls require competent human administration; a malfunctioning firewall is often worse than none at all.

In the event that any computer is compromised by a virus, or any other security violation, the user should be held responsible. The compromised computer should be rendered useless... before being converted to an educational tool. [Publicly displaying the computer's remains, along with a description of its demise, often helps others to learn.]

THERE IS NO KNOWN "LONG TERM COST EFFECTIVE METHOD" TO RID OR CLEAN A VIRUS FROM A COMPUTER.


If you need further explanation, we suggest:

Wiping the harddisk and reinstalls of all operating systems and applications from known clean media (or a known clean backup) will eliminate infections after detection. (In extreme cases reflashing the BIOS may be required.) There are numerous hidden costs associated with this approach. To name just one, if an exact preinfection software image is restored, then the computer has the SAME vulnerability that caused the infection in the first place. We must stress that the media/backups from which a restore is performed must be carefully checked to ensure that they do not contain malware. Especially if the origin of the virus is not known (and even if it is), great care must be taken to disinfect any backups or other reinstallation media. Else, no assurance is available that the infection will not recur with reinstallation of software, email or other user data (such as spreadsheets or word processor files).

Further, if the operating systems and application software are upgraded to the latest versions, even on the same hardware, the computer will not function as before, frequently causing problems with required legacy applications. The greater hardware demands of the later versions of software alone often result in unacceptable slowdowns. Since the hardware costs are so small a fraction of the total costs of ownership, our position is that the hardware be replaced, and the latest, patched versions of all software be reinstalled. There are costs involved with this approach as well, including the costs of making sure that any legacy applications function acceptably. This has to be done even if the hardware is not replaced, however we believe that the benefits outweigh the disadvantages, since in general, the later versions of software require larger hardware resources, and in too many cases will not work at all on older hardware.

Back To: Studies in Computer & Internet Security

© 2002 by Sidd & the Membrane.com Help Desk
This article may not be redistributed without our permission.