U.S. flag

An official website of the United States government, Department of Justice.

NCJRS Virtual Library

The Virtual Library houses over 235,000 criminal justice resources, including all known OJP works.
Click here to search the NCJRS Virtual Library

Who's On the Company Network?

NCJ Number
175808
Journal
Security Management Volume: 42 Issue: 6 Dated: June 1998 Pages: 83-84-88
Author(s)
R Herold; S Warigon
Date Published
1998
Length
5 pages
Annotation
Many businesses are moving toward linking their internal networks (intranets) to the Internet, thus creating extranets that make it possible for customers and business partners to more easily gain remote access to private corporate databases by using the World Wide Web.
Abstract
Consequently, businesses must find ways to give nonemployees electronic access to data without compromising security. Allowing nonemployees access to corporate information, however, opens the corporate network to the potential for intentional or unintentional harm. Certain risks related to unauthorized access and use need to be addressed in reducing the potential for problems. Businesses can use various techniques to circumscribe nonemployee access to their computer systems. Such controls include the development of appropriate security policies, user identification, security reviews, employee awareness training, and network connection controls. These controls also involve unified defenses for tokens and firewalls, virtual private networks, mirrored networks, and data repositories. Although giving nonemployees access to corporate networks offers many advantages, access privileges must be granted under controlled circumstances to prevent the potential for information destruction, appropriation, or loss.