Click on our Sponsors to help Support SunWorld

Insider intrusion

Readers are still troubled by security, but who's the enemy?

By Carolyn W.C. Wong

SunWorld
August  1996
[Next story]
[Table of Contents]
[Search]
Subscribe to SunWorld, it's free!

Mail this
article to
a friend

It's no surprise our readers are worried about security of their companies' systems and networks. 84 percent of the 108 respondents agree security continues to be a troublesome issue. Perhaps more intriguing is who they think poses the greatest threat.

Last July, as part of Peter Galvin's debut security column, a questionnaire asked readers if the greatest security threats to their organizations were outsiders or insiders. 49 percent of the 138 respondents believed outsiders were more problematic than insiders (36 percent). Our survey last month asked the same question. This time around, however, 51 percent of the respondents are more suspicious of their own colleagues than of external perpetrators (45 percent).

55 percent of the readers say they are unaware of system/network attacks, while 34 percent definitely know intruders have tampered with their systems. 80 percent would disclose these break-ins.

So what's being done to prevent intrusions? 79 percent of the respondents have installed security-related patches; 68 percent lecture users about passwords; 62 percent use firewalls; and 50 percent use SATAN or COPS. The security tools implemented by our readers are primarily public domain (51 percent), commercial (21 percent), or custom-made (17 percent).

While precautions are being employed, paranoia isn't rampant yet. Most believe their organizations are "somewhat concerned" (47 percent) with data security. 50 percent of their companies have conducted security audits, but 42 percent have not. 49 percent think security audits should be left to system administrators. That means they hold themselves responsible since 45 percent of the respondents are sysadmins. 56 percent of the readers categorize themselves as journeymen -- a step above an apprentice, but not quite a master or a genius. (Only one person registered as a genius!)

Remember to review the file "Readers comment on security" to find out what crucial security issues readers must contend with in their daily lives--Carolyn W.C. Wong


Advertisements

SunWorld Online July 1996 Reader Survey Results

Tell us what you think about security

Number of respondents: 108
as of 11:00 a.m. on July 30, 1996

  1. Are you worried about the security of your computer systems and networks?
     
        Yes:                                              84.2% 
        No:                                               13.7% 
        Not my problemo:                                   2.1% 
    
  2. To your knowledge, have your computer systems or networks ever been compromised by an intruder?
        Yes:                                              34.0% 
        No:                                               55.3% 
        No comment:                                        2.1% 
        I don't know:                                      8.5% 
    
  3. If your computer systems or networks have been compromised, did the intruder cause damage?
        Not applicable:                                   53.2% 
        Yes:                                               8.5% 
        No:                                               20.2% 
        No comment:                                        7.4% 
        I don't know:                                     10.6% 
    
  4. If intruders did break in, would you admit it?
        Yes:                                              80.0% 
        No:                                                7.4% 
        I wouldn't know:                                  12.6% 
    
  5. The greatest computer and network security threats to your organization are:
        Outsiders:                                        45.2% 
        Insiders:                                         50.5% 
        I don't know:                                      4.3% 
    
  6. In general terms, describe the security precautions your organization has taken: (Check all that apply)
        Few or none:                                       9.5% 
        Lecture users about passwords:                    68.4%
        Installed security-related patches:               78.9% 
        Used STATN or COPS:                               49.5% 
        Use a firewall:                                   62.1%
        Not connected to the Internet:                     5.3% 
        I don't know:                                      1.1% 
    
  7. If you use security tools at your site, are they primarily
        Commercial:                                       21.1%
        Public domain:                                    50.5% 
        Custom:                                           16.8% 
        We don't use any security tools:                   9.5% 
        I don't know:                                      2.1% 
    
  8. Describe your organization's baseline data security paranoia level:
        Very concerned:                                   32.6%
        Somewhat concerned:                               47.4% 
        Neither concerned nor unconcerned:                17.9% 
        Not concerned:                                     2.1% 
    
  9. Describe your professional baseline data security paranoia level:
        Very concerned:                                   38.9% 
        Somewhat concerned:                               56.8% 
        Neither concerned nor unconcerned:                 3.2% 
        Not concerned:                                     1.1% 
    
  10. Describe your personal baseline data security paranoia level:
        Very concerned:                                   44.2% 
        Somewhat concerned:                               47.4% 
        Neither concerned nor unconcerned:                 6.3% 
        Not concerned:                                     2.1% 
    
  11. Are security audits conducted at your organization?
        Yes:                                              50.0% 
        No:                                               41.5% 
        I don't know:                                      8.5% 
    
  12. Which job title at your organization has primary responsibility for performing security audits?
        System administrator:                             48.9% 
        A security officer:                               14.9%  
        Network administrator:                            17.0% 
        Consultant:                                        0.0% 
        Other title:                                      12.8% 
        I don't know:                                      6.4%
    
  13. Do you use the program Pretty Good Privacy (PGP)?
        Yes:                                              35.8% 
        No:                                               57.9% 
        I don't know:                                      6.3% 
    
  14. When it comes to computer security, you consider yourself a
        Genius:                                            1.1% 
        Master:                                           18.3% 
        Journeyman:                                       55.9% 
        Apprentice:                                       18.3% 
        Newbie:                                            6.5% 
    
  15. Which operating system are you using...
        on most of your database servers?
          Solaris 1/SunOS 4.1.x:                          11.7% 
          Solaris 2:                                      51.1% 
          HP-UX:                                           6.4% 
          AIX:                                             3.2% 
          IRIX:                                            1.1% 
          Digital Unix:                                    3.2% 
          Windows NT:                                      6.4% 
          Novell NetWare:                                  8.5% 
          Other:                                           8.5% 
    
        on most of your desktops?
          Solaris 1/SunOS 4.1.x:                           5.4% 
          Solaris 2:                                      20.4% 
          HP-UX:                                           2.2% 
          AIX:                                             0.0% 
          IRIX:                                            2.2% 
          Digital Unix:                                    0.0% 
          Windows & Win 95:                               43.0% 
          DOS:                                             1.1% 
          Windows NT:                                      6.5% 
          OS/2:                                            1.1% 
          Macintosh:                                      11.8% 
          Other:                                           6.5% 
    
  16. How many people are employed by your department?
        1 - 9:                                            28.3% 
        10 - 29:                                          25.0% 
        30 - 99:                                          30.4% 
        100 - 499:                                        12.0% 
        Not applicable:                                    4.3% 
    
  17. How many people are employed by your entire organization?
        1 - 9:                                            14.0%
        10 - 29:                                           7.5% 
        30 - 99:                                           6.5% 
        100 - 499:                                        20.4% 
        500 - 1999:                                       14.0% 
        2000 - 9999:                                      17.2% 
        more than 10,000:                                 15.1% 
        Not applicable:                                    2.2% 
        I don't know:                                      3.2% 
    
  18. Which best describes your primary job duties?
        Systems administrator:                            45.3% 
        Programmer or developer:                           9.5% 
        Netowrk administrator:                             6.3% 
        Database administrator:                            0.0% 
        Systems analyst:                                   4.2% 
        Webmaster:                                         7.4% 
        Consultant:                                        9.5% 
        Systems integrator:                                5.3% 
        Other technical profressional:                     6.3% 
        Other manager:                                     4.2% 
        Student:                                           2.1% 
        Other:                                             0.0% 
    


Click on our Sponsors to help Support SunWorld

What did you think of this article?
-Very worth reading
-Worth reading
-Not worth reading
-Too long
-Just right
-Too short
-Too technical
-Just right
-Not technical enough
 
 
 
    

SunWorld
[Table of Contents]
Subscribe to SunWorld, it's free!
[Search]
Feedback
[Next story]
Sun's Site

[(c) Copyright  Web Publishing Inc., and IDG Communication company]

If you have technical problems with this magazine, contact webmaster@sunworld.com

URL: http://www.sunworld.com/swol-08-1996/swol-08-security.results.html
Last modified: