General discussion

Locked

shared drives

By gsrobison ·
I am doing consulting work for a few companies, acording to their software tech support people, the software requires a fully shared c: drive, accessed for read/write. most of these companies are on broad band, i was always thought that this will cause major problems for outside access. I wanted to install norton internet security at least to help prevent some of the possible hacks, but the tech support persons said NO. just rely on the routers firewall, the cust. did not want to purchase expensiuve routers, so the went with low end routers. what is the best answer to give to my customers.

This conversation is currently closed to new comments.

7 total posts (Page 1 of 1)  
| Thread display: Collapse - | Expand +

All Comments

Collapse -

by jireland607 In reply to shared drives

If i was in your position I would look at installing a software firewall on each computer. It is not easy for a hacker to attack a computer behind a router without having a VPN setup.

I would then ask the software tech people to speak to the company to explain the implications. Other than that there is little you can do.

It might be worth testing security on it by changing the share permissions for the drive. We have spoken to companies in the past who recommend the same measure but found it is only to prevent future problems.

Collapse -

by stress junkie In reply to shared drives

The nice thing about consulting is that you can
ethically walk away from this sort of thing. I've done
consulting and direct employment over the years. As a
direct employee I always took the position that things
like security are everyone's business and that all direct
employees share responsibility in seeing that the
business is protected and that money isn't wasted, etc.
I honestly believe that as a consultant you can ethically
ignore all of that. The consultant is usually hired to
provide talent withing an extremely limited scope.
Anything outside that scope isn't your problem. Even if
you have a broad scope of responsibility the best that
you can do is to advise the locals. It is up to them to
either accept or reject your advise. Ultimately the
business management is responsible to see that
qualified people are addressing business issues
correctly. If the locals don't want your advise, or if they
create a ridiculous environment and don't want to hear
about your perception, then just do your work and
leave. On the other hand when I've been a direct
employee I believe that I am morally obliged to keep
trying to correct the problems at the risk of being
labelled 'persona non gratis' or worse. So I believe that
consulting reduces your obligation to see that problems
are fixed.

Collapse -

by gsrobison In reply to

Poster rated this answer.
I understand the ethics, but need to know if data is secure behind just a router firewall. ( low end )

Collapse -

by gsrobison In reply to shared drives

I have NIS installed on one customers 3 systems, with security levels down to its lowest settings, to enable write to server, but is the data secure sitting behind a low end router with firewall? one other cust. said NO to the NIS, will just use the router's firewall. For data security, will these be sufficient?

Collapse -

by Xanderoth In reply to shared drives

A low end firewall or high end firewall makes little difference. "High end" usually means better reporting, tracking and management tools. Firewalls are excellent detterants because they prevent your casual hacker from access your system, but no firewall is totally secure unless it is totally inaccessable. A simple NAT router would be sufficient to keep 99% of all malicious users out.

Collapse -

by gsrobison In reply to

Ok thanks, this answer by xanderoth has helped. thanks

Collapse -

by gsrobison In reply to shared drives

This question was closed by the author

Back to Security Forum
7 total posts (Page 1 of 1)  

Related Discussions

Related Forums