Code comfort

Cunning things security codes: they can hide your deepest, darkestsecrets from prying eyes. Annie Gurton goes undercover.

Any user who has not thought about the security of data in a client/server environment is naive. All data which travels from a desktop to a server is vulnerable to some degree. And if the client/server architecture includes a public switched element, the exposure is considerable.

Protecting the user from deliberate or accidental loss of data integrity should be a prime objective of all resellers, even volume traders who offer little value add. If the security of a customer's data is in some way breached, the reseller will rightly be blamed and lose the confidence of that customer.

The consequence of security breaches can spread far beyond the individual user. It can affect not only the entire enterprise, but all those it does business with too. But despite being such a crucial area, data security is often ignored by both the client/server user and reseller. The user does not want to be bothered and the reseller does not see the possible ramifications or the opportunities.

Ian Gresley-Jones, senior security consultant with integration reseller Protek, says: 'There are opportunities to sell products which ensure data security, plus services like consultancy to make sure that users go through the correct procedures and the system is properly configured.' He says the risk is far wider than most people realise because users and resellers put their faith in operating systems which are unproven. 'Unix has been around for a long time and the code is in the public domain, so we have had time to see what the problems are and worked out how to fix them.' With newer operating systems, like NT, says Gresley-Jones, just because holes have not emerged does not mean that they are not there.

'We are not allowed near the code, so we have no way of testing it properly in a non-critical situation, and no way of making adjustments which would make it more secure. There should be concern in the minds of resellers putting in NT in to run a mission critical client/server application. They have a clear responsibility to make sure all possible security checks are built into the system.'

Christine Comaford, president of Corporate Computing, says: 'Every client/server application should be subjected to testing for data security at the highest level, as well as program quality, usability and performance. That the data is secure is a basic requisite. There should be a sound testing plan, including test cases, suites and scenarios which take the system to the limit.'

Comaford says if the security of data is compromised, the system can be judged to have failed, with all the backlash on the reseller which that implies. 'There can be several reasons why the data security is not right,' she says, 'such as lack of infrastructure, standards, common practices, methodology and common reusable components. Or it could be a lack of solid management to implement proven metrics, realistic estimation, controlled requirements gathering, prototyping and development. Or it may be that those involved lacked appropriate training.'

The development team should have a broad approach, she says. 'If the developers are too tools-centric and ignore the people and techniques issues, there will be problems.'

Mark Cresswell, MD of Neon Systems, says you have to decide how vulnerable data is and what level of protection you need. Even the latest levels of security, firewalls and data encryption will not withstand a determined attack by a large computer, but for most purposes standard encryption is adequate. Unless you believe someone is going to allocate a mainframe indefinitely to break the encryption on your data, you need basic commercial, rather than military, encryption.

James Rendell, chief technical consultant with Neon Systems, says any individual or organisation which uses public switched networks as part of their system should routinely encrypt their data. 'Yet many of them do not,' he says. He adds that the most common level of security is the Secure Sockets Layer, or SSL, of TCP/IP.

'When developers design the software, they have to ensure both TCP/IP sites recognise that SSL will be used and every session will be encrypted.'

Cresswell adds that without encryption all users are vulnerable. They often have to take positive steps to ensure that their data is encrypted because it is not an automatic part of the program. 'The trouble is, users don't want to think about things like that. They don't want to be inconvenienced; they want it done automatically, which is why software designers and client/server solution providers have to ensure something is done about it.'

Steve Brenman, MD of Open Environment, which provides the 'glue' software in a client/ server environment, says data in a database in a single server is safe enough, but trouble arises when data is being moved to and from the desktop. 'It has to be up to the IT manager to ensure that security is an inherent part of the solution and data is made secure without reference to the users. It has to be part of the corporate strategy.'

Cresswell agrees data encryption should be an automatic part of every system, and a default in the system, so that it is not something users have to consciously opt for. He says: 'SSL is about as bullet-proof as most businesses will want to get. It is the system used by credit card companies.' He adds that the greater the number of users hooked into the client/ server system, the greater the risk of hacking and data corruption.

'There are a number of issues surrounding the safety of files and messages that are transmitted electronically, yet many users casually sit at their system and send sensitive information into the ether. If you start sending an entire company's business information and records across public networks, then it is immediately at risk. People don't think about it. But if they are using a client/server system without encryption they must be prepared to have their data as public as if they had published it in a newspaper.'

Brenman adds that there are plenty of options for building firewalls which protect data and the internal network from external intrusion. He says: 'One approach is to make sure that the Kerebos element of DCE is implemented, but that should form part of a holistic corporate approach to security which includes passwords, encryption and firewalls.'

Brenman believes a client/server environment is inherently safer for data than a simple network or mainframe environment, provided that management systems are properly implemented at the core of the system. 'We provide a complete set of security tools within our toolset,' he says. 'Data security is a state of mind which derives from the corporate approach. If a company makes one person responsible for ensuring that data is secure, it is more likely to happen than by leaving it to the users. Users are the most likely point of failure.'

The approach resellers should take to users' data security, according to Jay Huff, UK MD of Computer Associates, is to work out a profile of the user's needs and match that with the security provided in the operating system and applications. 'If the two do not match, there are products available like Unicentre SSO which tags an encryption procedure to the data packet. So it can only be used once and only be decoded and read by the designated recipient.'

Many applications, both off-the-shelf and bespoke, are seriously lax about security, says Huff, and there is much that resellers can do either to train users to follow the right procedures, or to sell products which bolt onto existing code and give it the necessary protection. 'There is no doubt that security is an added-value opportunity for resellers,' he says, 'but few of them take advantage of it, to the detriment of their own businesses as well as their customers' data.'

The industry seems to agree that the network terminals about to burst onto the market are the best thing that could happen for data security in client/server networks. Because of their lack of disk drive memory or local memory, centralised control can ensure that security procedures are carried out automatically.

Wyse has just launched a new range called Winterm Windows built to display Windows applications just like a PC. Marketing director John Cummins explains: 'They use a Windows NTTM-based application server to run the programs and store the data centrally. Winterm terminals are similar to general-purpose terminals and are linked to servers which run the applications. They send their display output over serial cables or Ethernet links to the Winterm terminals, using a display protocol termed ICA 3, which is similar to X, although designed specifically for Windows applications and dramatically more efficient. This enables fast access to Windows applications from local and remote sites, even across Wans using modems and other communication topologies.'

Wyse uses a variant of Windows NT called Winframe as the operating system. Cummins says: 'Prior to Winterm, there was no easy way to share Windows data and applications, beyond using PCs and conventional networks. Winframe is to Windows applications what Unix is to Unix applications - a robust way to share applications and data but with value for money in mind. It is fully licensed by Microsoft and as Windows NT releases advance, Winframe will always be in step.'

Cummins has no doubts about the inherent security of Winframe. 'It was designed to be used in a client/server scenario,' he says. Cummins claims that Winterm terminals are inherently highly secure - no data is kept locally in the terminal and multi-level passwords restrict access to data and ensure that each user is presented only with a predetermined interface and environment. If the line is disconnected, the Win-frame server automatically saves the current application in an active state and password protects it for subsequent log on and continuation by that user.

Unlike PC networks, Winterm terminals also support the concept of client independent computing; a user can go to any free Winterm terminal on the network and log on to the Winframe server, without any loss of security.

The user is presented with the usual interface and environment regardless of where the terminal physically is on the network - even if it is at home connected via a modem. Network terminals are immune to viruses and sensitive data cannot be downloaded from the host unless the user has security clearance. They should also prove more resistant to office theft since they do not contain CPUs, Ram chips and hard disks that can be used elsewhere.