Making the internet safe for e-commerce

guarded against would-be attackersAt a minimum,each time they logon, all PC users should be required to type in passwords that only they and the network administrator know These should not be easy to guess and should be changed every few weeks. The system should lock out anyone who fails to type in their correct password after three attempts. Viruses generally infect local area networks through workstations, so anti-virus software packages that work on the server alone aren't enough to prevent infection: ideally, all terminals on the network should be protected individually. Firewalls should be installed at every point where the computer system comes in contact with other networks,including the Internet,a separate local area network at a customer's site, or a telephone company switch. Even if intruders manage to break through the firewall, the data on a network should be encrypted. Microsoft Windows NT, Novell NetWare and Lotus Notes offer add-on encryption schemes that encode all data sent on the network and companies can buy standalone encryption products to work with individual applicationsAlmost all firewalls, encryption programs and password schemes include an auditing function that records network activity. The audit trail not only highlights points of vulnerability on a network, but can also identify the password and equipment used to invade the system during an inside job. This auditing log can prevent internal intrusions before they occur -if the person knows it exists. Although probably useful only to companies with ultra-high security requirements, smartcards are safer than passwords for verifying authorized users. These devices generate random numbers every minute, in sync with counterparts on each entry point in the network. This works well unless the card is stolen. PC World,