Everyone knows the importance of network security in the corporate world. But in many ways, the risk to the home office is even greater. While the company LAN supports a fixed group of employees and is protected by IT professionals, home networks often mix remote workers and family members; corporate drives, files and resources with personal ones. And since teleworkers often double as home network managers, they need to fend off threats from outside as well as inside the network.

The standard network log on challenge -- asking for user name and password - provides a fair level of comfort. But since home network security is often lax, it's probably not enough. Say your first grader wants to log on, but forgets her user name and/or password. She might borrow her older brother's username and password and log on as he, which in turn grants her access to his personal files, and a different level of Web access. Or worse, she heads for your corporate system, logs on as you (since your password is posted on the monitor) and deletes crucial system settings while attempting to launch the browser.

In a small office, the job of implementing security controls often falls to the small business owner or manager. In addition to fending off invasions from the outside, it's imperative that specific rights be granted to specific users. The administrator/business manager will need access to employee records and payroll files, but the data entry clerk or sales person shouldn't even see such folders on the network. An effective method of authentication helps assure that only persons authorized to log on to the network can actually get into the network.

Security schemes use one or more of three elements - what a user knows (password, user name, etc.), what a user has (physical security key, smart card, or a different access device), or what a user is (physical identification, often referred to as biometrics). Several new products relying on the latter two provide the additional security home networks need. Most are designed for use on a single workstation, but network versions are often available.

USB Keys

The same way your house and car keys open your door or unlock your car, USB keys plug in to your computer's USB port to obtain access. When you plug in the key, you're prompted to enter a unique password or personal identification (PIN). If the password and the key match, you're authenticated. If you remove the key, access is revoked. If someone borrows your key, unless they know the password or PIN, it's probably nearly impossible to gain access.

SmartID ($35) from Griffin Technologies LLC and Rainbow Technology's iKey 1000 ($45) each employ a user's PIN number, software, and the physical key to gain system access. The iKey is available now and includes support for Windows 2000 Professional; SmartID is expected to ship in January.

While the USB key makes good sense, the design calls for a hub. Most desktop computers have USB ports

• Email
• Print
• Share
  • Slashdot
  • Digg
  • Stumble
  • Reddit
  • Newsvine