Are Home PCs a Backdoor Into Your Corporate Network?

When it comes to network security, your corporate IT department probably has the company’s computers locked up in the technological equivalent of a medieval fortress. Your systems are likely ensconced behind a firewall, with antivirus monitoring software patrolling the perimeters and an array of additional security measures fending off unwanted intruders. But what you may not know is that, all the while, your employees’ home computers and laptops are sitting out in the middle of the battlefield, unarmed and unprotected.

That’s the recent assessment of corporate computer security made by computer scientists at Carnegie Mellon’s CERT Coordination Center, which tracks computer security threats and disseminates information on how to protect against attacks. According to CERT, the number of hacker attacks on home computers has risen sharply this year. In many cases, hackers aren’t going after personal files, but using the computers to gain access to your corporate network.

Home computers aren’t inherently more vulnerable than work PCs. The trouble is that home users generally don’t keep their systems up-to-date with the latest security fixes and antivirus software, according to CERT. Without a firewall and proper protective software, telecommuters can unknowingly infect their systems with a pernicious virus simply by opening an e-mail.

Even worse, many home users don’t understand that their broadband connections (DSL services or cable modems) make them more vulnerable to hackers. That’s because these “always-on” connections leave your computer attached to the Internet 24 hours a day. And unlike dial-up modem connections, which assign your computer a new “address” on the Internet each time you connect, broadband providers often assign a permanent Internet address to each customer. That makes broadband-connected computers sitting ducks, because hackers can easily target and retarget them. As the number of broadband users increases, you can count on one thing: more and more hacker attacks on home PCs.

What’s an IT manager to do? First of all, make sure your employees have the latest software security patches. Windows users can visit Microsoft’s Windows Updates page and download a program that will automatically check for security patches and other updates to the Windows operating system. Those with Macs (AAPL) can check Apple’s security page for guidelines and links to updated software.

Second, telecommuters should use antivirus software. The most popular programs are made by Symantec and Network Associates; their programs sell for about $30 to $40. In a pinch, you can also use free online virus scanners that run on your browser. Symantec (SYMC) and Network Associates (NETA) both offer these on their websites.

The third step, if you’ve got a broadband connection to the Internet, is to install a firewall. This can be either a hardware-based firewall box or a software program. Both accomplish the same thing — which is to prevent hackers from connecting to your computer — but software is less expensive (although it will use some of your PC’s resources while it’s running). The above-mentioned antivirus vendors sell firewall software (Network Associates’ McAfee Firewall is $30 and Symantec Personal Firewall is $50), and I’ve also had good results with a product called BlackIce Defender ($40 from NetworkIce).

Finally, CERT’s website offers additional tips for increasing the security of your home PC. It’s worth spending 15 or 20 minutes to read through.

While no security measure can offer 100 percent protection, taking a few simple steps can greatly reduce the chance that a home PC will fall prey to hackers. More important, it just might save your company network.

Link: Are Home PCs a Backdoor Into Your Corporate Network?

Link broken? Try the Wayback Machine.

Are Home PCs a Backdoor Into Your Corporate Network?