Issue No. 02 - March/April (2005 vol. 22)
DOI Bookmark: http://doi.ieeecomputersociety.org/10.1109/MS.2005.35
Warren Harrison , Portland State University
The Netcraft annual Web server survey indicates more than 56 million Web servers were active at the end of 2004, and an average of 911,000 new sites are added each month. This doesn't include computers connected to the Internet as clients. Software developers continue to take advantage of this widespread connectivity. If developers can reduce that 56 million to only those systems that really need Internet access, they'd significantly reduce the probability of security holes due to mistakes and oversights. The author urges system architects to evaluate if the system they are designing really needs to be accessible via the Internet. They should ask themselves, Is providing information over the Internet really a core mission for my application, or is it just an "extra feature" that's inexpensive to add? The author also urges network engineers to consider laying two network drops when they run a LAN: one for a secure internal LAN and one for an open LAN connected to the Internet through a firewall.
Internet security, Internet privacy, software design
W. Harrison, "Constant Connectivity: Just Because You Can Doesn't Mean You Should," in IEEE Software, vol. 22, no. , pp. 5-7, 2005.