Free Trial

Safari Books Online is a digital library providing on-demand subscription access to thousands of learning resources.

Share this Page URL

Chapter 1. Introduction > Introduction: security in the enterprise - Pg. 5

1.1 Introduction: security in the enterprise This chapter will describe how the new security features of AIX V6 address some issues in traditional UNIX® security models and problems encountered by businesses today. The area of computer security is a dynamic and changing world, in which enterprises must be diligent to integrate and combine many mechanisms to address varying threats. In order to create a good security policy, an organization must understand its strengths and weakness, the value of its assets, and its source of threats. Towards the end of this chapter, we will also be reviewing important complimentary security features released in prior releases, to give a complete picture of the security relevant capabilities available to customers in all releases of AIX. The customer documentation available in the AIX information center should be consulted to review specific syntax and information for each security feature. The security of an enterprise consists of various aspects. In regards to IT security, operating system security provides for the foundation around which the rest of the software stack can build its security. AIX historically has provided for strong operating system security. AIX V6 builds on that security and provides for multiple security features addressing varied types of threats for different operating environments. Security threats are often thought of as activities originating from external organizations, and traditionally firewalls and DMZs have been used to set up protection for the corporate environment. Computer forensic data has consistently shown that intrusions occur most often from within an enterprise. This fact is often unsettling and some level of denial often results in computer security practices that may be inadequate. Security exposures include inadvertent misuse or misconfiguration of systems to intentional harm or theft of intellectual property. Disgruntled employees or even "moles" can wreak havoc on systems because they have a lot of knowledge on what security systems are in place. Cleartext passwords, for example, are still a common practice within the corporate network. Having a global and virtual workplace can often compound the problem, where precious intellectual property leaves the country's borders. No one program or technology can solve the problem, but it is a combination of technologies, business practices, and social engineering that must be employed together to form a complete security model. Chapter 1. Introduction 5