The 1980s enterprise lived off a collection of diverse systems and processes, some manual, some based on a handful of PCs, rarely connected together. Or large, proprietary networks based on mainframes and minis. Few heard of viruses, and they knew of them as silly little pranks affecting kids who pirated games and
The 1990s enterprise is very different. It’s a different paradigm. The network is the computer. And all that the enterprise stands for, its knowledge base, its customer records, its business data…is in the network. In data files, in a handful of formats scattered across servers and Windows PCs.
Among those who acknowledged this change is the virus author community, scattered beyond the fringes of the twilight zone of infotech ethics. The virus has kept up with the enterprise. Its evolution over this past decade has been impressive. From the little DOS program file and boot sector infectors that would more often than not tend toward silly messages, they’ve turned their attention to the network. They’ve evolved into a vicious genre that attacks the core of the enterprise: its data.
Our publication group’s network came through eight years without virus attacks, simply by managing security rights for the applications. It was a different story with Melissa and the other data viruses. They spread rapidly, through mail or other sources, affecting not programs but data files. They left a trail of damaged or zero-byte Word and Excel files in their wake. Editorial files, circulation data, everything was hit, to varying degrees.
You can reinstall applications, but not data. They’re your repository of information. Wipe out an enterprise’s document, spreadsheet and database files one day, and you can bring the enterprise to its knees. A careful backup policy helped us ensure that life and our magazines went on, but such an attack always leaves you shaken-and wiser.
For enterprises which think data security isn’t a big deal for them, welcome to the 1990s. Melissa was just a preview. There’s a dozen prongs of attack for your networked enterprise. Viruses and trojans, crackers and malicious insiders. And today, they don’t care about infecting your programs and your disks: they go straight for your data files.
Data security is the new challenge for the enterprise, and its something all IS managers, however big or small the enterprise, are going to get serious about in the year ahead. Call it Melissa’s millennium gift.
Prasanto Kumar Roy