I'm barely new in web server administration. Well, my job description doesn't say anything about servers, but I'm maintaining a website and a intrenet for my company.
My boss wants me to enable a hyperlink in our website so users can connect to the intranet from everywhere. What are the potential risks if we open this door.
I'd really apperciate your help.
This is Will O'Neill, the Webmaster of HealthyOntario.com – I work for Prescient (Toby's company) and he asked me to address your question briefly.
I don't know enough about your situation to answer in detail or make suggestions, but in general terms the risk increases considerably – instead of having a firewall that blocks this kind of traffic absolutely, as a closed intranet woud likely have, you'll now have to lower that barrier and set up an authentication system for users at the gate. The risks, of course, are hackers who can read, alter or destroy data, as well as potentially introduce viruses to your system.
One piece of advice I can offer is to enforce a strong password discipline among users – this means mandatory case-sensitive passwords that must use a combination of letters and numerals in nonsense combinations. This will offer resistance against programs that attempt to determine passwords.
The bottom-line is that it is a risk, but you have to weigh it against the need in your organization and also consider the resources you're prepared to commit to security solutions on both a software and hardware level.
Good luck with your research!
Whoops, forgot to put all my contact information – feel free to call if you have any more questions…
Will O'Neill, Webmaster, HealthyOntario.com
1102-180 Bloor Street West
Toronto, ON M5S 2V6
(416) 926-8800 ext. 16
Thank you very much for the information!
I need to put this on the table before we deploy this idea.
Very nice website by the way.
I hope to maintain in contact for future reference and feedback.