Shark Tank: There's nothing like security

This new hotshot security manager goes over everything on this company's network and locks it down hard, grumbles a pilot fish who has to deal with the new locks and keys.

"Plain-text passwords were outlawed on the LAN, so we deployed secure shell (SSH) on all our network hardware," fish says. "We set up a single jump-off node at each site that each network device trusted. We removed all network dial-up access except through VPNs. We set passwords to arcane strings.

"When it was all done, no one could remember how to log into the routers, switches, firewalls and SSH gateways, which each had a different multistep access procedure. Staffers started carrying around written cheat sheets complete with passwords."

What's worse, all the new security means that when something breaks down and the on-call network admin wants to fix it remotely, a lot of applications, protocols and services have to be working in order to connect and do problem resolution.

"Given that, by definition, stuff is broken when he would need remote access, you were essentially guaranteed that he'd have to drive in," says fish.

So fish writes a report detailing the problem. And management admits -- grudgingly -- that it is a problem, and turns it over to the security guru for a fix.

"The security guru buys a modem-equipped terminal server and connects a serial port to each piece of active network gear," fish says.

"Now, in the event of trouble, an off-site tech can fire up a native dial-up session to the terminal server and connect directly to the console ports of all our infrastructure."

Or to put it another way, there's now a complete set of back doors that effectively negates all the new security measures.

"Our network is today better protected from the IS staff sitting at their desks than from someone outside war-dialing for modems," says fish.

"The upside is that the techs in-house can now dial the terminal server, eliminating the need to carry the cheat sheets."

Copyright © 2002 IDG Communications, Inc.

7 inconvenient truths about the hybrid work trend
Shop Tech Products at Amazon