The WinFrame thin-client/server operating system extends the security of Windows NT by keeping vital information on a network server: data doesn’t have to be downloaded to the user device. This configuration enables users worldwide to access the same centralized information, while IS managers avoid the security, cost, reliability, and management issues of widely dispersed and replicated databases. Because the applications are run 100 percent from the server, the administrator has the ability to have complete control over the workstation environment. For example, a user with a Windows-based terminal can be assigned to use specific applications. When this user logs on, he or she sees only that application—access to network resources is limited. This user will not be able to copy, ruin, or even look at anything the administrator wants to keep private or confidential. Figure 5-4 shows different types of users with various access to applications.
Reinforce security by maintaining databases only on your servers.
FIGURE 5-4
Different types of users with access to applications they need
Because WinFrame is a multiuser operating system, additional security issues arise. You need to make sure you remove any components that a user does not need and that an abuser could use to break down the system. David Carroll, the consultant you met in Chapter 2, tells a story about opening a company’s Web site and finding a link to the Moody Blues at the top of the site. No, the company did not sell records. It was a simple mistake. The company had allowed FTP on the Web Server but did not secure it with a password. The culprit downloaded the HTML document and then edited and uploaded it to its original home directory. The problem could have been much worse.
Make sure to lock down your system.