Thursday, December 28, 2006

Intranet links to Internet servers pose risks

A reader from South Africa asked me about the security implications of having hyperlinks on a company intranet that point to (a) an Internet server owned by the same company or (b) to a server controlled by some other organization.

In the following discussion, I focus on organizations such as government agencies and businesses but explicitly exclude academic institutions, which have their own peculiar policies related to principles of academic freedom.

Both questions revolve around crossing domains. The Computer Desktop Encyclopedia defines a network domain as “all resources under the control of a single computer system.”

Pointing from an intranet server to a Internet server, even if under the control of the same organization, increases the risk of the following security breaches:

* Integrity: risk that the contents of a document in an external link will change in ways that affect the functionality of the intranet page. What if an external agent (another department in the corporation, say) unilaterally changes the content of a page on which the intranet users have been depending? It may be difficult for the owner of the original document on an Internet server to keep track of all the users expecting to see specific content on a page accessed through the intranet servers.

* Availability: risk that a link for an important document will go bad. When I plan the links for curriculum pages on a teaching extranet, all _required_ readings point to materials residing on the extranet servers. Although this policy means that we must obtain permissions from all the copyright holders and sometimes pay royalties, it’s too great a risk to depend on URLs out of our control. In contrast, _optional_ readings usually do use external links, but we check every one of those before each repetition of a course module goes live for the next group of students.