Elements of Network Security
Introduction
The primary objective of a network security system is to, in a cost effective manner, balance convenient access to legitimate users and inaccessibility to attackers. In a nutshell, the goal is to prevent connectivity to anyone intending to cause harm to the network. The harm to which this paper refers can come in the following forms:
1. Application-level security threats, such as e-mail viruses and attachments.
2. Threats to network infrastructure devices.
3. Theft of network connectivity services.
4. Unauthorized access from internal and external sources.
5. Denial of service attacks.
Using a proper network security strategy reduces and, in some cases, even avoids the listed harmful attacks from occurring on a network (Gary, T., et al, Mar. 2002). This paper will discuss such a strategy used by the Los Angeles Department of Water and Power (LADWP), as well as the strategy's three primary elements: prevention, detection, and recovery.
Prevention
Surprisingly, the most common threat to a company's information assets does not come from the sly and cunning computer hacker that is glamorized by Hollywood movies, but from human error, inappropriate disclosures, and sheer carelessness on the part of the company's employees. Hackers who do intentionally tamper with the company's network often do so because they are tempted by assets they know are poorly protected. Weak security policies present the image that a company does not truly value its assets, which in turn attracts the petty thief and curiosity seeker. Therefore, the preventive element of any network security system should include a strong and enforceable security policy for its employees to follow, re-enforced by a form ...
... middle of paper ...
...y is ultimately in the hands of people, making them the greatest tool in defending the system, or the weakest link that will lead to the systems failure.
References:
Control Data Systems Inc. (1999). Why security policies fail. [Electronic version] Retrieved Nov. 25, 2005, from http://downloads.securityfocus.com/library/Why_Security_Policies_Fail.pdf
Denning, G. (1998). An intrusion-detection model. [Electronic version]. Retrieved Nov. 25, 2005, from http://www.cc.gatech.edu/~wenke/ids-readings/id_model.pdf
Gary, T., et al (Mar. 2002). Network security credo. [Electronic version]. Retrieved Nov. 25, 2005, from http://staff.washington.edu/gray/papers/credo.html
Stiffler, R. & Carter, E. (Dec. 28, 2001). Intrusion detection: Cisco IDS overview. [Electronic version]. Retrieved Nov. 26, 2005, from http://www.informit.com/articles/article.asp?p=24696&rl=1
The use of cybersecurity policies within CSN is to provide security of the divisions assets. The written policies provide guidance on implementation, through references to applicable standards and statements of best practices (Booz Allen Hamilton, 2012). As stated by Control Data Corporation, there is no asset which can be 100% secure; network security is often times focused on strategic prevention or reactive procedures, rather than examination of the security policy and maintaining the operation of it (1999). Therefore analysis indicates that numerous breaches are often due to reoccurring weaknesses in the policy. “Even the most reliable, state-of-the-art technologies can be undermined or rendered ineffective by poor decisions, or by weak operational practices” (Control Data Corporation, 1999, p. 3).
Whitman, M. E. & Mattord, H. J. (2011) Principles of Information Security. Boston: Course Technology. (Whitman & Mattord, 2011)
Security helps the organization meet its business objectives or mission by protecting its physical and financial resources, reputation, legal position, employees, and other tangible and intangible assets through the selection and application of appropriate safeguards. Businesses should establish roles and responsibilities of all personnel and staff members. However, a Chief Information Officer should be appointed to direct an organization’s day to day management of information assets. Supporting roles are performed by the service providers and include systems operations, whose personnel design and operate the computer systems. Each team member must be held accountable in ensuring all of the rules and policies are being followed, as well as, understanding their roles, responsibilities and functions. Organizations information processing systems are vulnerable to many threats that can inflict various types of damage that can result in significant losses (Harris, 2014). Losses can come from actions from trusted employees that defraud the system, outside hackers, or from careless data entry. The major threat to information protection is error and omissions that data entry personnel, users, system operators and programmers make. To better protect business information resources, organizations should conduct a risk analysis to see what
Roberts, Richard M. "Network Secrurity." Networking Fundamentals. 2nd ed. Tinley Park, IL: Goodheart-Willcox, 2005. 599-639. Print.
Stewart, J. M. (2011). Network Security, Firewalls, and VPNs. Burlington: Jones & Bartlett Learning, LLC.
The cyber security department will ensure that the organization will have continual protected access to the organization’s network. The protected access of the network will be available 24 hours a day and 7 days out of the week. The protected access will also be available during emergencies. Emergencies will not hamper or hinder the organization’s ability to access the network. Arrangements have been put in place for emergencies to have protected access to the network. The cyber security department will continual strive to improve their services. “Cyber-attacks on a Process Control Network (PCN) pose a risk to the operation” (Henry, 2009, p.223). The uninterrupted, protected access to the organization’s network is the top priority of the cyber security department.
Every organization, big or small, should have some level of security policy to protect their proprietary information. While the intensity and depth of an organization's security policy depends heavily on the nature of their business, common guidelines are mentioned in this paper that apply to all policies. One of the most important things to remember is that employees are a critical component to a successful security policy. It is the organization's job to ensure that their security policy is widely distributed and understood.
Intrusion prevention system - Wikipedia, the free encyclopedia. 2013. Intrusion prevention system - Wikipedia, the free encyclopedia. [ONLINE] Available at:http://en.wikipedia.org/wiki/Intrusion_prevention_system. [Accessed 16 December 2013].
Lastly, the application layer (Layer 7) supplies services to application procedures and threats are static passwords and SNMP private community strings (Holl, 2003). Organization will need to enforce encryption to limit the exposure of personal information, ensure that patches are installed for applications, patching and is performed on all network and hardware devices, hardening of operation system and implements secure authentication methods (Baker & Wallace, 2007). Additionally, a quality anti-virus is utilized on workstations, servers and other devices connected to the organization IT infrastructure. All types of attackers discussed in this paper are applicable. Black hat hackers and cyber terriorist will control exploit vulnerabilities in networks and application systems that are not properly patch as well as malware writer
...vantage of the overall network design and implement usable subnets with virtual local area networks. Use encryption and encapsulation to secure communications of public segments to enable extranets and cross-Internet company traffic. Use items such as intrusion detection systems and firewalls to keep unauthorized users out and monitor activity. Taken together, these pieces can make a secure network that is efficient, manageable, and effective.
Security is often seen as exclusive requirement in networking, providing security is an important issue. A lot of problems are there so a lot of security measures should be provided. Security is more important than ever before due to many reasons. When a network is implemented poorly, security threats and ...
Although Intrusion Detection Systems (IDS) and Intrusion Prevention Systems (IPS) have been grouped together here (IDPS), there are distinctions between them. On the most basic level, both will monitor the network...
Potential risks and security breaches have been on the rise with a growing number of skillful hackers. This results in an increase to external threats to personnel and businesses. However, when complex security measures and the appropriate level of controls are utilized, there is a reduction to the potential risk and loss due to failure or breach. Therefore, such practice will enhance system reliability.
In order for a cybersecurity policy to be successful, it should cover every conceivable situation (Easttom, p.201, 2012). Security events that are not associated with a policy are likely to not be handled as efficiently as an event that does have a policy. Policies reduce or eliminate uncertainty over the expected way a security event is to be dealt with. A successful cybersecurity policy will restrict actions enough to facilitate a secure network while avoiding mandates which restrict behavior so tightly that employees will become resentful or find ways to circumvent the policies. When considering specific policies, it is important to not create policies that are unclear or open to interpretation. Instead, each policy should be as specific as possible, leaving little room for interpretation or misunderstanding.
Without proper protection, any part of any network can be susceptible to attacks or unauthorized activity. Routers, switches, and hosts can all be violated by professional hackers, company competitors. In fact, according to several studies, more than half of all network attacks are waged internally. To determine the best ways to protect against attacks, we should understand the many types of attacks that can be instigated and the damage that these attacks can cause to data. The most common types of attacks include Denial of Service (DoS), password, an...