The primary objective of a network security system is to, in a cost effective manner, balance convenient access to legitimate users and inaccessibility to attackers. In a nutshell, the goal is to prevent connectivity to anyone intending to cause harm to the network. The harm to which this paper refers can come in the following forms:
1. Application-level security threats, such as e-mail viruses and attachments.
2. Threats to network infrastructure devices.
3. Theft of network connectivity services.
4. Unauthorized access from internal and external sources.
5. Denial of service attacks.
Using a proper network security strategy reduces and, in some cases, even avoids the listed harmful attacks from occurring on a network (Gary, T., et al, Mar. 2002). This paper will discuss such a strategy used by the Los Angeles Department of Water and Power (LADWP), as well as the strategy's three primary elements: prevention, detection, and recovery.
Surprisingly, the most common threat to a company's information assets does not come from the sly and cunning computer hacker that is glamorized by Hollywood movies, but from human error, inappropriate disclosures, and sheer carelessness on the part of the company's employees. Hackers who do intentionally tamper with the company's network often do so because they are tempted by assets they know are poorly protected. Weak security policies present the image that a company does not truly value its assets, which in turn attracts the petty thief and curiosity seeker. Therefore, the preventive element of any network security system should include a strong and enforceable security policy for its employees to follow, re-enforced by a form ...
... middle of paper ...
...y is ultimately in the hands of people, making them the greatest tool in defending the system, or the weakest link that will lead to the systems failure.
Control Data Systems Inc. (1999). Why security policies fail. [Electronic version] Retrieved Nov. 25, 2005, from http://downloads.securityfocus.com/library/Why_Security_Policies_Fail.pdf
Denning, G. (1998). An intrusion-detection model. [Electronic version]. Retrieved Nov. 25, 2005, from http://www.cc.gatech.edu/~wenke/ids-readings/id_model.pdf
Gary, T., et al (Mar. 2002). Network security credo. [Electronic version]. Retrieved Nov. 25, 2005, from http://staff.washington.edu/gray/papers/credo.html
Stiffler, R. & Carter, E. (Dec. 28, 2001). Intrusion detection: Cisco IDS overview. [Electronic version]. Retrieved Nov. 26, 2005, from http://www.informit.com/articles/article.asp?p=24696&rl=1
Need Writing Help?
Get feedback on grammar, clarity, concision and logic instantly.Check your paper »
- Abstract— the network has become an important component of an organizational business process hence its management must be as secure as possible. Administrators are, hence, faced with the challenge of securing the network. Network security encompasses monitoring and securing the enterprise. The network security comprises of a system that keeps track of the status of a range of elements within a network. Enterprises, therefore, monitor, lock and secure their domains to ensure their security and possibly prevent cyber-attacks.... [tags: Security, Information security, Computer security]
1661 words (4.7 pages)
- Networking is a norm in many corporate based institutions in modern society. Computerized applications, software and communication has been greatly deployed to foster service delivery in the organizations. Despite the many merits tied to networking, it poses some threats that can proof costly if not handled professionally. Good news is that there are measures that can be adopted to form a robust computer network system that will ensure minimal or no intrusion by any assailants. This paper seeks to explore a number of factors indicative of weak computer networking system, and various measures to plan and enable stern security.... [tags: cyber crime, cyber security]
2848 words (8.1 pages)
- Institutions of higher learning are increasingly using Information and Communication systems in administration, teaching, learning and research. This infrastructure needs to be available, secure and well protected. It therefore becomes crucial for information security practitioners in public universities to implement effective information security programs. Information security focuses on technological issues and important elements of an organization such as people, process, business strategies etc., which also mandates the need for information security.... [tags: Information security, Security, Computer security]
1097 words (3.1 pages)
- Organizations which rely on network infrastructure for their business operation must utilize security technology to protect the network from harmful actions of automated attacks as well as malicious human activity. It is also important to enact policies and guidelines for the employees of the organization, which in many regards can be the weakest link in the chain of security. According to a survey by The Ponemon Institute (2012), “78 percent of respondents said their organizations have experienced a data breach as a result of negligent or malicious employees or other insiders” (p.1).... [tags: Network Security Policy]
1073 words (3.1 pages)
- Introduction According to Dubrawsky and Faircloth, remote access denotes to the ability to access a computer, for instance, an office network computer or home computer, from a remote location. This permits personnel to work offsite, for example at home, or any other location, while employees still have to a distant network or computer. Remote access can be implemented by use of wide area network (WAN), local area network (LAN) or virtual private network (VPN). Either of these implementations allows access of systems and resources (Dubrawsky & Faircloth, 2007).... [tags: Virtual private network, Computer network, Wi-Fi]
1010 words (2.9 pages)
- Assigning the precise amount of network capacity in the right place at the right time is no simple task. Network Planners cannot afford to overbuild, as this would consume scarce investment resources that could be better used elsewhere. They also cannot delay expansion as this may result in poor service to customers and under-utilize other network assets. A balanced approach is needed in order to meet the rapidly growing and changing traffic demands. Advanced network planning and design software provides benefit to network planners in the following ways: 1) Advanced Network Planning provisions effective utilization of all network resources affecting network capacity, including both physical... [tags: Implementation, Design, Computer network]
1374 words (3.9 pages)
- Information security for modern enterprises Nowadays, life of the person has totally changed due to technology in this in internet plays an important role to give the new life style. In this new generation every things done by the internet with in seconds and no matter how work is large or small. In every business securing enterprise information has never been more challenging. Because new generation fully educated with technology and revolutions. The technology has set the main goal on to youth of the every nation in all around the world because they are sharp minded.... [tags: Security, Information security, Computer security]
1381 words (3.9 pages)
- Information security (IS) in modern organizations is of vital importance. Modern era of technology brings certain threats to information security but mostly are from internal factors. Enterprises ensures the need of safeguarding information by analysing information security risk for the business. The risk is managed by defining and implementing information security policies. The paper highlights that support from the senior management is essential in almost all decisions for securing information resource.... [tags: Security, Information security, Computer security]
1368 words (3.9 pages)
- Why Study Information Security. The study aims at providing knowledge on preventive measures against web attacks on computers, networks and the data stored in them. This security is also essential for protection against identity theft and the phishing of user information for financial gain, it will also equip an individual with the knowledge to help them differentiate and identify a genuine address from an address indicating fraud. The study of information security is also a career subject and has offered a large number of people’s jobs.... [tags: Information security, Computer security, Security]
911 words (2.6 pages)
- Introduction The first thing that we must consider about Information Security is that there is not a final destination at which we can arrive. IT Security is an ongoing set of processes and activities that requires attention and expertise on a daily basis. It is important to understand that systems are not secured by themselves and it is our responsibility to maintain and improve them periodically as required. It is of vital importance to establish the appropriate mechanisms and requirements in order to support the company’s CIA triad.... [tags: IT Security]
2693 words (7.7 pages)