Digital security in modern day world is essential need of any type of business and personal use of internet and communication systems. In typical network environment various subsystems collaborate to run business operations which generates data and transactions in day-to-day business, all these operations are done using some software and communication over some sort of network, Wi-Fi or Local Area Network (LAN) within business facility and Wide Area Network (WAN) or internet for business communication or transactions to any external entities like banks or other businesses.
Network security is important whenever there is communication over internet is involved; with increasing number of social networks people use in their day to day person life and almost every aspect of their daily life involved internet activity one way or another, this can make their personal information vulnerable over public internet. Security network for business activities is very crucial to protect data and mission critical business information.
Network security consist of multiple layers of security over communication network, these layers range from individual workstation (computer) to internet gateway server; where information is sent to and received from internet. Network security not only involves processes to protect communication and software but also protecting hardware.
The steps to implement network security may differ from business to business, therefor every organization have IT security Policy which outlines the common set of rules needed to enforce to secure digital communication over network.
Why do we need Network Security?
Network security required sufficient amount of investment to implement and maintain, so the question really is, why do it is needed it? To protect business critical data and personal information organization need to implement network security, or organization would be victim of verity of network security attacks, these includes but not limited to password attacks, phishing attacks, denial of servicer, man-in-the-middle attack etc.
Internet browser attacks where user try to visit website using web browser that looks legitimate, malicious website inject malware into user’s system that can perform malicious activities like stealing sensitive information store or processed by computer.
Another form of attacks is brute force attack in which hacker uses automated software that cracks passwords by applying different permutations of characters, to crack password and break into network front entry door i.e. internet gateway server, that is the very reason complex passwords practices comes very handy.
Worm attacks are another form attacked where attacker infect one system in network by injecting malicious worm, then it penetrates automatically over all network and infect systems WannaCry ransomware is one example of such worm. Emails are essential part of any business communication; phishing emails is another form of commonly used attacks to break into secure system.
Web attacks are also common way to braking into system, these attacks are executed using cross-site, session highjack, SQL-injection, man-in-the-middle or SSL, which leads to the leakage of sensitive information.
The latest one is Meltdown & Specter in which attacker can access sensitive system information using CPU flaw in Intel’s processors. These possibilities of attacks go on and one with endless potentials that can lead data breach. There its extremely important to secure network in business environment.
Relevance and Significance
Network security is very important to protect your vital business assets as mentioned earlier. Failure to employ security to network can lead to monumental data breach like what happened with EUQFAX data breach, which can cause severe damage to your business and reputation in the market.
Network security is an art more than science as the title of this paper, technical individuals to decide what is best suiting for organization. Each business is versatile in terms of IT infrastructure usage and data creation plus data categorization varies between mission critical, important, confidential and less important; hence different levels security needs to be applied for each category.
Some business allows employees to work remotely for that requires to configure Virtual Private Network (VPN) software etc. Effective network security gives financial saving or money in long-run, organization don’t need to hire IT specialist for any kind of technology issues or organization don’t need to pay any IT person to fix any security flows in system etc.
Network security is valuable in many ways as it protects organization’s employees, system, data and customer information hence build storing trusts in customer mind and grows business.
Building blocks of Network Security
Network security plays very important role in overall information security policy, it is fairly complicated and diverse topic and can vary from business to business. It can be distributed into following blocks.
Access Control and Authorization
Access controls refers to the constraints enforced by origination to allow specific set of users. The basic rule of network security is, do not allow everyone to access or administer the network; identify the roles who should be allowed to administer or manage network. Authentication and authorization is core part of access control which let use allow or deny access based on access level configured by organization, role for example.
Authentication is process of verifying user identity who is attempting access and authorization is the process of granting access to authenticated user. Authentication and authorization can be implemented use traditional Windows-based Active-Directory system or identity based Single Sing On (SSO) mechanism.
Active-Directory based identity management system is widely used in Windows environments using Microsoft’s technology stack, but the down side is, it can’t be used on non-Windows based systems. Identity based SSO on the other hand is cross platform solution and can be used on variety of operating systems.
Network Access Control (NAC) specifies the whole chain of access management combined with authentication and authorization. Public Key Infrastructure (PKI) and digital certificates are another form of identity management can be used to authorize users to enforce access management.
Application security is the protection of software applications used within organization for daily business activities. If the software being used within organization is commercial product bought from third-party software vendor, then there is nothing much can be done in terms of fixing, from consumer side if there is security vulnerability in software application.
Each commercial software product has customer support and feedback mechanism; which can be used to report any security vulnerabilities found during using the software application. Software vendors release new version of their products after some time due to bugs in application or security vulnerabilities.
Typical software applications have update feature, which let you update the application to news version. Apart from vulnerabilities within software application, it is crucial for consumer of application to use software application securely as recommended by software vendor, each software application has authentication mechanism for instance login using password or access card; if password authentication is used then choose strong password, always sign-out the application and take out card when computer is unattended. Organization wide security policies recommend users to lock computer whenever it is unattended.
Typically, all computers in an organization configured to auto lock itself if use don’t perform any action for certain amount of time, this enables security of computer system and applications installed.
Antivirus software is one of the most important pieces of software need on computer, it protects computer from viruses, malwares, trojans and hackers. Computer operating systems are generally designed to focus of application management, executing and some basic security which is not enough to protect the user and system completely, Windows 10 for instance have windows defender which can detect most of malicious activities on your system, but it is not good enough to protect computer completely from all sort of attacks and malicious programs; that is where antivirus software comes into picture which is specially designed to protect from viruses and other malicious programs.
McAfee, Norton Antivirus and Kaspersky Antivirus are few of the popular antivirus software. Antivirus program has capability of scanning your whole system for viruses, malwares and other malicious programs hidden into your filesystem as well as any new files you download into your computer.
Antivirus program constantly monitors computer for any suspicious activities while system is being used for various activities such as, internet browsing, file transfer in and out of computer, new device attached and running executable programs. Antiviruses have very comprehensive detection, reporting and notification mechanism to notify user in case of any malicious event.
Firewall is another crucial block in network security, it is basically a security system that monitors network traffic coming and going out and detect filter out any unwanted data travelling through network.
A firewall in other words is barrier between trusted and untrusted network that lets only legitimate data go through. Firewalls can be divided into two broad categories host-based or application firewalls and network-base or hardware firewalls.
Application or software firewalls runs on computer as application for example Windows Operating System firewall; and monitors traffic coming into and going out of system.
Application firewalls enables strong layer of defense at system level and filters out unwanted traffic. Network firewalls on the other hand operates at overall network level for example firewall for office building; network firewalls work like content filters and check each packet being transmitted in and out of network as configured. Network firewalls can be further divided into stateful and stateless firewalls.
The stateful firewall keeps track of connected sessions to increase efficiency and lower latency in traffic interception, stateful firewalls are efficient but consumes more memory; while stateless firewalls do static comparison and does not keep track of any connected session hence more memory efficient.
There are other firewall configurations such as proxy firewall and Network Address Translation (NAT), proxy firewall configured on internet proxy server, NAT translates IP addresses between networks into internal or private IP address to secure the traffic.
Virtual Private Network (VPN)
Virtual Private Network is another strong pillar in network security, it enables user to connect securely to organization’s internal network from insecure network. A VPN generally works with provider, it setups secure network or set of networks which enables uses to connect from insecure network such as internet. VPN establish secure and encrypted channel, that lets securely communicate from remote network. A VPN ensure that all the communication over internet is private, secured and can’t be tempered.
In modern day technological world most of businesses relay on heavy use of Information Technology (IT) and have business model that let employees to work from remote location while connecting to internal network to record business transactions, VPN here plays crucial role while providing secure channels to connection to internal network.
The use private communication over the insecure network such as internet is more crucial, it can lead to identity theft and leakage of sensitive data that meant to be private, VPN also protects privacy of users over internet communication. VPN also secures the geolocation of user which is important in certain situations or businesses. VPN in general is very important in organization’s overall security mechanism.
Wireless & Mobile Security
Portable devices such as laptops, cellphones and tablets are weak link in network and hot target for cyber criminals, therefore securing the wireless devices is by far the most important consideration in modern day connected technological world. There is large variety of digital devices can connect to company’s wireless network, securing wireless network is a bit challenging, and more rewarding if done correctly.
Wi-Fi Protected Access (WPA) and Wired Equivalent Privacy (WEP) are most common wireless security standards. Most of commonly used wireless routers have built-in security configuration and support. Wireless networks are generally sweet spot for hacker to break into secured wired network, therefor companies need to configured enterprise wireless security policy based on standards such as Wireless Intrusion Detection System (WIDS) and Wireless Intrusion Prevention System (WIPS) to secure their wireless networks. WIPS monitors wireless network for any unauthorized access point or network attack tools and alert system administrator about presence of malicious device.
Email is one of the most commonly used medium of communication in modern day world. Securing email is crucial for organization as there are variety of email attacks such as social engineering, phishing emails, that can lead to leakage of personal information or sensitive data. These malicious emails sent from hackers looks very legitimate; asking for some sort of sensitive information, in some cases attacks targeted for particular business or company. Organization needs to train employees for phishing emails.
Physical security is important as is very important and often overlooked aspect of information security or cyber security. Physical security and access controls measures works together to ensure overall information security, physical security include security the data and resources physically from theft, intrusion or destruction. This includes securing facility where business is operated, and systems are kept, data center for example.
“The nature of physical security for a data center should be one of concentric rings of defense — with requirements for entry getting more difficult the closer we get to the center of the rings. While company employees, authorized visitors, and vendors might be allowed inside the outermost ring, for example, only data center employees and accompanied vendors might be allowed within the innermost ring”(Pletier, 2005).
Physical security an access control required good amount and investment to implement physical security and to assets these includes but not limited to, access cared entry to building or operating facility, video surveillance, intrusion detection, fir detection, motions detection, USB drive locks on systems, visitors to security areas must be accompanies by authorized personal, securing the doors.
The physical layout of business facility is also important to in terms of achieving the highest physical security, a good layout proves easy way to put critical systems at secure distance from daily access to the people in facility.
Printed documents dumped in trash cans, can also lead to leakage of sensitive information, therefore it is extremely important to securely collect and disposed or shred these documents, the person or company handling disposal of documents should sign some sort of non-disclosure agreement. Duress alarms and intrusion detection systems are necessary to provide defense against various kinds of attacks on facility, motion detection cameras or sensor on boundary of facility can make easier to detect intrusions and increase security.
The level of physical security may vary from business to business for instance, banks required more physical security then grocery stores, identification of physically security needs is key to implement effective security policy and controls within reasonable amount of investment.
Network Security in nutshell is diverse area of information security in an organization, the level of complexity in implementing network security really depends upon the use case or type of business.
In modern day world businesses heavy relay on Information Technology (IT) so implementing network security is essential for almost all the businesses to some extent. Some of the common methods can be used to enforce network security such as Network Access Control, authentication, authorization, email security, application security, firewalls such as application or hardware firewall, Virtual Private Network, wireless network security, portable device security and last but not least physical security.
The accuracy of all these measures somehow also depends upon the employees of organization, employees need to be have security awareness training. The effectiveness of network security adds up to overall organization security.