network security
Post on 02-Nov-2014
8 Views
Preview:
DESCRIPTION
An overview on Network Security
TRANSCRIPT
- 1. Network Security Omonigho Palmer-Ikuku , Security+, MCSE: Security, CCNA
2. Outline
- Introduction
- Extent of Network security
- - Types of threats
- - Types of network security attacks
- Impact of Network security on companies and organizations
- Strategies and Solutions
- Implications and benefits of network security
- Conclusion
3. Introduction
- What is a Network?
- - a group of computers and devices interconnected bycommunication equipments, software, hardware and paths
4. Introduction (contd)
- Why Network security?
- - a survey which shows that 85 percent of organizations thatresponded to the survey discovered breaches in their networksecurity
- What is a Network Security?
- - all activities that organizations, individuals, and institutions takes to protectcomputers assets, data and instill integrity and continuity of operations
- The CIA abbreviation
- - Confidentiality: safeguarding of information from unauthorized disclosure
- - Integrity: safeguarding delicate data from alterations without authorization
- - Availability: certify that services are available to endorsed users only
- The reverse of confidentiality, integrity, and availability is disclosure, alteration, and destruction (D.A.D.).
5. Extent of Network security
- Other Important Concepts
- - Authenticity: guarantees that data, transactions are unadulterated
- - Authorization: rights and permission given to individuals to use computers
- - Identification: Is the way to identify users of a system
- Larger companies and larger networks are at greater network security risk compared to smaller companies and smaller networks
- The internet as a medium for doing business and its consequences
- The effect of breach in information security is usually very horrific
6. Extent of Network security(contd)
- Types of network security threats
- -Malware: Gotten from two words malicious and software, its a
- software that is built to destroy computers
- - Social Engineering: a subset of information security is a nontechnicalmethod of hacking into a system or network
- - Malicious Insiders: more delicate data and records are lost when a there isa network security attack by an insider
- - Careless Employees: poor training for employees and lack of knowledge onthe necessary network security policies
- Types of network security attacks
- - Passwords attacks: dictionary attacks and brute-force. The use of strongpasswords is highly recommended
- - IP Address Spoofing: hackers can change the IP address of computersduring communication and access networks
- - Denial-of-Service: attackers denies authorized users access to the networkby send unwanted traffic to the network
- - Packet Sniffer: analyze, display, capture and read network data exchangesand packets
7. Impact of Network security on companies and organizations
- UK businesses (53%) that suffered security incidents were able to restore normal business operations within a day
- The rank of information security in the list of executives meetings is increasing
- Whenever there is a breach in internet security on a company, transactions reduces
- Negative reaction on the price of the stock
- Due to the rise of blogs and social technologies, there is more work to secure networks
- Improper disposal of computer devices and unused documents can be harmful
8. Strategies and Solutions
- Virtual private network (VPN)- links are provided between nodes to provide remote users secured access to their intended network
- Cryptography- a subset of encryption, data is transformed into an unreadable format
- Secure Sockets Layer (SSL)- now known as Transport Layer Security (TLS) is used to provide data integrity and security over the internet
- Hypertext Transfer Protocol Secure (HTTPS)- is a combination of http and a network security protocol
9. Strategies and Solutions(contd)
- Computer viruses- ability to spread makes it easy to exploit security vulnerabilities
- Firewalls- serves as a shield for intruders
- Intrusion detection systems (IDS)- used to detect unauthorized access, monitor and audit networks
- Penetration test- process of testing the security measures of a computer network
10. Strategies and Solutions(contd)
- Backup- copy data into another location
- Business continuity planning (BCP)- organization wide plan that depicts how an organization will recover from interruptions
- Disaster recovery plan (DRP)- an IT related infrastructure recovery
- Appropriate use of portable storage devices
- Physical security- closed-circuit television cameras, access control systems
11. Implications and benefits of network security
- With the increase in awareness, there is more persuasion from companies
- Security policy- document that states the rules related to security that governs an organization
- Even home computer users are a part of the crusade
- Possessing the right education is also very important
- - CCIE security, CISSP, Comptia Security+, and CCSP
- - courses in universities, information from journals andmagazines
12. Conclusion
- Regular auditing of IT infrastructure, regular penetration test and periodic examination of the companys BCP
- Adequate network security enhances its reputation, protects stakeholders valuable information
- Network security starts with actions from individual
- Its not a product, it's a process
- Network security is the responsibility of everyone. It is better to prevent threats than to get rid of
top related