Network Security: An Issue for Business Data Communication
Computer security and the protection of data has been an issue since the early 1980s when computers became standard office equipment. Company sensitive information is stored on computers. Protecting the access to and integrity of this information has been a key concern for managers and computer specialists alike. The issues in data security have not changed, however the advent of the Internet has made keeping data secure more difficult. The Internet did not change the key issues, just the number of users trying to access the information. Network administrators have been facing these issues for quite some time.
The key security issue facing IT professionals is to protect the system from invaders or intruders known as Hackers. Hackers can be grouped into several categories according to motive. They are Joyriders (who do it for fun), Vandals (who do it to cause harm), Scorekeepers (who compete for the challenge of hacking), Spies (who wish to steal information), and others who accidentally access information (Singel, 2001). Hackers access networks in a variety of ways including stealing passwords, making their system appear to be a friendly system, and remotely changing or turning off security protocols.
Network security measures are expensive to implement and maintain. The IT professional must constantly weigh the level of security afforded by the current system against rising costs. The objective of this project will be to survey the latest network security advances and examine their current applications. They will be examined in terms of security levels, vulnerabilities, ease of use and cost to implement and maintain. The advantages and disadvantages of these applications will be examined as well as their suitability to specific needs. It will also examine the current and projected needs of the Network security field and make predictions as to where the field of IT security will go in the future.
This research will be of greatest benefit to the person wishing to enter into the field of Network Security. It will also benefit the CEO or business manager who is ultimately responsible for balancing budget with company needs. It is necessary for anyone in a management position to understand and keep abreast of the most current security measures, technology and techniques. This project will take a look at the current status of network security and future trends and needs. This project will compare and contrast the latest and most current advances in this field.
Firewalls, passwords and encryption are tools used to provide the security of the data. These security techniques are currently the primary techniques for data protection. However, these techniques are not failsafe and can slow the speed of the computer. The computer must be secure, yet remain usable. This is the balance that IT professionals must try to achieve. They must maintain a secure system, yet make certain that the system is not slowed in the process.
Data backup is an important issue in data security. No one will argue the necessity of having the data backed up in case of a catastrophic event. However, restricting access to this information in a network infrastructure can be difficult. Typically, a separate server is designated for this purpose. A firewall acts as a gatekeeper, which either allows or disallows information to pass based on preset criteria. A separate server can be set up for this purpose called a proxy server. In this situation, the proxy server acts as a firewall. DMZ is a relatively new net architecture, which allows not only an entire network to be secured, but allows the company to build a secure network inside the main network. There are data backup difficulties with this type of system, especially concerning the backup of data on a server located outside the DMZ network (Atempo, 2001). This system allows the administrator to set access for each user in the network.
Public networks are an especially problematic area as far as data security is concerned. Systems such as JANET are designed to be user friendly and extremely tolerant. Security was not built into some of these networks themselves. Many businesses choose to run their businesses through extensive public networks such as these and this makes data security of particular interest in this setting. Accessing user-ids and passwords in this type of setting are easy (JISC, 1997).
Security on networks has three parts, authentication, authorization and privacy. Once a user's id and password are obtained, they can then be used to access the network and either corrupt or change data. This type of activity may go unnoticed for quite some time (JISC, 1997). Authentication is the process that verifies the identity of the user. Authorization entails restricting the user to only the information that they are allowed to access. Information can be made private by encryption, changing the message to a code, which will be later decoded by the recipient. Each of these security procedures costs time and resources. Often an institution is required to balance system needs against security needs due to funding issues.
According to Sun Microsystems, security is not only a technology issue, but involves people and processes as well. A successful security program involves the identification of security objectives and the implementation of policies, and enforcement to meet the defined objectives (Sun Microsystems, Inc., 1999). Security does not end with hardware and software. Sun Microsystems offers a variety of products designed to enhance network security.
Anti-virus software is not the cure-all to prevent intruders from compromising the integrity of a system. However, it can reduce the chances of an attack on a system. The use of encryption in addition to anti-virus software will greatly reduce the chances of an attack and may be a practical solution for small networks or private users. Windows has several security measures, including encryption built into their applications (CITES, 2002). Large companies often need better protection than these measures have to offer. Large companies such as Ralston Purina Co. often must communicate over the Internet to several worldwide locations. For this type of setting security can be expensive and can severely slow the transmission of time sensitive data (CITES, 2002).
Networks are vulnerable to a variety of security breeches. Protocols must be certain that they protect against a wide variety of attacks. Protocols are now being developed which include algorithms for openly hostile environments, global-wide identification, and authentication and access control schemes. Information hiding has become the major activity of laboratories such as the Data Communications Security Laboratory at the University of Limerick (Coffey, Reiner, and Flanagan, 2002). Logic protocols based on algebra and logic-based analyses are being developed. Designers are working to improve cryptographic protocols, which will increase user confidence in the security of their data. These advanced protocols are in the early stage of their development (Coffey, Reiner, and Flanagan, 2002).
The dilemma of the IT professional is how to provide top-notch security protocols at a minimal cost. An article by Scott Steinbacher introduces a new idea that may hold the key to this solution. Application Service Providers (ASPs) provide a way for individuals to access the internet and provide many services that would otherwise be inaccessible to the small business or private user due to the extensive cost of setting up the service. The need for increasingly larger data storage space confounds the IT professional. A new service may be the solution. The Storage Space Provider (SSP) can provide a way to transform complex storage problems into simple pay-for-use services. There are already several available such as Articulent, ManagedStorage International, Storability, StorageNetworks, and StorageWay (Steinbacher, 2001). Although the SSP seems like the ultimate solution, large companies with years of expense and effort put into their complex systems may not find this service to be feasible, nor desirable.
The speed of data communication is in an ever-increasing…