Setting Up Effective Network Security Research Paper
- Length: 5 pages
- Sources: 4
- Subject: Education - Computers
- Type: Research Paper
- Paper: #33968992
Excerpt from Research Paper :
IT Security Planning & Implementation
Information systems have always been complex over their existence. The same has been true of securing those networks and systems. However, with the growing complexity and capabilities of these machines and networks, the security implications and possibilities of just what level of depravity that hackers will stoop to. This report shall explain the basics of information technology equipment and security as well as the threats that exist to the same. These threats include worms, viruses, Trojans, spyware, adware, zero-day attacks, hacker attacks, denial of service attacks and data interception or theft.
Typical computer networks are made up of a series of workstations and other devices. The devices that might exist are workstations, servers, printers, firewalls, switches and routers. The different pieces of equipment that exist might or might not be network-enabled or even capable of networking at all. Some devices only communicate through USB while others can communicate as or through computers and networks. Printers can be either or both, for example. Regardless of the actual equipment involved, each network will have at least some sort of hierarchal structure that controls what computers can talk to who, what traffic is regulated, where it is allowed to pass, where it is not allowed to pass and what traffic can come in or out of the network (Desai, 2013).
The broader classification of software that is meant to hurt, harm, steal from or otherwise attack a network is known as malware. Perhaps the most noted and long-known form of malware are computer viruses. Viruses can affect and infect based on either software vulnerabilities or the incompetence of users through tactics like imitation and social engineering. Viruses can reside within the master boot record of a computer or it can also be in the operating system, the RAM or in particular applications. Common targets for the latter include productivity software like Microsoft Office. Just about anything that can run macros or database files (e.g. Excel, Access) are common targets. The common way to combat these malware programs are through programs like McAfee and Norton/Symantec. There are also free versions for the common user like Avast and AVG. Enterprise-level virus protection is almost always paid as the "free" vendors usually ban commercial use (Holt & Schell, 2013).
The term spyware is a drilled-down version of malware and is comprise of mostly harmless (but annoying) tactics such as system monitors, cookies that track online habits, adware and Trojans. The pathway for spyware is usually more direct and noticeable but there is very much a "wolf in sheep's clothing" approach as these programs and dialog boxes usually manifest themselves as something legitimate. Again, most of these are harmless as it could be as simple as Amazon.com putting a tracking cookie on one's computer to track browsing habits. This is used as a means to suggest other products and services that the user might be interested in. However, the motives of these cookies and other trackers is not always noble. A more commonly nefarious piece of malware is known as a "worm," which is an acronym for "write once, read many." The "read many" refers to the fact that once a worm is in a computer, it mass replicates and this usually occurs on a massive scale (Holt & Schell, 2013).
The more complex and nasty attacks will be covered next. A zero-day attack is one where there is a known vulnerability in a piece of software but a patch has not been applied yet. For example, when the SSL encryption protocol encountered its Heartbleed flaw, the exploits that occurred before that glitch came to light to hackers and the time it was fixed was the window a "zero-day" hacker would use as the software creators have had "zero" time to fix the issue. Other than that, there is not a huge difference between this and other malware. Something else very specific to a zero-day attack is the fact that a person is the main force behind the attack when said attack is happening. On the other hand, a traditional virus is left out in the Internet somewhere and somehow filters to another machine through email or through web browsing. Zero-day attacks usually involved direct intervention and attacks from the hacker (Holt & Schell, 2013).
Hackers commit many attacks above and beyond zero-day attacks. However, not all hackers are "bad." The nefarious hackers are known as black-hat and those that are using their skills to test networks and equipment to help prevent future attacks are known as white-hat. The word "cracker" is often a synonym for hacker. Some hackers attack in groups and/or they use a group of computers to levy an attack and this is known as a denial of service attacked or a distributed denial of service attack, depending on the number of computers and people involved. Basically, a denial of service attack is when a network is intentionally and systematically overwhelmed using the keystrokes and "drone computers" of a hacker group or person so as to gain entry into a network using the computing equivalent of blunt force (Holt & Schell, 2013).
The last major source of hacking, malware and other computing malfeasance is data interception and stealing. For example, many emails sent across the internet are unencrypted and thus can be read by the stopping point routers and other network infrastructure in between. For example, if a person sends an email from Los Angeles to Boston and its stops at routers in Denver, Kansas City and Chicago while on the way, this would mean the network administrators in those three latter cities could theoretically read the email as it goes through their system. Encryption in Microsoft Outlook and other programs has allowed for the stopping of data thefts related to this insecurity. However, there are always systems and people that let their guard down and/or use outmoded technology (Holt & Schell, 2013).
Network Security Plan
There are three pieces to the network security equation that cannot be taken lightly in any way. These three pieces would be the personnel, the software and the hardware. Going cheap or outdated on any of the three is a recipe for disaster as five years is an eternity when speaking of computing of any level. It may be attractive to many companies to use Windows XP or dated server software. However, support for such dated operating systems is going to send at some point and the best protection (not to mentioned compatibility with modern equipment) is going to come from the modern operating systems such as Windows 7, Windows 8 and the more recent server packages from Microsoft, Linux or others (Avalle, Pironti & Sisto, 2014).
The reason personnel are a huge part of the equation is that such a complex network security apparatus has to have a competent person running a competent security policy. This would include things like idle timers for workstations, encryption of disks so that data cannot be stolen through things like laptop theft and firewalls and other protection measures to keep the good data and people out and the good data and people in (Avalle, Pironti & Sisto, 2014). Hiring people that cannot or will not do their job to needed extent and level of performance will lead to situations like Target and Home Depot. With the former, the network was vulnerable for a while and it was not known until a lot of damage was done. With Home Depot, the facts were worse because the malware was in the system for a while and no one had a clue as the malware was concealed and the tools that were being used (if they were being used at all) did not catch it before a lot of credit card numbers were compromised (Sharf, 2014). It is important…