Executive Summary.
The need for network security is relatively new and has been widely accepted in almost all organizations. Network security is an investment that costs the company money. The organization has to invest in hardware and software necessary to secure the company’s networks. The company also incurred the cost of employee training, hiring and retaining personnel who are competent in the area of network security such as those qualified in CIS. The basis of network safety is based on prevention, detection, and response. Network security is ensured when threats, vulnerabilities, and attacks are reduced and where possible eliminated. Organizations engage in putting in place secure networks in order to protect their assets, create a competitive edge and to comply with regulations. Secure systems provide access to authorized personnel, non-repudiation, integrity, and confidentiality. The field of network and security is expected to continue growing since new challenges in terms of attacks are frequently experienced.
History of Network and Security.
The need for network security is relatively new and has been widely accepted in almost all organizations. Prior to the 1980s, computers were not networked because there was the lack of technology. The systems were mainframes or midrange systems while the terminals had limited capabilities. In the 1980s, there was the development of personal computers and network protocol standards. There was tremendous growth in distributed computing as well as LANs and WANs. The systems were mainly focused on providing ease of access and connectivity. Few if any consideration was given to the distributed environment’s security. The majority of the systems were open to and vulnerable to threats. In the current age, networks are widely used on the internet leading to the largest network in existence. Network security today is considered more serious than ease of access.
Network and Security Basis.
The basis of network safety is based on prevention, detection, and response (Vacca 2010). Security policies in any organization should be based these three bases. Security can only be provided by implementing measures that prevent exploitation of vulnerabilities. Preventive measures should receive a lot of emphases because it is easier, more cost-effective and more efficient to prevent a breach than to detect or respond to one. However, it is not possible to design a security system that is a hundred percent the prove. The organization should invest in a system that is strong in preventing a breach. Consequently, criminals are discouraged and move on to easier targets. The next step involves setting up procedures that detect potential problems in the system. In the event that preventive procedures fail, and there is a breach in the system, then the detective steps should be able to set into action. The producers should be as effective as possible because the sooner an intrusion is detected, the easier it is to correct and clean up. Finally, the organization needs to have a written appropriate response to a security breach.
Computer and network security is important for various reasons. It is critical that every organization to determine why they want network security so that they can know and invest in the way to get there. Organizations may want network security to protect their assets. Moreover, all organization deal with data and information that is critical to decision making. The security of the system is important in protecting the integrity, quality and availability and accessibility of information. Other organizations want network security in order to gain a competitive edge. Effective security measures provide organizations with a competitive advantage over their competitors if they are properly developed and maintained. For example, network security can be used to create an edge in e-commerce and internet financial services. Good network security ensures proper acceptance of a service as well as good response.
Organizations also seek network security in order to comply with regulatory requirements. For example, financial organizations have to adhere to the federal regulations. Organizations also may need network security in order to meet fiduciary responsibilities. Officers in the company have to ensure that the enterprise networks are safe and sound. The organization must be fit for operation and always protect the interests of its shareholders. Most organizations are for-profit and therefore the CIS officers bare the role for ensuring that the company is protected from liability. Officers need to secure their jobs and qualify for future career prospects by putting in place measures that protect the company’s assets. All network administrators have the responsibility of ensuring the security of the system is intact. He should set and follow policies and procedures that ensure adequate performance so as to avoid termination.
Network security is not only concerned about the security at the end of the communication chain but also during transmission. The safety of the whole network should be put into consideration so that potential intruders are deterred. The consideration when developing a secure system includes: providing access to authorized users. The people using a particular network should be granted the access they need to communicate to and from a particular network. Secondly, the secure network should ensure confidentiality. The information in the system should remain private. Thirdly, the system should provide authentication that is ensuring that those using the network are those they claim to be. Fourthly, the system ensures the integrity. The information is maintained as it was sent and not modified in transit or storage. Finally, the system provides non-repudiation that ensures the user cannot refute that he accessed and used the network.
Network vulnerabilities, Threats, and Attacks.
CIS involves developing secure network; security is ensured when threats, vulnerabilities, and attacks are reduced and where possible eliminated. Vulnerabilities are present in the system if the system has a weakness in its design, configuration, implementation or management (Kim et al. 2004). The presence of such flaws is what make the system susceptible to threats. Threats, on the other hand, comprise of anything that can disrupt the operation, integrity, availability or functioning of the system. The treats can take different forms and can be accidental, an act of nature or malevolent. Attacks, on the other hand, are techniques specifically used to exploit vulnerabilities in a system. There are specific techniques developed to take advantage of particular vulnerabilities.
System security is concerned with eliminating vulnerabilities that make the system susceptible to intrusion. The vulnerabilities stem from weaknesses in the design, configuration or implementation of a system. There are different types of vulnerabilities that network security aims to prevent; these include: Physical weaknesses. The organization should ensure that their systems, media, and communications equipment are located in a secure facility. The servers, central hosts, communication equipment, and routers should be kept in safe locations where entry is limited to authorized personnel only. Removable media such as backups should be handled and stored in secure locations by authorized personnel. Eliminating physical vulnerabilities also includes putting into consideration natural disasters such as floods and earthquakes. The organization should ensure they protect themselves against the disasters that are frequent in the area they are located. The second type of vulnerability relates to the hardware and the software used by the organization. The software or hardware may render the system vulnerable if it has design flaws.
Thirdly, the security is concerned with media vulnerabilities, where information can be copied, lost, damaged or stolen through media equipments such as disks and backups. The fourth type of vulnerabilities is transmission and emanation. The systems in an organization need to be protected against interception, alteration, forgery, interruption and monitoring of information on their systems (Marin 2005). The final type of vulnerability is human vulnerabilities. It results from carelessness, greed, anger and laziness. The human vulnerabilities produce more harm than other vulnerabilities. For example, an employee who is angry at the company because they refuse to increase his compensation can plan an attack on the organization. The human weaknesses cause significant damage because the employee has inside information about how the system works.
Systems are faced with many forms of attacks. The network security in CIS has to ensure that such attacks are reduced for pick performance of the system. CIS officers have to keep developing better mechanisms for preventing system attacks. Attackers continue developing new and more efficient attacks to exploit the vulnerabilities of existing networks. There are two types of attacks, the active and the passive attacks (Salah 2009). In passive attacks, there is no overt activity that can be detected or monitored making them difficult to detect. Examples include: traffic analysis and packet sniffing. Active attacks are easier to detect because they employ overt actions on the system. Although they are active, the attacks can cause severe damage to the system. Examples include active system probing and denial-of-service attack. Types of attacks include viruses, Trojan horses, password cracks, spoofs, replays, social engineering, scanning, sniffing, masquerades, trap doors, war dialing, worms and other protocol-based attacks.
Network and Security Mechanisms.
Network and security employ cryptography as a tool to provide privacy, ensure message integrity and to authenticate the identities of parties communicating. Encryption is also used to secure information on the network. Encryption involves the scrambling of the contents of a file that makes it unintelligible to people without the unscrambling key. Digital signatures are also used by message receivers to authenticate the identity of the sender. They are also used to verify the integrity of the message sent. The benefit of digital signatures is that they are easily verified yet almost impossible to counterfeit. Digital certificates are issued in order to authenticate the sender’s identity for spontaneous first-time contacts. Other detection and prevention mechanisms include firewalls, intrusion detection systems, anti-malware software and scanners and security socket layer (Canavan 2001).
Conclusion.
In conclusion, CIS has played a great role in ensuring that organizations can establish secure networks. The application of network and security in CIS is paramount since all organizations are bent on having networks that are secure. The organizations have to adopt networks that reduce the risk of threat to their systems. In addition, they have to identify, control and minimize if not eliminate events that pose threats to the system. An intrusion requires there be a motive for the intruder, ability to intrude and the opportunity to intrude. The organization, therefore, has to invest in eliminating the opportunities they afford the intruder since that is the only aspect they have control over. Although network security is a costly affair the benefits far out way the costs that would be experienced if the organizations system were to be compromised.
Works Cited.
- Canavan John (2001). Fundamentals of Network Security. ARTECH House Inc.
- Kim J., Lee K., Lee C. (2004). Design and Implementation of Integrated Security Engine for Secure Networking. In Proceedings International Conference on Advanced Communication Technology.
- Marin G. (2005). Network security basics, Security & Privacy, IEEE. 3(6): 68‐72.
- Salah Alabady. (2009). Design and Implementation of a Network Security Model for Cooperative Network. International Arab Journal of e-Technology 1(2).
- Vacca John. (2010). Network and System Security. Elselvier Inc.