Network security is a process of ensuring that digital data of an organization are protected. This process is aimed at protecting confidentiality, maintain the integrity and ensure that there is availability of data to all stakeholders (Brinkleyand Schell 1995). This means that unsecure system can bring denial of services and access to data. Confidentially and integrity of data can also be lost if network security is breached. It is imperative that the network of an organization is protected, from threats and vulnerabilities, to be able to maximize the potentials of a network.There is a formidable challenge in evaluating potential malicious attacks, threats, and vulnerabilities to a network security because of large scale of modern enterprise networks and a many vulnerability that are found in the software application (Onwubiko &Lenaghan 2006). Malicious threat is an event that when it takes place it causes the system to fail. It can also be describes as a potential cause of an unwanted incident which may cause harm or damage the system or an organization. A malicious attack is an event or sets of actions that are directly aimed at causing harm to a target system. There are actions that are planned and well thought and they are driven by political, illegal or malevolent motives (Onwubiko &Lenaghan 2006)).
A risk analysis should be able to identify the risks to the network, network resources and data. The objective of risk analysis is to identify the components of a network, evaluate the importance of each component and then apply an appropriate level of security (Farahmand, et al. 2003). An organization should have an evaluation of each component on the network in order to apply an appropriate level of security. The analysis further enables the network administrator to balance between security and required network access. Therefore, it is crucial to identify all the components in a network and create an asset inventory.
Threats and vulnerabilities can occur in a network because of misconfiguration of the hardware or software. It can also occur if the network is poorly design and network technology weaknesses (Brinkleyand Schell 1995). End-users can also be a point of attack if they are reckless and ignorant of importance of information security. Disgruntled employees can also become a threat if they take their war on the security of the company network. They can execute commands or programs that facilitate insecurity of the network.
The aim of security in a network and other sectors are to protect assets. Traditionally, computer systems were secured by building a strong wall to stop the enemies and establish well-guarded doors to provide security in accessing computer or information centres. This method of protection also applied to a closed network. A closed network is designed and implemented in an organization environment and provides network connectivity only to known parties within an organization without connecting to the public network. It is easy to manage and control threats and vulnerability. The greatest security threat in a closed network is an instant messaging, which can be used to transfer files or malicious codes within an organization. Internal attackers can also get access into the system by chatting with others within the network and phish password.
The figure below illustrates our network design. The design is a combination of internal network the intranet and the public network hence it is an open network design.
Figure 1 Network design of the organization
This network design faces a challenge as the business, and internet application demands grow. The most delicate act is balancing between the security of a closed and open network security and differentiating between users of right intention and those of harmful motives accessing the network. Because of the complexity in the network systems, network infrastructures consist of firewalls which are software or hardware that enforce access policy. Firewall, which are found on our network (two of them),are the used to balance between security and outbound access to the internet.
Identification of network security risks
Vulnerability is the weakness that is inherent in every network and device. Vulnerability can be a weakness in the routers, switches, host computers or the work stations. They are the ‘soft spots’ that can be exploited by people with malicious intention.
There are three primary types of vulnerabilities or weaknesses
- Technology weaknesses
- Configuration weaknesses
- Security policy weaknesses
Technological weaknesses
Network and computer technologies have security weaknesses. The weakness may result from the TCP/IP protocol weaknesses, operating system weaknesses, and network equipment weaknesses.TCP/IP protocol weakness HTTP, FTP, and ICMP are intrinsically insecure. Simple Network Management Protocol (SNMP), Simple Mail Transfer Protocol (SMTP), and SYN floods are related to the essentially insecure structure upon which TCP was designed (Brinkleyand & Schell 1995). There are some weaknesses also in the operating system. All operating systems such as UNIX, Linux, Macintosh, Windows have security problems,which should be addressed (Brinkleyand & Schell 1995).Network equipment weakness is a vulnerability that is exhibited through the network components such as routers, firewalls and switches. The security weaknesses of this equipment include password protection, lack of authentication, routing protocols and firewall holes.
Configuration weaknesses
It is essential for network administrators to understand what the configurations vulnerable in a computer network are. This will help them correctly configure the systems and the components correctly. Below are some of the weaknesses that come can be exploited by malicious people if the network is not well configured (Brinkley & Schell 1995).
Unsecured user accounts can be transmitted across the network in an insecure manner resulting into exposure of the s and passwords to intruders. System accounts with easily guessed passwords are also weaknesses in a network setup. There are systems that users are allowed to configure accounts with weak passwords (Farahmand et. al. 2003). Such poorly selected and easily guessed user passwords present a security challenge.
Misconfigured internet services this is another problem that is presented by turning on of the JavaScripts in web browsers giving attackers an opportunity to access untrusted sites. Apache, FTP and Terminal Services are also some of the challenges of misconfigured internet services. Unsecured default settings within products are also weaknesses in a network. Many devices come with default settings and network administrators fail to change the settings enabling intruders to access the system easily. Misconfigured network equipment is another weakness in the network. Issues such as misconfigured access lists, routing protocols among others pose serious security challenges in a network. Lack of encryption and remote control access policiescan result into serious security challenges. These are because ports can be left open and facilitate the introduction of non-company equipment.
Security policy weaknesses
The impact of security policy weakness is exceptionally large because it creates unforeseen security threats. If the network users do not follow security policies, then the network is very unsecure. We are going to look at some of the security policy weakness and how they are exploited.
Lack of documented security policy is extremely serious weakness that cannot be overlooked. If the policies are not documented then they cannot be enforced consistently. It also gives loopholes for intruders who may exploit this weakness, and defend themselves that there are no written security policies they should follow (Brinkley and Schell 1995).Politics is another security policy weaknesses in a network setup. It can be exceedingly difficult to implement a sound security policy just because f political battles and turf wars. Logical access controls not applied is another security policy weakness. If there is inadequate monitoring and auditing facilitates attacks and unauthorized use of organizational resources (Farahmand et al. 2003).There must be an audit on the use of company resources by the employees, lack of audit reports makes it hard to enforce IT security policies.Lack of disaster recoveryplan, this is a state that causes panic, confusion and chaos in the event that the network is attacked. It is a security policy weakness which can be exploited to get more access to the system at the time when people are in panic and confusion.
Network Security Threats
Threats can be classified in four main categories to a network security as illustrated in figure 2 below.
Figure 2 Types of threats source Onwubiko, &Lenaghan (2006)
The figure above illustrates that there are four main types of threat.
Unstructured threat is a group of individuals who are not hugely experienced with hacking. They are just using hacking tools that are easily accessible such as password crackers. Although the main purpose of such threats to the system is for fun or testing level of hacking expertise, they can cause large damages to the network. The reputation of the company can be damaged if company websites are hacked even if they are on a separate platform with the internal files. Users or the public do not have the knowledge of such design, and they will think that the company is at risk.
Structured threats this is a threat that come from individuals who are experienced in hacking and are technically competent. They are individuals who can create codes to exploit system weaknesses because they understand them perfectly. They can cause a serious damage to the company if they attack. They are involved in significant fraud and theft cases.
External threats - these are individuals or organization working from outside the company poses threats to the organization. Such threats do not have access to the computer system hence they gain access through the internet server.They can cause a large damage to the company such as loss of data confidentiality and integrity.
Internal threats these are individuals or organizations that have authorization to access the computer systems and the internet.
The process of securing a computer network of an organization is complex because of the dynamic challenges they face. Computer threats evolve each day and the techniques used to secure the system in a given period may not be valid within a short time. The best way of dealing with the threats and vulnerability is by creating an inventory of all the components that are on the network. This will ensure that the network administrator can configure and monitor their usage. Documenting network security policies is another essential thing that should be encouraged in the organization (Farahmand et al. 2003).
Works Cited
Avizienis, A. "Design Diversity and the Immune System Paradigm: Cornerstones for Information System Survivability." UCLA Computer Science Department, University of California. (2000).
Brinklry, D L and R R Schell. "What is there to worry about? An Introduction to the Computer Security Problem." Information Security:An Integrated Collection of Essays (1995): 11-39.
Onwubiko, C. and A Lenaghan. "Managing Vulnerabilities of Information Systems to Security Incidents." 2nd International Conference on Computer Science & Information Systems, (ICCSIS 2006). Athens, Greece, June 12-14.
