Types of Security Threats
In general, network security threats can be classified into one of two categories: disruption,destruction and disaster and unauthorized access. disruptions are usually minor and temporary. Some disruptions may also be caused by or result in the destruction of data. Natural or man made disasters may occur that destroy host computers or large sections of the network. Unauthorized access refers to intruders (external hackers or organizational employees) gaining unauthorized access to files. The intruder may gain knowledge, change files to commit fraud or theft or destroy information to injure the organization.
Risk Assessment
Developing a secure network means developing controls that reduce or eliminate threats to the network. Controls prevent, detect and correct whatever might happen to the organization when its computer based systems are threatened. The first step in developing a secure network is to conduct a risk assessment. This is done by comparing the nature of threats to the controls designed to reduce them, thus deriving levels of risk. A control spreadsheet lists the threats, the network components and the controls, which a network manager uses to assess the level of risk.
Controlling ,Disruption, Destruction and Disaster
The key principle in controlling these threats or at least reducing their impact is redundancy. Redundant hardware that automatically recognizes failure and intervenes to replace the failed component can mask a failure that would otherwise result in a service disruption. special attention needs to be given to preventing computer viruses and denial of service attacks. generally speaking preventing disasters is difficult so the best option is a well designed disaster recovery plan that includes backups and sometimes a professional disaster recovery firm.
The key principle in controlling un authorized access is to be proactive in routinely testing and upgrading security controls. Contrary to popular beliefs, unauthorized intruders are usually organization employees, not external hackers. There are six general approaches to preventing un authorized access:
- Developing a security policy
- Developing user profiles
- Plugging known security holes
- Securing network access points ( e.g physical security, call back modems and firewalls)
- Preventing Eavesdropping ( By restricting access to network cables and devices)
- Using Encryption
The basic principle in detecting unauthorized access is looking for anything out of ordinary. This means logging all messages sent and received by the network all software used and all logins or attempted logins to the network. These logs should be monitored both by network security personnel and by software programmed to issue alarms or take action if certain parameters are exceeded or if there is an abnormal occurances.
Comments
Post a Comment