Protecting IT: A Roadmap for Securing the Enterprise - Literature review Example

?Protecting IT: A Roadmap for Securing the Enterprise The modern times are driven by technological devices and information enabled setups. Almost allenterprises and business environments are being dominated and run by computer enabled tools and utilities. Ranging from banking sectors, to education departments to business enterprises, all in all rely heavily on I.T setup. AN I.T enabled enterprise is one that is fully integrated with the state of the art technological devices, machines and other components that enable completing the tasks easily and with little reliance on the manual methods. Having mentioned the characteristics of I.T enabled setups, these setups are equally vulnerable to outside threats. The bitter fact is no physical intrusion is needed, rather a person sitting hundreds of miles away can access and damage the personal information and other relevant material which is of high security nature. History is full of events and incidents where massive intrusions took place from outside insurgents online and hacked the systems. Every other day we get to hear a random large sized enterprise getting hacked and its privacy being breached. Business enterprises which have large amount of assets at their stake are most vulnerable and easily targeted by the hackers (Tyson, 2007). Hackers and online insurgents imply various means and methods of infiltrating into the networks and further making way for privacy breach and getting access to highly sophisticated data and records. While the methods employed by the hackers are innumerable, some of the common ones that are being employed are as follows: Spoofing: It is the adopting of dubious means to get in to the network .The network traffic is being targeted and fake identity is being shown. The I.P addresses are being forged and are shown as friendly I.P trying access the network. If succeeded, the infiltrating entity can penetrate into the parts of enterprise and network which are accessible only to the members and since the attempting I.D poses as original one , therefore it goes past unnoticed and causes all the damage possible in the least noticeable manner(Linta & Khan, 2012). Denial of service: As the name implies, the network paths are jammed and users are being hurdled from accessing their account, the particular section of website or other online resource which has been attacked (Mirkovic, Dietrich, & Reiher, 2005). This is a relatively organized attack which involves set of units being combined in order to jam the functions and restrict the normal flow. Spam: Spam is the unauthorized and malicious content email which aims at entering into the system of the individual through deceptive means and once into the system, enables damaging the entire setup and compromises the private data contained in the system itself(Cormack, 2008). These are few of the threats that can be faced by the enterprises. Every other day an enterprise is confronted with such situation and lots of damages are being incurred. Damages are not just material, rather trust of the customers, a brand name with no backup and less reliability and many other factors which go against the success of the enterprise. Considering such a situation need was being felt for establishing means and methods of securing the network through different means. As a result many initiatives were being taken which include the following functions that ensure safe using and activities across the internet and online medium. V.P.N: Acronym for Virtual Private Networks. They are also termed as Secure Internet networks just because of the level of security they provide. They are usually employed by enterprises for safe practices and dedicated functions. V.P.Ns have large number of advantages to them, the first and foremost being the security factor. It enables using the world wide web and the overall traffic through dedicated paths and I.Ps that are relatively invisible and away from the reach of hackers. The banking sector, commercial and private business enterprise, defense organizations, an other firms of similar nature that hold data of importance and sensitivity make use of Virtual Private Networks for the purpose of safe operations. They have effective encryption techniques in place which makes the entire network safe and protected from hands and eyes that might be of threat to the overall setup( enterprise). The encryption techniques so in place make the network breaking very difficult and keep it in low profile and low visibility from the range of hackers and spammers. The encryption functions in V.P.N isolate the data and users from the non authentic users. The scope of V.P.Ns apply to intranet connections, extranet networks and remote setups Intranet connections: the internet connection is the connection established for communication within a firm and organization. Many a time transactions are being performed within the organization between respective departments. They equally require protection and safety. The intranets being operated via V.P.N makes this task relatively easy and effective with regard to security. Only the designated destination (department) within the enterprise gets access to the data and material being shared. File sharing on local level, the emails being exchanged are routine activities within the organization. With organizations of sensitive nature, it is often desired to have safety in place, for this purpose intranet serves aptly. Remote Networks: Remote networks allow restricted usage to the users and do not compromise any security as such. With limited privileges options in place, it minimizes the factor of unnecessary access by the users. For example this process reduces the changes of Spoofing to a large degree. It allows access to only those parts of the network where there is the need, and it does not enable access to the entire network without any discretion. Extranet: As the name implies, it is in place to perform activities and transactions with the firms and units outside the four wall and other physical places. Often the interaction and exchange of information, data and documents is conducted via extranet which is very secure in nature. Extranet is relatively private in nature and of dedicated nature and it bars maximum of the outside public traffic from the overall process (Netgear, 2005). These are the few methods applied and are available in the V.P.N configurations; other features of V.P.N include the following features: Authentication: All the processing so done is highly authenticated and no processing can be done without any formal authentication and verification. The deliveries of reports and assets, the transfer, the interaction between various members of the enterprise all are authenticated by various methods which can be in form of the cryptic password , other secret keys and various other possible functions that make it less accessible for outside forces to access and damage the network. Confidentiality: this is another factor that counts as a gift of V.P.N secure applications. Maintenance of system order: One important function is the maintenance of the sequence of the network traffic. Since large number of encryption, authentication and other fragmentation methods are involved, yet the sequence is maintained and the data is transmitted and transferred in the original form. Anti Viruses: A ubiquitous term that is part of every computer and every network. They serve as killers against the viruses. With hundreds of viruses being produced on weekly basis around the world, enterprises that deal online and on international level are at direct threat and thereby most importantly need the presence of anti viruses. Anti viruses have certain conditions to them and they require in time update. The patches being released every now and then are for the purpose of acting as counter and killer of viruses. Viruses are a broad term used for malicious content. They come in all forms and have potential of damaging the networks in all capacities. Trojan horses, spammers, D.O.S , Spoofs, all are forms of viruses that have a common function amongst them and that is to either damage the data, or infiltrate into the network, get access to the private data or any other means that may pose any threat to the safety and can bring down the enterprise. All these define malicious entities. Firewalls: Like Anti viruses, firewalls are another means of activities and functions that are employed for the purpose of network security. Firewall in a lay man’s language and simple terms can be defined as a protective layer. While the traffic is performed through a network of bits and streams, the firewalls serve as guards and are assigned for the purpose of identifying and excluding the units and packets and data streams that are of any danger to the network and can cause any possible harm to the network. Firewalls are implemented at the network layer of O.S.I layer. A salient feature of Fire wall is they prohibit the access of unauthorized users and clients into the network. It allows only those members and I.P addresses that are in the system. V.P.Ns make use of firewalls for their services since V.P.Ns work in a dedicated manner and allow only those I.Ps to participate in the activities that authorized. Its task is to filter out the unnecessary elements and allow the presence of only those data packets which are authorized (Whitman, Green, & Mattord, 2011). Segregation of the incoming data is made on the basis of white list and black list ((Foster, 2007). As their names imply, white list contains the list of nodes and I.Ps that are to be allowed into the network and blacklist allows list that ought to be prohibited from participating in the network activity. Firewalls come in various forms and each of them has one purpose to fulfill and that is to provide security to the systems where they are employed. Networks safety is largely reliant on the use of firewalls. Almost all major enterprises, other organizations and departments of sensitive nature have firewalls in place for secure operations. Operating System Hardening: While V.P.N, firewall, anti viruses are few of the methods used for protecting and increasing the safety of network. Operating system Hardening is another concept that is related to making the network, its respective computers less prone to attacks and reducing their visibility in the open. Hardening process is within the computer and possibly the network configuration which is based on sidelining all those softwares installed on the computer just because they might be used as system vulnerable elements (Bragg, 2004). All of us download utilities and softwares which might be of threat to our systems. Hardening process is suited for such situations and based on the priority of security, this tool segregates the safe, useful, unsafe and non useful applications. System administrator privileges control the access and the kind of software that should be placed in the computer and those that should be eliminated from the system on the basis of system security. O.S hardening provides a checklist of the options and softwares that are side lined and those that are in the working. This segregation allows monitoring all the softwares in a better way and enable ease of handling the situations well. Creation of profiles on a single system is another similar move. With only the admin being able to enjoy most privileges, such settings enable the guest users, the general public users from accessing the data and section of network which may contain private data. Enterprises with centralized systems that contain valuable information and records of dealings make use of hardening processes very frequently. Other means: Safe practices: The above mentioned procedures are physical activities and preventive measures that are being put into place for the safety of organizations. However there is another set of activities which can also enable protecting the enterprises in an effective manner. That set of activities is called safe practices. It involves creating awareness amongst the computer users in the organization, familiarizing them with the threats at hand, the nature of work, the possibilities of actions and misguidance and other facts which an individual of enterprise should know if he or she is associated with the handling of I.T setup. Safe practices include knowing the difference between the reliable senders, reliable users, reliable emails, and requests and those that should not be entertained. Training, awareness should be created amongst the users for the purpose of network safety. References: Bragg, R. (2004). Hardening Windows Systems: [bulletproof Your Systems Before You are Hacked!]. McGraw Hill Professional. Cormack, G. V. (2008). Email Spam Filtering: A Systematic Review. Now Publishers Inc. Foster, M. (2007). The Secure CEO: How to Protect Your Computer Systems, Your Company, and Your Job. Internet Profit Kit. Linta, S. R., & Khan, M. R. (2012). Today’s Impact on Communication System by IP Spoofing and Its Detection and Prevention. GRIN Verlag. Mirkovic, J., Dietrich, S., & Reiher, P. (2005). Internet denial of service: attack and defense mechanisms. Prentice Hall Professional Technical Reference. NETGEAR. (2005). Virtual Private Networking Basics. Santa Clara: Netgear Inc. Tyson, D. (2007). Security Convergence: Managing Enterprise Security Risk. Butterworth-Heinemann. Whitman, M. E., Green, A., & Mattord, H. J. (2011). Guide to Firewalls & VPNs. Cengage Learning. Read More