: Solution to Network Security - Case Study Example

 Case Study: Solution to Net Work Security 1.0 Introduction Most organizations today use networked information systems responsible for storing, processing and delivering data globally. This infrastructure especially the use of internet has unprecedented degree of risk. Computer viruses propagate in the internet within a very short period, carrying potential hazards to systems. Hacking of organization systems and fraud has been common in the 1980s. Thus, network security has become a major concern for organizations. Attempts have been made to curb the vice but since technology is very dynamic, substantial improvements are still required. Repeated occurrence of similar security breaches like misuse of email, suggest that most organizations have failed to tackle network security with the urgency needed. Since most organizations depend on computer networks to store, access and provide business information both internally and externally to customers and suppliers, this information plays a key role in daily operations of the organization (Harrington, 2005). A company that processes credit card transactions must raise its profile of network security to survive in the business. The value of information and the cost of security breaches are important assets that must be appreciated. 2.0 Overview of Network Security Fundamentals, Security Threats, and Issues A company that process credit cards is at great threats through computer networks and data. Therefore, computer hardware and software, policies and procedures necessary for developing layers for network security should be designed to defend the systems of the company. Some of the common threats are; • Viruses, worms, Trojan horses, spyware, malware, adware, and botnets. • Zero-day and zero-hour attacks • Hacker attacks • Denial of Service (DoS) and Distributed Denial of Service Attacks (DDoS) and • Data theft. These threats exploit the following: • Any unsecured wireless networks • Software and hardware that is unpatched • Websites that is unsecured • Potentially unwanted applications (PUAs) • Weak passwords • Lost devices and • Unwitting users- These are internet users with malicious intention (Harrington, 2005). There are several network fundamentals to protect a company’s reputation and reduce liability. Among these fundamentals are: • Keeping current patches and updates Programs need to be updated frequently. These programs include Adobe Acrobat and Reader, Adobe Flash, Oracle Java, Microsoft Internet Explorer and Microsoft Office Suite. Computer administrators should not be lax on applying patches and computer updates. Laxity created will make the system vulnerable to cyber criminals. An inventory should be kept to ensure that ALL devices are regularly updated. • Use of strong passwords Weak passwords is vulnerable to threats by malicious internet users. The password should include upper-case and lower-case letters, numbers and symbols. The password must be kept secret to the organization and revealed and shared with trusted employees and only when in need. Hackers impersonate technical support to access passwords. The employees need training to realize social engineering techniques to avoid hazards. The passwords need to be changed frequently, may be monthly, and any duplicate avoided. Multiple failed log-on attempts by users to their accounts should be locked within a short period of time. • Secure the VPNs Documentation for the server and VPN software must be reviewed. In order to protect the organization’s network and data from hackers during execution of information through internet, the strongest protocols for encryption and authentication must be used. For identity authentication, multi-factor method of authentication is the best. Extra steps that prove user’s identity such like PIN inhibits hackers from attacking the company’s network. A firewall should be used to separate the VPN from the rest of the network. • The user access privileges should be actively managed. In most organizations, most employees have access to sensitive, confidential data outside the scope of their job portfolio. This is a security threat and need not be overlooked. Information should be availed to employees according their job portfolio. In case the responsibilities of an employee changes, the IT department is notified so that access privileges of the employee are modified to fit current job portfolio. • All the inactive accounts should be cleaned up Inactive accounts are vulnerable to hackers since they were assigned to employees. These inactive accounts make hackers access and disguise their malicious activities. There are softwares used for cleaning up inactive accounts for large networks that hold many users. 3.0 Detailed Network Security Recommendations. Secure connections between endpoints will use VPNs since they are a weapon in security arsenal. VPNs transports traffic securely in an unsecured network. It achieves this by combining encryption, authentication and tunneling or encapsulation. Encapsulation refers to embedding a network protocol and carried within packets of another network. Firewalls are an old and more established mode of security than VPNs and found in most environments. Firewall is a collection of components and is placed between two networks. In this position scenario, firewall acts as a gateway for the two networks. In other words, firewall refers to any process that filters transmission of packets of digital information; especially when they pass through an interface between networks. The VPN must be incorporated in the company’s security policy and should harmonize with firewall. 3.1 Fundamentals of Firewalls and VPNs A firewall is determined effective when it meets the following principle requirements: When it a door for incoming and outgoing traffic When it allows only authorized traffic to pass and When it is immune to penetration or compromise. 3.2 Recommendations for Firewall and VPN Solutions for New Company In the security policy of the organization, firewall should be documented. To successfully use firewall for network security, a perimeter needs to be established. The perimeter acts as a boundary between two zones of trust and puts clear cuts for areas blurred by extranet, VPN and mobile devices. When firewall is at the perimeter, a checkpoint is set up to block viruses and infected email messages before they are granted access. One limitation of firewall is that it cannot prevent security breaches, but reduce external access threats. Unauthorized access cannot be prevented by a single firewall placing a soft divide between the intranet and internet of the organization (Poole, 2003). 3.2 Recommendations for implementing proposed solutions The success of network security in the organization will largely depend on its network security policy. The firewall policy should be engineered on a basic policy of permitting traffic flow through the network, with denial specifications or denying all traffic unless specifically permitted. The policy should allow employees in the organization direct access of internet while protecting the network from attacks. Several firewalls, strategically placed at various nodes within the network are required (Harrington, 2005). Employment of VPN protocols is necessary for the organization. Some of the protocols include: • Point-to-Point Tunneling Protocol (PPTP) • Layer 2 Tunneling Protocol (L2TP) • Internet Protocol Security (IPSec) and • SOCKS. Implementation of VPN has various approaches. The configuration could be router-to-router, server-to-server, server-to-router, workstation-to-server, or workstation-to-router. Costs should guide the type of configuration to be adopted. The low-cost approach for the organization is the implementation of Windows NT servers that employ PPTP with xDSL, frame relay or fractional T1 (Poole, 2003). 3.3 Practices for Long-term Solutions Firewall serves as a security tool but does not secure a network. They need proper configuration and monitoring. Since firewall does not track the internal network, the organization needs to focus on the fundamental principles of network security. This strategy will prevent internal attackers as well as external hackers. Systems of importance must be configured to check logins, failed logins and network activity. In most cases, every computer and NOS have these utilities which assist in monitoring such activities. Widows NT server has event viewer while UNIX allows the administrator to monitor logins through wtmp file and at the same time record unsuccessful login attempts (Poole, 2003). 4.0 Summary Any organization that relies on Information Technology for success is vulnerable to network threats. The threats are responsible for hiccups that may deform the image of the organization, resulting to massive losses. This supports the massive investment in network security by most firms today. The organization must develop network security policies for its employees, and ensure that the policies comply with other institutions like the government. The choice of network security is essential and need to be evaluated prior implementation. This will enable the organization to look at viable methods that are economical and user friendly. Reference List Harrington, J. (2005). NETWORK SECURITY A PRACTICAL APPROACH. Elsevier Inc.; U.S.A. Poole, O. (2003). Network security a practical guide. Butterworth-Heinemann Publications; Great Britain. Read More