Technology has changed the face of everything we do in our lives, both socially and professionally. Essentially every business has by now installed a computer system in order to store, send, and receive information. The usage of computers and networks requires a basic knowledge and understanding of security, and networks that store and maintain sensitive, confidential, or personal information typically have a high focus on security. Even the simple storage of emails and other archived documents requires a digital network security system.
The Importance of a Secure System
The importance of network security should not be minimized whether it is for a government organization or a large or small business. Intruders or hackers can create huge amounts of damage if they manage to get past the security buffer. These concerns require that all users of a network be aware and practice basic security measures. Every new day sees the creation of new security flaws and loopholes, so computer security systems must be kept consistently up to date to keep intruders out. The International Journal of Electronic Security and Digital Forensics reports that each new day introduces one million new security threats online.
Key Areas
Deterrence. By simply deterring hackers from trying to break into a network, you can prevent the costly damage that would occur from a breach, or attempted breach.
Prevention. Ensure up-to-date methods are in place to prevent any unauthorized access to the network. Authorizing special access, updating security systems, and utilizing communication encryption all work to prevent successful security breaches.
Detection. Logging access of the system will turn up any unauthorized access to the network and record the time and usage of the unauthorized user.
Flaw correction. A good security system is capable of putting measures in place to prevent known security flaws from reoccurring.
The National Institute of Standards and Technology states that network attackers have four main aims when they are breaching a system. They may do, or attempt to do, any or all of the following:
Intercept. This attacker attempts an unauthorized entry into the network system. He may use packet sniffing or information copying to achieve what is essentially eavesdropping on communications.
Interruption. This attacker's goal is to deny service availability. When these attacks are done successfully, network resources become universally unavailable.
Fabrication. This attack is basically a form of counterfeiting. A fabrication attack will bypass any authenticity checks and engage in mimicking and information impersonation.
Modification. This attack simply reroutes a particular user's information.
Digital network security system analysts are trained to manage both active and passive attacks. Active attacks disrupt a system and may include:
Reply
Service Denial
Masquerade
Modification
Passive attacks can be a bigger challenge to detect because they do not disrupt or change the information. They can take the form of transmission monitoring and traffic analysis.
Paul De Vizard is a freelance writer who enjoys writing about all things technical. This includes Network Monitoring Tools that provide Application Performance Monitoring for large corporations.
