Businesses have been spending more and more money on network security, but given the amount of money that they are spending, they have started to want to see what they are receiving for the amount of money that they are paying out. In order to better assist businesses in understanding why network security is important, network attacks will be explained, and a look at why the amount of money that has been spent on network security has been not only a worthwhile endeavor, but crucial in order for business to continue to operate as usual.
A network attack occurs when a malicious user or program works to try to gain access to a system or works to attempt to take the system down; it may come in a wide variety of forms, including DDoS (Direct Denial of Service Attack) or a brute force attack, wherein an algorithm works to try to pound its way through the gates that are the security system. Network attacks such as these, if they are not protected against may cause unauthorized access of customer data, unauthorized access to trade secrets, downtime of a company’s system, downtime of a company’s customer facing site, and potentially irreversible loss of data.
Use your promo and get a custom paper on
"Selling Security to the Organization".
The implementation of a security policy framework is a key aspect of information security for any business; for a business that deals with a large amount of personal customer information, this type of framework is essential. These frameworks serve as a means of protecting the data that is present on the network and work to keep the network secure at the same time. There are seven different domains that must be addressed when developing an effective security policy framework, including access controls, security operations and administration, malicious code and activity, monitoring and analysis, cryptography, communications and networks, and risk response recovery; for each of these seven domains, a business will have a different security policy or framework in place. If one of these areas is not covered, that generates a security hole where the data could become compromised, or an unauthorized user could gain access to the network, working to take down the business or their site for an extensive period of time.
Access controls serve to determine which users are able to access which pieces of information in the software that is being used, or in the database itself; these permissions may be setup on an individual access basis, or on a role based access. Individual access means that each person’s profile was setup individually, whereas in a role based setup, certain profile types are setup, and based on a person’s position in the company determines their level of access. The challenge that is presented by access controls occurs when incorrect permissions are set, giving a user too much or too little access to a particular area; in order to combat this issue it is imperative for the security admin to review the account’s permissions before giving the access over to the user, and ensuring that there is no security hole where someone else could gain unauthorized access.
Security operations and administration is in charge of maintaining the operating level of the security department; if they do not work to make sure that the systems stay up to date, it may cause an opening to occur wherein a hacker may exploit a vulnerability and gain customer documentation. In order to ensure this does not occur, automatic updates may be setup, something that will serve as a means of protecting against the malicious code and activity potentials that a business may run into.
Monitoring and analysis serves to track and analyze network data, looking for any potential heavy loads that may cause a strain on the system, or any potential outside attacks. The creation of a network operations center, or NOC, serves to allow for the monitoring and analysis of the network, working to prevent any issues before they arise.
Cryptography is the aspect that looks at the encoding that is used in order to protect data on the system; if an old or outdated algorithm is used, it will make the network and the files less secure than they would otherwise be. In order to prevent possible issues that may arise as a result of a use of an outdated algorithm, the security team must work to ensure that they are using the most updated cryptographic algorithms for security purposes in order to keep the data secure.
Networks and communication are the two aspects that serve as a means of allowing the business to operate from multiple terminals, all working together to access the same intranet. While there are a host of issues that may arise from this one particular domain, including server failure or wiring failure, these issues are all able to be combatted through backups and making sure that the wiring for the building or office is all fully tested before setting up users on the system itself, and making sure that there are no holes wherein someone unauthorized could access the network.
Risk response recovery has to do with the processes of risk assessment, determining a response to a failure, and working to recover from that failure. Through a process of setting up specific guidelines for risk assessment and management and going through and identifying each exact issue that could arise and the probability of those issues occurring, the team will them be able to create a plan that will work to address these eventualities, ensuring that the recovery process goes as smoothly and expediently as possible, making sure that there is as little downtime as possible for the company itself.
Security policy frameworks serve to provide a necessary component in determining, resolving and predicting issues that may occur within a system, and in working to prevent issues where it is able, serving to allow appropriate compliance with applicable laws, rules and regulations and it is by working to make sure that each of these seven areas are in place, a corporation is ensuring that their data is protected, that their customer’s data is protected, and that their company will continue to do business as normal without any form of downtime, and without any loss of data. The question is not whether or not the amount being spent on network security is worth it, but rather, the question is could a company afford to take the kind of loss that would occur if it was not present?
