Whether you are looking to protect a small network in your home or one that is the foundation of your business, you will find that it is first important to understand what kind of threats you might be facing. As soon as you have a computer hooked up in order to connect to the network, you will find that there is a chance that it can be exposed to a number of different risks. When you are thinking about what you can do to make a system a great deal more secure, you will find that an understanding of the risks that you are vulnerable to is something that can help a great deal.
First and perhaps most obviously, is the threat of a virus. While the majority of viruses are simply annoying, there are definitely viruses that can damage your network’s hardware, software, or both. For the most part, a virus is an executable file that will be spread by human means and will require someone to open it before it can do its work on the network. When looking at virus threats, it is worth understanding worms as well, which are considered a subset of viruses. Worms do not need human help to propagate themselves, and in fact one example of the way that they work is to turn your computer into an email server that will distribute copies of themselves.
When looking into network security threats, though, it is very important to consider what risks may be present from inside the system. First and foremost, the idea of bad architecture must be considered. If a network is mis-configured in the first place, it can be a very tempting target for people who are looking to get on it. One obvious example of this would be leaving a wireless network unsecured so that anyone with a network card could get onto it. This can certainly happen in a broader and more disastrous scope.
Interestingly enough, one of the most common measures taken to save time is also one that leaves network systems shockingly vulnerable. Consolidating a lot of services to one machine is a common measure for saving time and resources. It is easy to manage and simple to maintain, but if this single machine is compromised, there is a great deal of harm that can happen. While accidental failure is one thing, there is also the concern regarding the ease with which a single machine could be manipulated. In this case, the answer is frequently redundancy.
Computer network security is something that is very important, and if the information that you are safeguarding has anything to do with money or with personal information, it will achieve even a higher priority. Take some time and think about your system and think about whether it is vulnerable to any of the threats above. The more security that you can provide, the better off you will be. The protection of both your company and your customer depend on this aspect of your company’s working, so always consider what network security means to you.
By: Derek Rogers
Archive for August, 2009
What Are The Main Computer Network Security Threats?
August 26th, 2009A Small Business Network Security Survey
August 26th, 2009Many of today’s small businesses use PCs and a server network to facilitate their operations. Important company information is stored in electronic format on these networks, and daily operations are dependent on the network being both available and secure. In many cases, these small businesses ignore or are unaware of the risks that could compromise the safety of the data. To better understand these issues, two hundred of these small businesses were interviewed about their network security. Companies ranged from those with ten employees or less, to those with over a hundred staff members.
Over half of the survey respondents believed that their network was adequately safe or very secure. A large number of respondents did admit that they doubted their defenses against an attack. This isn’t too surprising, as nearly all businesses have experienced some type of security threat in the last year, from lost computers or back-up takes, hacker attacks, viruses, or theft by employees.
The top three threats reported were:
1) Trojan horse or virus attacks
2) Stolen or lost computers, including data storage devices
3) Employee theft or hacker attack
Company defenses reported include:
1) Virus Protection
2) Firewall
3) Spyware Protection
4) Spam Filters
Recommendations:
Most companies reported that they lacked a smart password policy, automated patch management, and employee network use policies. Generally, many of these businesses don’t have full protection against an attack, and have not yet had to put their defenses to the test.
There isn’t one single fix to ensure secure continuity of operations on a network. However, we recommend a layered approach in managing these pressing security threats. This layered approach examines vulnerability in different areas including hardware, software, processes, and training. Every layer added another level of protection to the information environment.
1) Blocking network-based attacks
2) Blocking host-based attacks
3) Eliminating vulnerability
4) Supporting authorized users safely
5) Tools for maximizing effectiveness and minimizing losses
To assure the continuity of your business operations, regular testing of these security measures is required.
Level of Overall Security:
Over half the respondents stated that they thought their network was secure enough or better. 30% of the remainder thought their network was only somewhat secure, and over 10% confided that their network was not as secure as it should be.
These small businesses tend to believe that their network is relatively secure: 63% of businesses with less than ten employees and almost 75% of those with between eleven and twenty-five staff members. The larger companies were not as sure of their defenses, with over half of those with fifty to one hundred and 44% of those with over a hundred employees felt secure or secure enough. In the fifty-one to one hundred staff category, over 20% reported that the network was not as secure as should be. In general, the bigger the company, the larger the network – and the greater the number of security risks it must defend against.
Experienced Threats:
The respondents reported on security lapses or attacks that they’d experienced over the last year. The survey showed that Trojan horses or virus attacks are the most common threat to the network, with about half reporting experiences with these issues in that time. The larger companies reported at 40%, the lowest rate, which is indicative of better defenses. Over 60% of the smallest companies reported virus-based attacks.
Loss of company information from theft or loss of storage devices appeared to be a minor threat for smaller companies, but this risk increases with company size. Over 33% of the larger firms reported this sort of experience. Hacker attacks were most often experienced by firms with less than ten employees and those with over a hundred. It seems the smaller networks are more vulnerable, and the largest ones are high-profile, with a greater chance of becoming a target. Unfortunately, staff members can create a security risk themselves; about 10% of businesses reported that they had experienced unauthorized access or theft in the allotted time frame.
Devices and Procedures:
Good procedures, processes and systems can help defend against security threats. In the survey, respondents were asked which security methods were in use. Most reported that they had virus protection and firewalls. Around 25% lacked spam filters and spyware removal, leaving networks open to malware which ranges from dangerous to annoying. Under 50% have patch management or a smart password policy in place. This smart password system uses passwords with a mixture of normal and special characters which are frequently changed.
As compared to the largest companies surveyed, smaller businesses are less-often implementing network use policies for employees. Over 80% of the larger companies have defined guidelines for proper and improper network use. These guidelines attempt to lower the amount of network activity unrelated to the business, which result in increased security risk. Many of the respondents use wireless networks. Wireless networks are some of the most vulnerable access points if not well-secured. Only a few companies reported that they use all the top-priority security measures listed in the survey.
Testing:
No security device or feature can be known to provide real defense until it’s been tested. Anti-virus specifications could be out of date, a hole could exist within a firewall, or staff members could not be using the correct practices for a safe and secure network. About 25% of respondents indicated that either they couldn’t remember the last time they tested their security, or didn’t know that they ever had. This seems to indicate that while many have implemented security defenses, they can’t be assured that the expected protection is actually provided.
The very smallest companies least-often tested their security measures. About 10% of businesses had tested security, but not for over a year. As the threats change over time, dangerous lapses can occur without periodic testing. Around 33% of respondents reported that they’d tested their security measures within the last month. Validation of network security elements on a regular basis is important to system integrity in an overall continuity plan. It is unfortunate that usually a company only examines its level of exposure after a damaging event which negatively affects the business.
By: Nick Pegley
Free Webinar: Bank Managed Network Security
August 24th, 2009Rest Assured with Gladiator’s Dedicated 24×7x365 Managed Security Services
September 16, 2008 10:00 AM – 11:00 AM CDT
Today’s information security landscape is ever-changing in an attempt to keep up with new regulatory guidelines and rapidly changing technologies. And as today’s systems become more complex and your institution becomes more reliant on the Internet to conduct business, your need for enterprise information security knowledge and expertise grows. Because of this trend, and due to ever-changing regulatory pressures, financial institutions are finding it more cost-effective to outsource security monitoring responsibilities. You need a technology partner you can rely on…you need Gladiator’s Dedicated 24×7x365 Managed Security Services by your side.
At Gladiator Technology, we understand that information security is a process, not simply a product. Let us show you why.
Join us for a FREE 1-hour webinar to discover how Gladiator can help you meet your institution’s security objectives. Learn about our unique 24×7x365 multi-layered security solution that far surpasses other companies’ more generic security approaches. With Gladiator by your side as your Managed Security Services Provider (MSSP), you can rest assured that your reputation is protected along with your non-public confidential information.
Topics highlighted during this webinar include:
• Gladiator’s 24×7x365 multi-layered security solution vs. more generic products
• Our dedication to the financial services industry
• A Tour of our state-of-the-Art Security Operations Centers
• Best practices and tips for managing your enterprise information security
• Gladiator’s “best of breed solutions” complement any core processing platform
• Our expertise regarding regulatory requirements and processes
• Moderated discussion: your chance to ask our experts about your specific concerns
Our Gladiator Experts include:
Matt Riley, CIO - Matt manages enterprise security for Gladiator, oversees strategic direction for new product and service offerings, and cultivates strong relationships with clients and strategic partners. With more than 9 years of experience in the financial services and information security industries, Matt is adept at providing professional security advice to clients regarding appropriate security practices and regulatory requirements. He is a regarded authority in his field, and is respected as an educator who speaks on topics covering information security, incident response and host intrusion prevention.
Mike Bell, National Sales Manager and Co-Founder – In his key role, Mike cultivates new business relationships with community banks and credit unions nation-wide. With over 19 years of business experience in the financial services industry, Mike’s extensive market knowledge and leadership skills have helped position Gladiator Technology as an industry leader. One of the co-founders of the company, Mike has successfully leveraged his extensive financial industry background to build a nationwide client base for the company.
Sign up Now!
By: Denise Houseberg
Secure your Network Environment with Network & Security Audits
August 24th, 2009Network security auditing is one of the first steps in truly securing your computer or network environment. The purpose of network & security audits is to make sure that a company has followed the necessary steps for protecting its data. These audits usually involve a set of periodic, pro-active compliance and assurance procedures that help in the assessment of the security of the IT infrastructure of your organization.
The network & security audits encompass security architecture, security policy, and vulnerability assessment of your information network. Many a time, these audits are performed by ethical hackers employed by the auditing companies on entire networks to assess the potential network vulnerabilities of your IT infrastructure. The ethical hacking team usually stimulates an attack without interrupting and damaging your crucial network services. This not only tests the network, but also the awareness and response of your company staff based on the assessment.
The professionals undertaking network & security audits create a detailed report of vulnerabilities and loopholes in your network security system, and also propose best practices for your network environment. The establishment of clear security policies and procedures would help you in better protection of your company’s information network by advising employees of expected conduct with regard to the proprietary information and use of company equipment.
Often, the term penetration test is used interchangeably with network & security audits. However, it is important to understand that both are not the same thing. Penetration Testing involves a very narrowly focused attempt to identify the security lapses in a critical resource like a firewall or Web server. Penetration testers usually look at one service on a network resource with minimum inside information.
On the other hand, network & security audits are systematic and measurable technical assessment of your organization’s security policy on a larger scale. The network auditors often work with the complete knowledge of the organization, sometimes even with inside information, for thorough understanding of the resources to be audited.
The network security auditors undertake their work through personal interviews, detailed examination of your operating system settings, vulnerability scans, proper analyses of network shares, and historical data. Their primary concern is how the security policies of your company, which form the foundation of an effective security strategy of any company, are actually used.
For getting more information on network consulting and Network & Security Audits, visit pronetexpert.com.
By: Martin
Computer Security
August 24th, 2009System security means to protect the data residing on your computers from any external threats such as viruses, worms, and any hackers. This protection can be done by any anti-virus software or firewalls. This will be of course very important to enterprise servers which store important data for the company.
On the other hand, network security refers to protecting the data while it is traveling across the line from one computer to another. In this case hackers can easily intercept this data and read it which may contain sensitive information. Hackers can also modify this data before reached to the destination. Of course, many possibilities can occur by the hackers while the data is traveling.
There are three important terms must be known for a good understanding of network security:
1. Confidentiality: This term refers to the privacy of the data being sent. Thus some means must be applied when sending this data. The most common approach is encryption. By this approach, the data is encrypted first before it is sent. Thus, if a hacker intercepts this data he cannot read it.
2. Authentication: Consider some one attempt to access restricted resources such as email account. Not anyone can access your account of course. Only the person having that account can access it. When someone accesses such a resource, he must provide his credentials (username and password) to the server before getting the resource on his computer. This procedure is called authentication. Thus the server must first identify the person before getting him what he need.
3. Integrity: this term refers to sending the data without any modification. Consider while you are sending your data and someone takes this data before arriving and modify it and then resends it. The solution to attempts this attack is to append some bits along with data which is function of the actual data being sent and may be encrypted also. The receiver then must verify these bits before considering it correct.
Each of the above techniques is implemented using variety of algorithms. For example an algorithm is called DES is used to encrypt the data before sending it.Fortunately, you don’t have to understand each algorithm to understand network security, just take an idea about it along with what it does.
By: youssef edward
