Network & System Security
Network security involves a process of prevention and protection against unauthorized intrusion into the computer networks. It is a set of countermeasures designed to protect the confidentiality, integrity and accessibility of computer networks system and information using software and hardware technologies. Network security works to keep the network safe from cyber-attacks, hacking attempts and employee negligence.
Every good network security system uses a combination of different types of network security tools to create a layered defence system. The theory behind this strategy is that if a threat manages to slip past one security countermeasure, the other layers will prevent it from gaining entry to the network. Each layer provides active monitoring, identification, and threat remediation capabilities in order to keep the network as secure as possible.
The most commonly used network security components are as below:
• Antivirus Software – The best antivirus software monitors network traffic in real time for malware, scans activity log files for signs of suspicious behaviour or long-term patterns, and offers threat remedial capabilities.
• Application Security – All programs need to be updated regularly and patched to prevent cyber-attacks and protect sensitive data. Application security refers to a combined process of softwares and hardware to monitor issues and close gaps in your security coverage.
• Behavioral Analytics – Behavioral analytics software is designed to help identify common indicators of abnormal behavior, which can often be a sign that a security breach has occurred. By having a better sense of each customer’s baselines, MSPs can more quickly spot problems and isolate threats.
• Data Loss Prevention (DLP) – prevent the company’s employees from sharing sensitive or valuable information (knowing or unknowingly) outside the organization. DLP controls actions such as uploading and downloading files, forwarding messages, etc.
• Email Security – Numerous threat vectors, like scams, phishing, malware, and suspicious links, can be attached to or incorporated into emails. Email security software works to filter out incoming threats and can also be configured to prevent outgoing messages from sharing certain forms of data.
• Firewalls – Firewalls essentially function as a gatekeeper between a network and the wider internet. Firewalls filter incoming and, in some cases, outgoing traffic by comparing data packets against predefined rules and policies, thereby preventing threats from accessing the network.
• Mobile Device Security – Implementing mobile device security measures can limit device access to a network, which is a necessary step to ensuring network traffic stays private and doesn’t leak out through vulnerable mobile connections.
• Security Information and Event Management (SIEM) – SIEMs are similar to intrusion prevention systems (IPS), which scan network traffic for suspicious activity, policy violations, unauthorized access, and other signs of potentially malicious behavior in order to actively block the attempted intrusions. An IPS can also log security events and send notifications to the necessary players in the interest of keeping network administrators informed.
• Web Security – Web security software serves a few purposes. First, it limits internet access for employees, with the intention of preventing them from accessing sites that could contain malware. It also blocks other web-based threats and works to protect a customer’s web gateway.
• Network Access Control (NAC) – By making use of security policies, network access can be restricted to only recognized users and devices or grant limited access to non-compliant devices or guest users.
System Securities
System security is essential for the protection of digital information and IT assets from cyber threats and attacks. It pertains to the protection of computer systems such as hardware, software, network and electronic data.
Broadly speaking, system security includes application security, network security, internet security, data and information security and the end user security.
Let us look into each aspect individually.
1. Application Security
Application security can be achieved by adding security features within applications to prevent from cyber attacks. The attacks can be SQL injection, denial of service (DoS) attacks, data breaches or other cyber-attacks.
There are some application security tools and techniques such as firewalls, antivirus software, encryption, and web application firewall which can help to prevent cyber-attacks.
A web application firewall is designed to protect web applications by filtering and monitoring HTTP harmful traffic. Here are some of the most used Web Application Firewalls are:
Fortinet FortiWeb
Citrix NetScaler App Firewall
F5 Advanced WAF
Radware AppWall
Symantec WAF
Barracuda WAF
Imperva WAF
Sophos XG Firewall
SonicWallNSa
2. Information Security
Information security (IS) refers to the process and methodology to protect the confidentiality, integrity and availability of computer system from unauthorized access, use, modification and destruction.
Information security focuses on the CIA triad model, which ensure confidentiality, integrity, and availability of data, without affecting organization productivity.
3. Endpoint Security
End users are becoming the largest security risk in any organizations. Mostly due to a lack of awareness and ICT policy, they can unintentional open the virtual gates to cyber attackers.
That’s why comprehensive security policies, procedures and protocols have to be understood in depth by users accessing sensitive information. It is better to provide the end users security awareness training program which should cover the following topics:
Cyber security and its importance
Phishing and Social Engineering attack
Password creation and usages
Device Security
Physical Security
4. Internet Security
Internet security is the most important type of computer security which follows a set of rules and actions to protect computer systems that are connected to the Internet. It is a branch of computer security that deals specifically with internet-based threats such as:
A. Hacking
Hacking refers to activities that exploit a computer system or a network in order to gain unauthorized access or control over systems for illegal purpose.
B. Computer Viruses
A computer virus is a software program that can spread from one computer system to another computer without the user’s knowledge and performs malicious actions. It has capability to corrupt or damage data, destroy files, format hard drives or make disks unreadable.
C. Denial-of-Service Attacks
A Denial-of-Service or DoS attack is an attack that shut down a system and making it inaccessible to the users.
D. Malware
Malware is short for “malicious software” that typically consists of software program or code.
The malware is delivered in the form of a link or file over email and it requires the user to click on the URL link or open the file to execute the malware. There are different types of malware such as computer viruses, spyware, ransomware, worms, Trojan horses, adware, or any type of malicious code.