1. Network Security in a Business Setting By: Brian Haumschild

2. History of Business Networks Computers connected inline to a single cable Data/information runs past each computer Data can be stolen by user it’s not directed to

3. History of Business Networks (continued) Each device has it’s own cable, connected to a switch Not as easy to steal data from another computer More secure

4. History of Business Networks (continued) When connected to the internet, the world has access to data if they have the knowledge Measures need to be taken to keep the world out Users still need to be monitored

5. History of Business Networks (continued) There never was a standard for username and password difficulty General Format Name: John Smith Username: smithj Most Commonly Used Passwords: 12345 qwerty god master password New password standard: 8 characters total, 2 numbers, 2 capital letters Good password: c3A8etEk

6. Threats to Networks People seeking valuable information from the outside People accessing the network without permission Employees using information they have permission to view/use, but in an inappropriate way Viruses Worms Trojan Horse Viruses

7. Firewall Can be hardware or software Larger networks require separate firewall server Keeps a boundary between Internet and intranet Everything on the inside considered “safe” Boundary between firewall and Internet called “demilitarized zone” Can’t have a completely safe network and have it be completely functional

8. Security for Users: Solution

9. Active Directory PROs Allows users to access only what you want them to Different groups are granted different access Can change an entire groups access at once Computers or users can be in groups CONs Users/computers can end up in different groups with different access Users/computers can get lost within the groups Users’ computer can override AD

10. Other Partial Software Solutions for Security Automated Antivirus Software Automatically runs Can automatically update all computers Don’t have to worry about forgetting to run it Don’t detect hackers/intruders Other Malware detection: Adware Phishing

11. Thin Clients Simulates a normal desktop Logs in using VPN-type software No hard drive, little memory Easy to secure from server If stolen, it contains no data Users can log in or use some other verification

12. Encrypted Networks Partial Encryption – Hard drives can be encrypted using a password as the key Full disk encryption used to be “good enough” Encryption and decryption is done at the hard drive level As soon as data is off hard drive, it’s no longer encrypted Total Encryption – Every piece of data is always encrypted When data is passed between computers/servers, it is encrypted/decrypted Dozens of keys and types of encryption may need to be used across the network Also uses full disk encryption to be more secure

13. Encrypted Networks CONs Difficult to set up Difficult to maintain Can be very expensive Every server and PC have to have the ability to encrypt and decrypt data PROs As safe as networks get Basically uncrackable Services available to set up total encrypted networks

14. Intrusion Detection System (IDS) Hardware or software solutions Software is cheaper, but more work to set up Can be set up on existing server Hardware costs as much as a server, but basically plug and play Reactive or Passive Reactive will stop intrusion by resetting the network connection or reprogramming the firewall Known as an Intrusion Protection System (IPS) Passive will log the event and report to the Network Administrator Actions are left up to the Administrator Much cheaper than reactive

15. Problem With All of This Hardware can run hundreds of thousands to millions of dollar Requires a lot of setup, space and bandwidth Can require full-time personnel to maintain Sometimes incompatible with other devices

16. Questions?