Information transmitted over networks has a higher degree of security risk than info kept on a company’s premises. Security measures such as usernames, passwords, and firewalls are used by administrators to protect a network. Security risks are greater on vast networks with no central administrator, such as the internet.
The integrity and security of data stored within an information system can be threatened by a number of actions, devices and events. Can be accidental, deliberate or as a result of a power surge.
Accidental threats Some are hard to guard against. Files can be accidentally deleted or sent to the incorrect person via email. Portable memory devices (such as USB’s, external hard drives etc.) can be lost or misplaced. These files may be retrievable (if saved to another location), however they may be backup files of original files which have since been deleted. Confidential information in the wrong hands can have critical impacts.
Deliberate threats Includes unauthorised access to computers and networks, either through a hacker bypassing network security, or by finding a flaw in the security structure, or through an authorised user using a password which is predictable or somehow compromised. Unauthorised users can then seek to damage files, use information for their own advantage, or cause other forms of trouble. Networks should be protected from deliberate attacks from malware, such as viruses, worms, Trojans, spyware etc. The affect of a virus can range from simply taking up extensive storage space to destroying files and rendering computers unusable by overwriting the boot sectors on hard drives.
Power surge Occurs when the incoming electrical power increases more than 5% above the normal system voltage (240 volts). A spike (which is momentary surge), can be caused by a lightning bolt striking power lines. It can result in immediate and permanent damage to a computer or network.
Most network require you enter a username and password before you can access the data kept on the network. Some usernames may be assigned to you, others you can choose for yourself. Passwords are often chosen by the individual. Some systems have guidelines the password must satisfy to be compliant. Users are normally encouraged to enter a combination of letters number and sometimes symbols to make their password more secure.
Password protection PasswordAverage time to discover Number of characters Possible combinationsHumanComputer 1363 minutes0.000 018 second 21 3002 hours0.000 65 second 347 0003 days0.02 second 41 000 0003 months1 second 560 000 00010 years30 seconds 103 700 000 000 000 000580 million years59 years
To prevent unauthorised access to data and information, companies protect their intranet with a firewall. To implement a firewall, many companies route all communications through a proxy server. A proxy server is a server outside the company’s network that controls which communications pass into the company’s network (i.e. The firewall screens all incoming and outgoing messages).
A server on a LAN can use one of the 1024 ports available to allow its services to be accessed by external users over the internet. A firewall can be set to block any or all of these ports to restrict access to outsiders. By blocking the incoming ports, external users cannot use that port to hack into the local network. Holes are opened by unblocking a port. This is done to allow legitimate access to the LAN (i.e. Remote users).
Wireless is very convenient, however, it does pose additional security risks. ‘Wardriving’ occurs when a perpetrator drives through areas they suspect might provide easy access and attempts to connect to wireless networks. To avoid unauthorised access, a Wi-Fi network should include a firewall and ensure equipment uses one or more wireless security strategies. Suggested strategies are: not broadcasting the network name, and using Wi- Fi Protected Access (WPA or WPA2), which is a standard that defines how to encrypt data as it travels across wireless networks.
Questions What is the common way for viruses and worms to spread through a network? Describe how verifying the identity of a user can protect a network? Many websites require a password. Do you think a website can be secure? Why/why not? Do you think a website should limit the passwords attempts to 3? What is a firewall? Describe three measures that should be incorporated into a wireless network to restrict access by unauthorised users and to secure the transmission of data. Design a pamphlet for home network users detailing the importance of network security, the issues that can arise if users do not secure their network, and suggestions on how users can secure their network.