 Security References |
| |
| What is security? |
|
I.T. security is the process of preventing and detecting the unauthorised access of intruders and viruses. It has become a necessity to implement and maintain up-to-date security utilities and policies, in order to prevent the stealth and destruction of information and computer systems.
With the widespread usage of computers in organisation, with businesses going online and embracing the world wide web, the need for I.T. security becomes a dire necessity today. From simple threats like viruses, malevolents have graduated to threats from as many fronts as possible and causing various kinds of destruction. I.T. security must now be a serious concern and a necessity to organisations.
|
| |
| What are Security Policies and why do you need them? |
|
A security policy is a document that informs human assets of what are the threats or malpractice activities and the best practices. For example: you shan't receive your e-mails from outside of the network, you shan't open attachment with the .exe extension, you shall back-up your PC every Friday and update your operating system every Monday, etc. The simple procedure, which consists of educating your employees, can considerably improve your organisation's security level.
Most computer virus infections and hacking activities are internal security issues. The human resources of a company would not know what represents a threat unless told by the company I.T. policy. For example browsing the network and taking information from the network server can be considered theft, sharing a folder on network can compromise security and most viruses can be recognised by their file names if the user knows them.
|
| |
| What is Security Assessment and why do you need it? |
|
Basic knowledge of I.T. threats will determine whether an organisation needs a firewall or an anti-virus, maybe an Intrusion detection system or an encryption tool. However, there are a lot of different kind of security tools and some of them might be more applicable to your business or even your way of working. A security framework should not be based on what you own but on what you need to protect.
The assessment will evaluate your I.T. infrastructure, as well as your working processes and your company assets (what needs protection), it also consists of identifying vulnerabilities. Once, an expert appraisal has been done, the most suitable products can be applied on your working environment.
Auditing will make sure that everything has been implemented correctly in order to provide optimum security. With the growth and development of a company, needs change, thus auditing will make sure that the existing security is still appropriate for your needs or whether it needs to be updated. Auditing is also practical when you already have security utilities installed, in order to identify ways to increase the security level.
|
| |
| What are Anti-Virus? |
|
Anti-virus is used to prevent virus infection of the documents, as well as the applications and hardware. Viruses are now a common problem with the introduction of e-mail communication.
Considering all the ways and means of spreading a viral infection, Anti-Virus products are necessary on the network, mail server, workstations and end-user computer. An anti-virus on the network will block the spreading of worms as well as macro viruses when files are exchanged using the network platform. 90% of viruses are spread by e-mails, so an anti-virus at the mail server will filter all in coming and out going e-mails and block known viruses from entering or leaving the organisation via e-mail. The remaining 10% of virus infections come from the connection to the Internet using exploits from Operating system, or via the exchange and use of floppy disks and unknown or polymorph viruses travelling through the network or e-mail. A personal anti-virus is always a necessity on every workstation of an organisation as well as on the end-user computer.
Viruses can be quite destructive if not detected early enough. Some even damage the hardware of your computer (e.g. C.I.H.), others can delete system files, slow down applications or cause the computer to stop functioning. They can also corrupt documents, which may have informative value or time value. Anti-virus is important in order to maintain the best working conditions, as well as preserve the computer investment.
|
| |
| What are Firewalls? |
|
Firewalls control the traffic through the network by checking for valid identification. A firewall system blocks, redirects, monitors or permits network connections between two networks, a public or unsecured network and a secure network. It can be a special purpose device that physically sits between the two networks or it can be a software package installed on an individual host to accomplish similar tasks for that host.
Firewalls can be used proactively, aligned with the defined policy requirements. In this mode it is generally more secure to disallow everything and then only permit the type of traffic that an organization explicitly intends to pass through the firewall. The purpose of a firewall is to prevent unauthorised access to network data.
|
| |
| What are Intrusion Detection Systems? |
|
Intruder Detection System (IDS) monitors the traffic on the network. It monitors packets on the network wire and attempts to discover if a hacker/cracker is attempting to break into a system or cause a denial of service attack.
An IDS may run either on the target machine, which watches its own traffic, or on an independent machine watching all the network traffic (hub, router and probe). An IDS is placed in each segment to monitor packet flow to and from the servers. Network-based intrusion detection and real-time response system provide total threat protection and prevention from the network's perimeter and throughout the internal systems.
|
| |
| What is the Demilitarised Zone (DMZ)? |
|
The DMZ is the area between firewall and web server. The firewall does not scan HTTP request, which can also be used a source of attack. With the proliferation of Intranets using web-based technologies and the tremendous development of businesses going online with B2B, B2C and now ERP and MRP solutions, the web server security becomes crucial. DZ security tools complement the firewall by protecting web servers' vulnerabilities from being exploited.
DMZ Security solutions intervene between the firewall and the web server. They operate transparently, without affecting the traffic to the server, and yet protecting it from any intrusion, stealth of information or defacement. They maintain web sites in their original state at all time.
|
| |
| What is Single Sign On? |
|
The need for computer security has imposed the use of usernames and passwords to secure access to applications, websites, network, e-mail and internet. The number of such usernames and passwords can reach high levels and lead to users using a simplified user name and password for all applications or the likes and thus rendering worthless the security level. They may forget their user ID and password, which causes security issues and wastes administrative time and resources.
With Single Sign-On (SSO) the user needs to remember only one user ID and password. An SSO solution enables the user to identify himself or herself only once in order to be able to access any information on any systems that they are authorised to use. SSO solutions assist users by reducing the number of user ID and passwords to remember, making systems easier to use, reducing support calls and enhancing security systems, as well as enforcing security policies.
|
| |
| What is Encryption? |
|
Encryption or cryptography deals with all aspects of secure messaging, authentication, digital signatures (used to verify that a message really comes from the sender), electronic money, as well as coding of information. On top of maintaining information confidentiality, the encryption tool firmly keeps usernames and passwords safe. Hence, a malicious user who would like to "borrow" your authorised identity to hack cannot obtain such information.
Cryptographic tools are based on workstations, they are also found on Internet software to secure Internet transactions (SSL sessions).
|
| |
| What is Content Filtering? |
|
Content filtering utilities are convenient in many ways. The best feature of such utilities is that it can detect known viruses coming into the mail server by checking for file attachments. It can also apply the organisation's security policy by blocking the entry of certain file extensions that will represent high risk of worms or entertainment. Content filtering also monitors the Internet access and prevents certain web site access.
The content filtering utilities are based behind the web server and mail server. They prevent known viruses, enforce the company's policy and ensure the commitment of employees to the security rules.
|
| |
| How much budget should I allocate for Security? |
|
| Investment in making your working environment secure will represent a financial cost. You should ask yourself how much is your organisation worth. As we are moving in a paperless business world, how much work will your company undergo if they have to start all over again. You should also consider the financial burden, should vital and confidential information fall into the wrong hands. When you secure your enterprise, take into account the data contained in your network and identify what are your main assets.
|
| |
|
|
