Network & Information Security

< An Overview Of Network & Information Security Techniques >

Network & Information Security : An Overview

In today's security conscious media, we often hear the terms 'Network Security' or 'Information Security'. Network Security is generally accepted as the study of physical computer networks and the prevention of attacks or intrusion from outside 'hackers'. Information security, on the other hand, deals more with what happens inside a company or organisation (industrial espionage, employee data theft or loss, viruses etc.)

Network Security

There are many techniques used these days to provide protection from both sides, but the most common starting ground is to break up networks and information into controlled access-areas, each of which require various means of authentication.

The most obvious example of this is the login 'username' and 'password'; with most of us juggling many of these for on-line banking, shopping accounts and credit cards, to name but a few. Many of us will also be familiar with further levels of security such as a PIN or personal questions (known, hopefully, only to us!) and quite often we're only asked to provide a couple of letters or numbers that are randomly selected - further protecting the integrity of the 'password'. Online banking in particular has had to take this route, as using just a username and password is too simple; effectively, only one of the two is very secure - as the username is often obvious or simple to arrive at for a determined hacker or fraudster.

Other services make use of a physical key, card, dongle or even your mobile phone which you're required to have on you at the time of authentication. Some systems, notably military and high-security, will take this to an even higher level and use the stuff of science fiction; retinal & fingerprint scans, bio readouts, voice & facial recognition and analysis etc.

Communication is often encrypted to further protect data integrity, both in terms of the network 'chatter' - i.e. the network's internal communication with itself, as well as the data itself. We often hear of '128bit' encryption security with online banking - and this is still considered secure - although, as systems get faster, there will surely be an increase in the number of bits. It is often a weakness in the algorithm though that is exploited for a hack attack - not the key length.

Information Security

Once you've achieved access, there are further stages of security designed to control and restrict what you can move in and out of that system. The term 'Firewall' is something most of us are familiar with, but very few of us understand what they really do. In layman's terms, they enforce what are known as 'access policies' - which are a set of hard and soft rules governing what is and isn't allowed to move data around. Although Firewalls are important in helping stop initial breaches, they cannot generally deal with malware, harmful or illegal content - such as viruses and all kinds of dangerous scripts...

This is of course where our Anti-Virus type security software takes over. It analyses data and looks for digital 'signatures' of any kind of threat - using databases of known problems as well as some intelligent analysis of patterns and activity. It can also effectively study the behaviour of software, systems and users to detect anything that is 'out of the norm' - logging it away or passing messages on to systems auditors or controllers to decide what to do.

The Internet: A Network of Networks

It's important to understand that the Internet is simply a vast 'network of networks'. When you connect, via your local ISP (Internet Service Provider,) you're not really connecting to the 'Internet' - you're connecting to a network that is in-turn connected to an Internet 'backbone' - an incredibly powerful mini-network - and so on. Your simple browser request to view the BBC Weather page may have gone through 10 or more networks, passing the page data and graphics back down the line so that your browser can interpret the information and 'draw' your web page on your screen!

TCP/IP (Transport Control Protocol/Internet Protocol) is the 'language' of networks and the internet. And it is this language that you have to learn to control when you are administering network functions and security. Networks work by passing small data 'packets' around - bite-sized chunks of information that can be readily controlled and easily routed. It's a marvel sometimes that any data goes anywhere when you look at the complexity involved in just getting a single word on your screen from a website that could be next door!

Security Policies & Considerations

With all security considerations, there are trade-offs to manage. A system could theoretically be at one extreme 'totally secure' and at the other, 'totally open', but the reality is that actual security lies somewhere in-between these two poles. To be totally secure, a system would have to have zero data traffic in and out that could be manipulated, no power running to it and locked in a vault somewhere as unreachable as the moon!

Obviously, this wouldn't be a lot of use to anyone. And since we don't want a system to be completely open so that anyone, anywhere can do what they want with it, we have to understand that there will inevitably be some level of compromise in any security policy, as with all aspects of life. It is this level of 'compromise' that causes the vast majority of security issues. And gauging and implementing the required level in so many areas has obviously become a highly specialised (and highly paid) field.

Any business or organisation must investigate and weigh-up where it needs to sit inside that area of compromise, and then document those findings as its 'Security Policy' - so that it can be executed and delivered at all levels in a consistent and efficient way. This is the job of the security analyst/professional and often encompasses ethical hacking; the term for a legally authorised attack on a security system to discover its weaknesses, document them and then put a program into place to stop them from being exploited by an illegal attack.

How does a hacker get into a system?

Answer: Via any connection at all that your system has to the outside world. This can be through the internet, networks, modems, USB devices, wireless & Bluetooth connections, mobile phones, telecoms equipment, CD's and DVD's, and the list goes on... A malicious or disgruntled employee could upload 'problems' into, or download information from, any system they have access to.

Information Security is every bit as important as Network Security - as statistics show that far more data theft and security breaches happen internally than are attributed to an external attack.

Continued... Click on the 'Next' link further down the page...

Security Certification Programs(11 Related Products : 9 Shown)

Next : Network Security Certification
Or : Wireless Networking
Or : CompTIA Certification

FREE : IT Certification & Career Training Guide