Chapter 4

What is Network Security?

SANS (SysAdmin, Audit, Network and Security) institute defines Network Security as the
preventative measures taken to safeguard network infrastructure from unauthorized access,
modification, malfunction, misuse, improper disclosure or destruction of data.
Why Network Security is needed?

There is a significant need for network security in a computing environment to protect data and

information from unauthorized users. There are three key components of any network security

that must be in place. These are Confidentiality, Integrity, and Availability, also known as CIA

triad. Confidentiality ensures that the data is not intercepted by hackers when it is being

transmitted on a network. Integrity makes sure that data is not changed, damaged, or manipulated

during the transmission over a network. Availability is also a security service that ensures that the

systems and devices are available only to authorized parties.

What are the Significant Network Security Attributes?

There are a lot of practices that must be applied by organizations in order to prevent attacks on a
network. The following sections elaborate on these practices in details.

1. Network Security Policy: Network security policy is a written document that stipulates the access

privileges and limitation of authorized users. This essential document also describes the network

security measures that should be taken periodically. For example, the occasional carrying out

of risk assessment tests and disaster recovery plans.

2. Password Policy: The password policy emphasizes that the password should not be very simple

and associated with a user’s name and his/her birth specification. Instead, it should be strong

enough to thwart password attacks such as Dictionary attacks, Rainbow Tables, or Brute-force

attacks. A strong password should consist of at least 8 characters that involve upper and lower case

Page 1 of 10
 letters, special characters, and numbers. In addition, employees should be obligatory to change

passwords every three months or 90 days.

3. Using a Multilayer Security: Multilayer security is the act of securing the network with a

combination of multiple security tools such as the deployment of antivirus program, firewalls, and

intrusion detection system simultaneously.

4. Deploying SIEM: Security Information and Event Management or SIEM, in accordance with the

Gartner, is a security tool that supports threat detection and incident response through the real-

time collection and historical analyses of events from multiple events and data sources. SIEM
helps organizations to secure networks and prevent threat actors from infiltrating the network by

alarming analysts through security alerts. Therefore, SIEM should be a part of a corporate network

security system.

5. Keeping Network Up-to-Date: Threat actors often find loopholes in corporate network

security by capitalizing the older versions of the operating system, software, device drivers, or

network devices. To prevent this situation from happening, organizations must run a timely update

to keep their operating systems, device drivers, software applications, and other critical tools up-

to-date.

6. Providing Training to Employees: Human is the weakest link in any network. That’s why hostile

actors carry out social engineering and phishing attacks against humans. However, businesses

should conduct a training program for employees to educate them against potential threats and

proactive measures to avert these threats. For example, the users should be prevented to use social

networks, torrents, or unwanted downloads during the office time.

7. Physical Precautions: Ensuring the physical security of network infrastructure is also essential.

For example, DNS server, data server, and other critical systems and network devices should be

placed at a secure facility where physical controls such as mantrap and biometric locks must be

deployed.
8. Cryptography and Wi-Fi Security: The data must be encrypted before sending it to other places

over a network. Wi-Fi network should also be secured with digital certificates.
Page 2 of 10
 NB: DUFFERENT research STUDY article is based on ensuring network security in a

computing environment. The researcher pointed out the various attributes which are highly

significant to protect data and information from unauthorized users. As a result, it is evident that

cyber threats are greater in number and sophistication and, therefore, networks are vulnerable to

these notorious attacks. However, if organizations take some proactive measures, then network

security can be ensured.

The Best Tools and Techniques for Network Security

Regardless of the vertical industry a company operates in, network safety is essential for
any business to ensure the protection of the usability and integrity of the network and data .
While there is no network that is fully immune to attacks, the right network security system
helps to significantly reduce the risk of a company’s and its customers’ data being leaked.
Attacks can occur at various levels, which is why network security needs three e lements
of control:

 Physical: Designed to prevent unauthorized physical access to components, such as

routers. It may consist of cameras, fingerprint scanners, etc.
 Technical: Designed to protect data stored on the network from unauthorized access
and/or hacking attacks.
 Administrative: Consists of rules and security policies that are designed to regulate user
behavior (i.e. how authorization works, the level of access, etc.)

Nb: Network security protects your network and data from breaches, intrusions, and other
threats. Here are the network security basics to secure business networks.

Network security basics for business networks

If the network is not adequately secured, a company risks not only losing data but trust
and reputation in the market in the event of an attack. All the effort a company puts into
promoting and generating traffic to a site can suddenly be destroyed if a company fails to

Page 3 of 10
 properly secure its network. Therefore, it’s important to familiarize yourself with best
practices and different types of network security.
There are multiple ways in which companies can secure their network:

 Firewall Protection: Next Generation Firewalls together with integrated Intrusion

Prevention Systems (IPS) block malware and attacks. The protecti on works based on the
rules set by the respective company.
 Virtual Private Networks (VPN): Encryption is a simple but very effective method of
securing corporate data. A VPN works particularly well for companies with employees
working remotely. After all, the employer has no influence on the security of the network
to which the employee connects (especially if they use a public network, or work from a
café, for example).
 Network Access Control (NAC): NAC provides protection for an organization’s entire
network perimeter (both physical infrastructure and cloud-based systems). What is more,
it also blocks attacks even before they become reality.

Simple and effective network security measures

Further to this, to ensure the highest possible network safety, some best practices should
also be followed:

 Back up: Can be seen as an extension of a company’s network security program. In

many cases it can serve as a last resort in the event of data loss.
 Staying compliant: Cybersecurity regulations are changing, leaving many companies
behind. Unfortunately, penalties for non-compliance come with high price tags, which is
why it’s vital to always stay up to date with cybersecurity laws.
 Security policy: Speaking of regulations, it’s also worth remembering to establish
internal guidelines for company employees. Providing regular trainings on network
security is advisable, including instructions on correct behavior in case of emergencies.
 Updates: Methods used by hackers are evolving. Software that was great at securing the
network yesterday could suddenly be useless today. Regularly updating anti-virus
software or security policies can help companies stay on top of cybersecurity.

Page 4 of 10
 Passwords: Appropriate passwords, password management tools, and two -factor
authentication are just some examples of how companies can better secure their networks.
Network safety is only as strong as the weakest password.
 Network security tests: Security experts can gauge the overall state of your network
security measures as well as the risks facing your system. A security audit, vulnerability
and security scanning can all help to identify risks and offer routes for you to improve
network safety and protect your business.

Network security solutions from ALSO

The ALSO Security awareness solution is the ideal tool for companies in any industry.
As we mentioned, educating employees is extremely important, but it’s not always done
in the most effective way. This is where our solution comes in, as it concentra tes on what
is most important: people, with a focus on initial countermeasures in the event of a security
incident. With six different solution modules, ALSO creates concepts for uniform
corporate training with the aim of bringing about a functioning cyber security culture.

Another great solution in the ALSO portfolio is Workplace Security, which is designed
for all businesses. The essence of the solution is easy implementation and effective
management of processes and products, while reducing total costs in the long term. Mail
security as well as endpoint and network security are the three pillars and network security
basics that should be in place to prevent attacks.

To protect organizations against data loss, backup & recovery should be an integral part
of an IT disaster recovery plan. By adding the workplace security solution to their
portfolio, ALSO partners have the opportunity to show their customers just how reliable
their services are.
10 proven ways to secure a computer network.
1. Install and Monitor Firewall Performance

Page 5 of 10
A firewall is designed to block unauthorized access to computers and networks. In essence, a
firewall is a set of rules that controls network traffic — incoming and outgoing. Computers and
networks that pass these rules are granted access, and those that don’t are walled out.

Firewalls are becoming more and more sophisticated (as are hackers), and some of the newest ones
are integrated network security platforms that consist of different approaches and encryption
methods, all working to prevent breaches and malicious activity.

2. Update Passwords When Needed and/or Yearly

Hopefully your employees know to avoid default passwords or phrases like “password,” “12345”
and their dates of birth. In addition to using strong passwords that feature letters (uppercase and
lowercase), symbols and numbers for added security, require employees to regularly change their
passwords.

It’s been recently recommended to change passwords whenever there’s reason to suspect
they’ve been compromised, and annually even if they appear to remain secure. Changing
passwords too often can lead to confusion and delays, leading employees to reach out to IT for

reminders of their credentials. It’s a bit of a tightrope.

Many businesses now require two-factor authentication to connect to the network. In addition to
entering a username and password, users may also need to enter a code they receive via text or by
another means to connect to a system or Wi-Fi network.

3. Lean on Advanced Endpoint Detection

In order to respond to the continually evolving online threats in the world today, advanced endpoint
detection and response is technology that uses AI to watch for indications of compromise and
react accordingly.

The technology collects and analyzes information from network devices, endpoint logs and threat
intelligence feeds, identifying security incidents, policy violations, fraudulent activity and other

Page 6 of 10
threats. In order to respond more quickly, these solutions employ a high degree of automation to
enable security teams to quickly identify and respond.

More advanced than antivirus software, endpoint detection and response is part of a modern,
layered and proactive approach to cybersecurity to defend against ever-changing cyberattacks.

4. Create a Virtual Private Network (VPN)

With millions of people working remotely in a cosmic work shift accelerated by the pandemic,
there’s been a massive increase in reported cybercrimes. VPNs create a more secure connection
between remote computers and company servers.

With a VPN, only those authorized to access your systems will be able to do so. A VPN
can dramatically decrease the likelihood of hackers finding a wireless access point and
wreaking havoc on your system.

5. Train Your Employees

Every preparation you have won’t be effective if the people using your system aren’t following
security best practices. Frequent reminders about risks and mitigation steps can help them keep
network security at the forefront of their attention. Some organizations implement mandatory
meetings to help communicate their importance. Educating employees about how to avoid major
security risks or getting victimized by identity theft is possibly the greatest weapon you have in
boosting your security.

6. Filter and Delete Spam Emails

Phishing emails from hackers are crafted in a way to entice your employees to open them and
click on sensational offers or links that seem legitimate. Spam filters have advanced
considerably and should be leveraged.

Page 7 of 10
Even so, the occasional spam email may make it through, especially if a hacker is mimicking
someone you know, like a professional colleague or company you do business with. Employees
need to use their common sense filters in addition to any spam filter software.

7. Shut down Computers When Not in Use

It’s tempting to want to leave your computer on and ready for the next day of work. But when your
computer sits idle overnight while connected to the internet or your own network, it becomes more
visible and available to hackers. Limit their access and block them outright just by shutting your

computer down for the night.

8. Encrypt Your Files

The thought of a hacker getting inside your networks is a major cause for alarm. Imagine, however,
their surprise when all they find is a bunch of gibberish? Encryption can protect sensitive data
on Windows or Mac operating systems using software specifically designed to mask your IP
address. You can identify whether a website has been secured using encryption by looking for
“https” in the address bar along with a padlock icon.

9. Secure Personal Devices

Employees increasingly use their smartphones and other mobile devices to access information at
work. Consider implementing a policy for using personal devices to ensure individuals
are following security protocols.

Some quick tips for securing both personal information and sensitive work data include turning
off Bluetooth, never using unsecured public Wi-Fi and following the same advice for complex
personal device passcodes as you would for your work computer systems.

10. Ask for Help

Page 8 of 10
When you’re managing your IT internally, the pressure is on to make sure you’re adequately
protected against hacking and viruses. While having all these measures in place and ensuring
employees are following best practices, it’s still difficult to keep up with the latest cyber threats.

One of the best ways to overcome these challenges is to enlist the help of a technology
management provider that stays updated on the latest threats and whose job it is to make your
systems as secure as possible. When you work with a technology management provider, you
get laser-focused monitoring and attention 24/7.

Chapter three part2

Introduction to Security Management

Because system security is the aggregate of individual component security, "system boundaries"
must encompass individual users and their workstations. But because personal computers are
just that (personal), staff behavior can't always be dictated without potentially hampering workers'
overall productivity. Recall that security policy becomes ineffective if it's so restrictive that
legitimate user access is threatened. Thus, a key to successful security implementation is finding
a reasonable balance between system protection and user autonomy and convenience. The person
responsible for finding that balance and actively promoting organizational security is the security
manager.

Security management consists of nurturing a security-conscious organizational culture, developing

tangible procedures to support security, and managing the myriad of pieces that make up the
system. The security manager ensures that administration and staff are aware of their security
roles, support security efforts, and are willing to tolerate the minor inconveniences that are
inevitably a part of system change and improvement. After all, if personnel circumvent security
procedures (e.g., write down passwords, share accounts, and disable virus-checking software),
they put the entire system at risk.

Page 9 of 10
Effective system security depends on creating a workplace environment and organizational
structure where management understands and fully supports security efforts, and users are
encouraged to exercise caution. The security manager leads this effort.

A security manager must:

1. Communicate to staff that protecting the system is not only in the organization’s interests,
but also in the best interest of users.
2. Increase staff awareness of security issues.
3. Provide for appropriate staff security training.
4. Monitor user activity to assess security implementation.

Page 10 of 10