Computer-Network Security
Bryley Systems Inc.
Bryley Communications Inc.
Synopsis
Are you worried about the security of your
computer network?
Learn the latest on protecting your system
from spyw...
Presenters
• Michael R. Carlson
- Chief Technical Officer
- Microsoft CSE and HP ASE
- Over 15 years in computer industry
...
About Bryley
• Business Technology Solutions
• Established and incorporated 1987
• Full-service, end-to-end provider:
-

C...
About Bryley (continued)
• Seasoned, experienced, friendly staff
• Flexible contract and service options
• Long-term, stab...
Agenda
I. Common Threats
II. Preventative measures
III. Questions and answers

Copyright 2005

6
I. Common Threats
•
•
•
•
•
•
•
I.
II.
III.

Viruses
Spyware
Spam
Phishing
Objectionable Content
External Threats
The Thre...
Viruses
•
•
•
•

Self-replicating
Consumes system and network resources
Corrupts programs and data
Several types
–
–
–
–

...
Spyware
•
•
•
•

Gathers information about computer use
patterns
Slows system response, may cause errors
and instability
C...
Spam
•
•
•
•
•

Unsolicited advertising e-mail
Also includes messages trying to spread
viruses and spyware
Wastes employee...
Phishing
•

•

E-mail that insists that an account must be
updated or verified, usually for “security
reasons”
E-mail cont...
Objectionable Content
•
•
•

Spam-borne
Web-based
Liability issues

Copyright 2005

12
External Threats
•
•
•

Internet connected systems are often
scanned for know vulnerabilities
Compromised systems are used...
The Threat Within
•
•
•
•
•
•

Unnecessary access allows careless or malevolent
employees to move or delete data
Passwords...
II. Preventative Measures
•
•
•
•
•
•
•

Computer & Internet Use Policy
Security Policy
User Education
Security Technologi...
Computer & Internet Use Policy
•
•
•
•
•

Defines how employees use while reducing
organization’s liability
As formal as o...
Computer & Internet Use Policy
(continued)
•
•
•
•

PC and Internet access provided for businessuse only
Reduce or elimina...
Security Policy
•
•
•
•

Complements the Computer & Internet Use
policy
Defines from a technology standpoint what is
allow...
User Education
•

Avoid virus infection and spyware installation
–
–
–
–

Do not open unexpected e-mail attachments
Do not...
User Education (continued)
•

Avoid using “remember password”, especially
on portable devices that may be lost or
stolen.
...
Security Technologies
•
•
•
•
•
•
•
•

Operating System Security
Firewall
VPN
Virus and Spyware Protection
SPAM Filtering
...
Security Technologies –
Operating System Security

•
•
•
•
•
•
•
•
•
•
•
•

All users should have their own username and p...
Security Technologies –

Operating System Security (continued)
•
•
•

Administrative access should be limited
If at all po...
Security Technologies –
•
•
•

Firewall

Controls network traffic between its interfaces
(typically LAN and Internet)
Defa...
Security Technologies –
•
•
•

Firewall (continued)

Additional interfaces
Other technologies included in firewall
Softwar...
Security Technologies –
•
•
•
•

VPN

Encrypted connection over the Internet
Primary is always a hardware device
Remote ha...
Security Technologies –
•
•
•
•

Virus and Spyware Protection

Spyware detection is often available as an
add-on to an ant...
Security Technologies –
SPAM Filtering

•
•
•
•
•

ISP mail filtering
Single user
Subscription service
Onsite mail filteri...
Security Technologies –
•
•
•
•

Internet-Site Blocking

Restrict access to non-productive web-sites
on the Internet
Log o...
Security Technologies –

•
•
•
•
•

Intrusion Detection & Prevention

Examines network traffic against a database
of known...
Security Technologies –
•
•

Layering

Multiple, redundant levels of protection
Multi-vendor solutions at key areas

Copyr...
Wireless Security
•
•
•
•
•

Non-secured wireless networks allow
unauthorized users to connect
Enable the best security co...
Backup
•
•

Store all data on servers
Data-backup plan:
–
–
–
–

•

Who manages the process
What gets backed-up and how of...
Disaster Recovery
•
•
•
•

Create & distribute a contingency plan
Backup data often and rotate media
Test restoration of b...
III. Questions and Answers

Copyright 2005

35
V. Solving problems

Copyright 2005

36
VI. Questions and Answers

Copyright 2005

37
Copyright 2005

38
Copyright 2005

39
Upcoming SlideShare
Loading in...5
×

Computer Network Security

567

Published on

Learn the latest on protecting your system from spyware, spam, and unauthorized access. Discover what you need to do to ensure the integrity of your company’s valuable data.

Published in: Technology
0 Comments
0 Likes
Statistics
Notes
  • Be the first to comment

  • Be the first to like this

No Downloads
Views
Total Views
567
On Slideshare
0
From Embeds
0
Number of Embeds
1
Actions
Shares
0
Downloads
29
Comments
0
Likes
0
Embeds 0
No embeds

No notes for slide

Computer Network Security

  1. 1. Computer-Network Security Bryley Systems Inc. Bryley Communications Inc.
  2. 2. Synopsis Are you worried about the security of your computer network? Learn the latest on protecting your system from spyware, spam, and unauthorized access. Discover what you need to do to ensure the integrity of your company’s valuable data. Copyright 2005 2
  3. 3. Presenters • Michael R. Carlson - Chief Technical Officer - Microsoft CSE and HP ASE - Over 15 years in computer industry Gavin H. Livingstone - Over 25 years in computer industry Copyright 2005 3
  4. 4. About Bryley • Business Technology Solutions • Established and incorporated 1987 • Full-service, end-to-end provider: - Computer networks Network security Telephone systems Voice and data cabling Copyright 2005 4
  5. 5. About Bryley (continued) • Seasoned, experienced, friendly staff • Flexible contract and service options • Long-term, stable relationships Copyright 2005 5
  6. 6. Agenda I. Common Threats II. Preventative measures III. Questions and answers Copyright 2005 6
  7. 7. I. Common Threats • • • • • • • I. II. III. Viruses Spyware Spam Phishing Objectionable Content External Threats The Threat Within Common Threats Preventative measures Questions and answers Copyright 2005 7
  8. 8. Viruses • • • • Self-replicating Consumes system and network resources Corrupts programs and data Several types – – – – Program and Macro viruses Scripts E-mail worms Trojans Copyright 2005 8
  9. 9. Spyware • • • • Gathers information about computer use patterns Slows system response, may cause errors and instability Compromises user privacy Often installed with the user’s permission Copyright 2005 9
  10. 10. Spam • • • • • Unsolicited advertising e-mail Also includes messages trying to spread viruses and spyware Wastes employees’ time distinguishing legitimate e-mail from SPAM Legitimate e-mail may be inadvertently deleted. Not unusual for a majority of e-mail to be SPAM Copyright 2005 10
  11. 11. Phishing • • E-mail that insists that an account must be updated or verified, usually for “security reasons” E-mail contains links to a web site that is similar in design and name to the legitimate web site Copyright 2005 11
  12. 12. Objectionable Content • • • Spam-borne Web-based Liability issues Copyright 2005 12
  13. 13. External Threats • • • Internet connected systems are often scanned for know vulnerabilities Compromised systems are used to send SPAM or store illegal content Targeted attacks Copyright 2005 13
  14. 14. The Threat Within • • • • • • Unnecessary access allows careless or malevolent employees to move or delete data Passwords which are easily guessed or written down allow access to other employees’ accounts Stolen or lost portable devices contain data and may allow for unauthorized remote access rnet connected systems are often scanned for know vulnerabilities Compromised systems are used to send SPAM or store illegal content Targeted attacks Copyright 2005 14
  15. 15. II. Preventative Measures • • • • • • • Computer & Internet Use Policy Security Policy User Education Security Technologies Wireless Security Backup Disaster Recovery Copyright 2005 15
  16. 16. Computer & Internet Use Policy • • • • • Defines how employees use while reducing organization’s liability As formal as other policy documents Use company-approved software only Do not share accounts and passwords Do not write down passwords Copyright 2005 16
  17. 17. Computer & Internet Use Policy (continued) • • • • PC and Internet access provided for businessuse only Reduce or eliminate unproductive use (personal shopping, entertainment) Prohibit illegal use (downloading copyrighted materials, gambling) Limit legal liability (sexual harassment, illegal activities) Copyright 2005 17
  18. 18. Security Policy • • • • Complements the Computer & Internet Use policy Defines from a technology standpoint what is allowed and not allowed on the network Defines the process for making changes, including who authorizes changes Needed when a firewall, anti-spam, or Internet filtering solution is installed Copyright 2005 18
  19. 19. User Education • Avoid virus infection and spyware installation – – – – Do not open unexpected e-mail attachments Do not install “free” or “ad-supported” software Do not click on pop-up ads Be careful when responding to requests to install something from a web site. These requests might be worded in a deceptive or misleading manner. Copyright 2005 19
  20. 20. User Education (continued) • Avoid using “remember password”, especially on portable devices that may be lost or stolen. To avoid phishing and other scams: • – – – – Be skeptical of requests for personal info Do not respond to suspicious e-mail If concerned, contact the company through a previously established channel Review credit-card and bank statements carefully Copyright 2005 20
  21. 21. Security Technologies • • • • • • • • Operating System Security Firewall VPN Virus and Spyware Protection SPAM Filtering Internet-Site Blocking Intrusion Detection & Prevention Layering Copyright 2005 21
  22. 22. Security Technologies – Operating System Security • • • • • • • • • • • • All users should have their own username and password Require minimum password length and periodic password changes Use file and directory security to limit user access Enable auditing and/or encryption on sensitive files and directories Operating System Security Firewall VPN Virus and Spyware Protection SPAM Filtering Internet-Site Blocking Intrusion Detection & Prevention Layering Copyright 2005 22
  23. 23. Security Technologies – Operating System Security (continued) • • • Administrative access should be limited If at all possible, administrators should use a non-privileged account for day to day work Install vendor-supplied security patches Layering Copyright 2005 23
  24. 24. Security Technologies – • • • Firewall Controls network traffic between its interfaces (typically LAN and Internet) Default rules block inbound traffic, allow outbound traffic Stateful packet inspection Copyright 2005 24
  25. 25. Security Technologies – • • • Firewall (continued) Additional interfaces Other technologies included in firewall Software firewalls Copyright 2005 25
  26. 26. Security Technologies – • • • • VPN Encrypted connection over the Internet Primary is always a hardware device Remote hardware devices Software client Copyright 2005 26
  27. 27. Security Technologies – • • • • Virus and Spyware Protection Spyware detection is often available as an add-on to an antivirus package Compares files or e-mail messages against known signatures Subscription for updates is a necessity Multiple protection points Copyright 2005 27
  28. 28. Security Technologies – SPAM Filtering • • • • • ISP mail filtering Single user Subscription service Onsite mail filtering Some anti-spam options: – – – McAfee Anti-Spam Postini SurfControl Copyright 2005 28
  29. 29. Security Technologies – • • • • Internet-Site Blocking Restrict access to non-productive web-sites on the Internet Log only or log and block PC-based, firewall-based, separate device Site categorization subscription Copyright 2005 29
  30. 30. Security Technologies – • • • • • Intrusion Detection & Prevention Examines network traffic against a database of known attacks Rules-based escalation process Dynamically configures routers and firewalls to ignore traffic from attacking sites Available on some firewalls Sensors can be placed on the LAN to detect and block virus activity internally Copyright 2005 30
  31. 31. Security Technologies – • • Layering Multiple, redundant levels of protection Multi-vendor solutions at key areas Copyright 2005 31
  32. 32. Wireless Security • • • • • Non-secured wireless networks allow unauthorized users to connect Enable the best security compatible with all devices Do not broadcast SSID WPA if possible, otherwise WEP Access points and firewalls that support VPN Copyright 2005 32
  33. 33. Backup • • Store all data on servers Data-backup plan: – – – – • Who manages the process What gets backed-up and how often Schedule off-site rotation Review backup logs Ask for our free Server-Backup Guide Copyright 2005 33
  34. 34. Disaster Recovery • • • • Create & distribute a contingency plan Backup data often and rotate media Test restoration of backup data Build redundancy into all business-critical systems: Phone, computer-network, networksecurity, etc. Copyright 2005 34
  35. 35. III. Questions and Answers Copyright 2005 35
  36. 36. V. Solving problems Copyright 2005 36
  37. 37. VI. Questions and Answers Copyright 2005 37
  38. 38. Copyright 2005 38
  39. 39. Copyright 2005 39
  1. A particular slide catching your eye?

    Clipping is a handy way to collect important slides you want to go back to later.

×