Computer Network Security

1,055 views

Published on

Learn the latest on protecting your system from spyware, spam, and unauthorized access. Discover what you need to do to ensure the integrity of your company’s valuable data.

Published in: Technology
1 Comment
0 Likes
Statistics
Notes
  • Be the first to like this

No Downloads
Views
Total views
1,055
On SlideShare
0
From Embeds
0
Number of Embeds
107
Actions
Shares
0
Downloads
41
Comments
1
Likes
0
Embeds 0
No embeds

No notes for slide

Computer Network Security

  1. 1. Computer-Network Security Bryley Systems Inc. Bryley Communications Inc.
  2. 2. Synopsis Are you worried about the security of your computer network? Learn the latest on protecting your system from spyware, spam, and unauthorized access. Discover what you need to do to ensure the integrity of your company’s valuable data. Copyright 2005 2
  3. 3. Presenters • Michael R. Carlson - Chief Technical Officer - Microsoft CSE and HP ASE - Over 15 years in computer industry Gavin H. Livingstone - Over 25 years in computer industry Copyright 2005 3
  4. 4. About Bryley • Business Technology Solutions • Established and incorporated 1987 • Full-service, end-to-end provider: - Computer networks Network security Telephone systems Voice and data cabling Copyright 2005 4
  5. 5. About Bryley (continued) • Seasoned, experienced, friendly staff • Flexible contract and service options • Long-term, stable relationships Copyright 2005 5
  6. 6. Agenda I. Common Threats II. Preventative measures III. Questions and answers Copyright 2005 6
  7. 7. I. Common Threats • • • • • • • I. II. III. Viruses Spyware Spam Phishing Objectionable Content External Threats The Threat Within Common Threats Preventative measures Questions and answers Copyright 2005 7
  8. 8. Viruses • • • • Self-replicating Consumes system and network resources Corrupts programs and data Several types – – – – Program and Macro viruses Scripts E-mail worms Trojans Copyright 2005 8
  9. 9. Spyware • • • • Gathers information about computer use patterns Slows system response, may cause errors and instability Compromises user privacy Often installed with the user’s permission Copyright 2005 9
  10. 10. Spam • • • • • Unsolicited advertising e-mail Also includes messages trying to spread viruses and spyware Wastes employees’ time distinguishing legitimate e-mail from SPAM Legitimate e-mail may be inadvertently deleted. Not unusual for a majority of e-mail to be SPAM Copyright 2005 10
  11. 11. Phishing • • E-mail that insists that an account must be updated or verified, usually for “security reasons” E-mail contains links to a web site that is similar in design and name to the legitimate web site Copyright 2005 11
  12. 12. Objectionable Content • • • Spam-borne Web-based Liability issues Copyright 2005 12
  13. 13. External Threats • • • Internet connected systems are often scanned for know vulnerabilities Compromised systems are used to send SPAM or store illegal content Targeted attacks Copyright 2005 13
  14. 14. The Threat Within • • • • • • Unnecessary access allows careless or malevolent employees to move or delete data Passwords which are easily guessed or written down allow access to other employees’ accounts Stolen or lost portable devices contain data and may allow for unauthorized remote access rnet connected systems are often scanned for know vulnerabilities Compromised systems are used to send SPAM or store illegal content Targeted attacks Copyright 2005 14
  15. 15. II. Preventative Measures • • • • • • • Computer & Internet Use Policy Security Policy User Education Security Technologies Wireless Security Backup Disaster Recovery Copyright 2005 15
  16. 16. Computer & Internet Use Policy • • • • • Defines how employees use while reducing organization’s liability As formal as other policy documents Use company-approved software only Do not share accounts and passwords Do not write down passwords Copyright 2005 16
  17. 17. Computer & Internet Use Policy (continued) • • • • PC and Internet access provided for businessuse only Reduce or eliminate unproductive use (personal shopping, entertainment) Prohibit illegal use (downloading copyrighted materials, gambling) Limit legal liability (sexual harassment, illegal activities) Copyright 2005 17
  18. 18. Security Policy • • • • Complements the Computer & Internet Use policy Defines from a technology standpoint what is allowed and not allowed on the network Defines the process for making changes, including who authorizes changes Needed when a firewall, anti-spam, or Internet filtering solution is installed Copyright 2005 18
  19. 19. User Education • Avoid virus infection and spyware installation – – – – Do not open unexpected e-mail attachments Do not install “free” or “ad-supported” software Do not click on pop-up ads Be careful when responding to requests to install something from a web site. These requests might be worded in a deceptive or misleading manner. Copyright 2005 19
  20. 20. User Education (continued) • Avoid using “remember password”, especially on portable devices that may be lost or stolen. To avoid phishing and other scams: • – – – – Be skeptical of requests for personal info Do not respond to suspicious e-mail If concerned, contact the company through a previously established channel Review credit-card and bank statements carefully Copyright 2005 20
  21. 21. Security Technologies • • • • • • • • Operating System Security Firewall VPN Virus and Spyware Protection SPAM Filtering Internet-Site Blocking Intrusion Detection & Prevention Layering Copyright 2005 21
  22. 22. Security Technologies – Operating System Security • • • • • • • • • • • • All users should have their own username and password Require minimum password length and periodic password changes Use file and directory security to limit user access Enable auditing and/or encryption on sensitive files and directories Operating System Security Firewall VPN Virus and Spyware Protection SPAM Filtering Internet-Site Blocking Intrusion Detection & Prevention Layering Copyright 2005 22
  23. 23. Security Technologies – Operating System Security (continued) • • • Administrative access should be limited If at all possible, administrators should use a non-privileged account for day to day work Install vendor-supplied security patches Layering Copyright 2005 23
  24. 24. Security Technologies – • • • Firewall Controls network traffic between its interfaces (typically LAN and Internet) Default rules block inbound traffic, allow outbound traffic Stateful packet inspection Copyright 2005 24
  25. 25. Security Technologies – • • • Firewall (continued) Additional interfaces Other technologies included in firewall Software firewalls Copyright 2005 25
  26. 26. Security Technologies – • • • • VPN Encrypted connection over the Internet Primary is always a hardware device Remote hardware devices Software client Copyright 2005 26
  27. 27. Security Technologies – • • • • Virus and Spyware Protection Spyware detection is often available as an add-on to an antivirus package Compares files or e-mail messages against known signatures Subscription for updates is a necessity Multiple protection points Copyright 2005 27
  28. 28. Security Technologies – SPAM Filtering • • • • • ISP mail filtering Single user Subscription service Onsite mail filtering Some anti-spam options: – – – McAfee Anti-Spam Postini SurfControl Copyright 2005 28
  29. 29. Security Technologies – • • • • Internet-Site Blocking Restrict access to non-productive web-sites on the Internet Log only or log and block PC-based, firewall-based, separate device Site categorization subscription Copyright 2005 29
  30. 30. Security Technologies – • • • • • Intrusion Detection & Prevention Examines network traffic against a database of known attacks Rules-based escalation process Dynamically configures routers and firewalls to ignore traffic from attacking sites Available on some firewalls Sensors can be placed on the LAN to detect and block virus activity internally Copyright 2005 30
  31. 31. Security Technologies – • • Layering Multiple, redundant levels of protection Multi-vendor solutions at key areas Copyright 2005 31
  32. 32. Wireless Security • • • • • Non-secured wireless networks allow unauthorized users to connect Enable the best security compatible with all devices Do not broadcast SSID WPA if possible, otherwise WEP Access points and firewalls that support VPN Copyright 2005 32
  33. 33. Backup • • Store all data on servers Data-backup plan: – – – – • Who manages the process What gets backed-up and how often Schedule off-site rotation Review backup logs Ask for our free Server-Backup Guide Copyright 2005 33
  34. 34. Disaster Recovery • • • • Create & distribute a contingency plan Backup data often and rotate media Test restoration of backup data Build redundancy into all business-critical systems: Phone, computer-network, networksecurity, etc. Copyright 2005 34
  35. 35. III. Questions and Answers Copyright 2005 35
  36. 36. V. Solving problems Copyright 2005 36
  37. 37. VI. Questions and Answers Copyright 2005 37
  38. 38. Copyright 2005 38
  39. 39. Copyright 2005 39

×