2. Computer security breaches are common
place, and several occur around the world
every day. Some are considered minor, with
little loss of data or monetary resources, but
many of them are considered major, or even
catastrophic.
3. WHAT IS NETWORK SECURITY?
• NETWORK SECURITY
is the process of taking preventative measures to protect the underlying networking
infrastructure from unauthorized access, misuse, malfunction, modification, destruction
or improper disclosure.
Implementing these measures allows computers, users and programs to perform
their permitted critical functions within a secure environment.
Securing a network requires a complex combination of hardware devices, such as
routers, firewalls and anti-malware software applications.
Government agencies and businesses employ highly skilled information security
analysts to implement security plans and constantly monitor the efficacy of these plans.
4. TYPES OF NETWORK SECURITY
• ACCESS CONTROL
This refers to controlling which users have access to the network or
especially sensitive sections of the network. Using security policies, you
can restrict network access to only recognized users and devices or grant
limited access to noncompliant devices or guest users.
• ANTIVIRUS AND ANTI-MALWARE SOFTWARE
Malware, or “malicious software,” is a common form of cyberattack
that comes in many different shapes and sizes. Some variations work
quickly to delete files or corrupt data, while others can lie dormant for
long periods of time and quietly allow hackers a back door into your
systems.
5. TYPES OF NETWORK SECURITY
• APPLICATION SECURITY
Each device and software product used within your networking
environment offers a potential way in for hackers.
For this reason, it is important that all programs be kept up-to-date and patched to
prevent cyberattacks from exploiting vulnerabilities to access sensitive data.
Application security refers to the combination of hardware, software, and best
practices you use to monitor issues and close gaps in your security coverage.
• BEHAVIORAL ANALYTICS
In order to identify abnormal behavior, security support personnel
need to establish a baseline of what constitutes normal behavior for a
given customer’s users, applications, and network.
6. TYPES OF NETWORK SECURITY
• DATA LOSS PREVENTION
Data Loss Prevention (DLP) technologies are those that prevent an
organization’s employees from sharing valuable company information or
sensitive data—whether unwillingly or with ill intent—outside the network.
DLP technologies can prevent actions that could potentially expose data
to bad actors outside the networking environment, such as uploading and
downloading files, forwarding messages, or printing.
• DISTRIBUTED DENIAL OF SERVICE PREVENTION
Distributed denial of service (DDoS) attacks are becoming increasingly
common. They function by overloading a network with one-sided connection
requests that eventually cause the network to crash.
7. TYPES OF NETWORK SECURITY
• EMAIL SECURITY
Email is an especially important factor to consider when
implementing networking security tools. Numerous threat vectors,
like scams, phishing, malware, and suspicious links, can be attached to
or incorporated into emails.
• FIREWALLS
Firewalls are another common element of a network security
model. They essentially function as a gatekeeper between a network
and the wider internet. Firewalls filter incoming and, in some cases,
outgoing traffic by comparing data packets against predefined rules and
policies, thereby preventing threats from accessing the network.
8. TYPES OF NETWORK SECURITY
• MOBILE DEVICE SECURITY
The vast majority of us have mobile devices that carry some form of
personal or sensitive data we would like to keep protected. This is a
fact that hackers are aware of and can easily take advantage of.
Implementing mobile device security measures can limit device access to
a network, which is a necessary step to ensuring network traffic stays private
and doesn’t leak out through vulnerable mobile connections.
• NETWORK SEGMENTATION
Dividing and sorting network traffic based on certain classifications
streamlines the job for security support personnel when it comes to
applying policies. Segmented networks also make it easier to assign or
deny authorization credentials for employees, ensuring no one is accessing
information they should not be.
9. TYPES OF NETWORK SECURITY
• SECURITY INFORMATION AND EVENT MANAGEMENT
These security systems (called SIEMs) combine host-based and
network-based intrusion detection systems that combine real- time
network traffic monitoring with historical data log file scanning to
provide administrators with a comprehensive picture of all activity
across the network.
• WEB SECURITY
Web security software serves a few purposes. First, it limits internet
access for employees, with the intention of preventing them from
accessing sites that could contain malware. It also blocks other web-
based threats and works to protect a customer’s web gateway.
10. WHAT IS OPERATING SYSTEM SECURITY?
• OPERATING SYSTEM SECURITY (OS SECURITY)
is the process of ensuring OS integrity, confidentiality and
availability.
OS security refers to specified steps or measures used to protect
the OS from threats, viruses, worms, malware or remote hacker
intrusions. OS security encompasses all preventive-control
techniques, which safeguard any computer assets capable of
being stolen, edited or deleted if OS security is compromised.
11. OS SECURITY MAY BE APPROACHED IN MANY WAYS,
INCLUDING ADHERENCE TO THE FOLLOWING:
Performing regular OS patch updates
Installing updated antivirus engines and software
Examine all incoming and outgoing network traffic through a firewall
Creating secure accounts with required privileges only (i.e., user
management)
12. WHAT IS APPLICATION SECURITY?
• APPLICATION SECURITY
describes security measures at the application level that aim to prevent data
or code within the app from being stolen or hijacked. It encompasses the
security considerations that happen during application development and design,
but it also involves systems and approaches to protect apps after they get
deployed.
Application security may include hardware, software, and procedures that
identify or minimize security vulnerabilities. A router that prevents anyone from
viewing a computer’s IP address from the Internet is a form of hardware
application security. But security measures at the application level are also
typically built into the software, such as an application firewall that strictly defines
what activities are allowed and prohibited.
13. TYPES OF APPLICATION SECURITY
AUTHENTICATION:
When software developers build procedures into an application to ensure that
only authorized users gain access to it. Authentication procedures ensure that a
user is who they say they are. This can be accomplished by requiring the user to
provide a user name and password when logging in to an application.
AUTHORIZATION
After a user has been authenticated, the user may be authorized to access
and use the application. The system can validate that a user has permission to
access the application by comparing the user’s identity with a list of authorized
users. Authentication must happen before authorization so that the application
matches only validated user credentials to the authorized user list.
15. TYPES OF APPLICATION SECURITY
ENCRYPTION
After a user has been authenticated and is using the application, other security
measures can protect sensitive data from being seen or even used by a
cybercriminal. In cloud-based applications, where traffic containing sensitive data
travels between the end user and the cloud, that traffic can be encrypted to keep the
data safe.
LOGGING
If there is a security breach in an application, logging can help identify who got
access to the data and how. Application log files provide a time-stamped record of
which aspects of the application were accessed and by whom.
APPLICATION SECURITY TESTING
A necessary process to ensure that all of these security controls work properly.
16. APPLICATION SECURITY IN THE CLOUD
APPLICATION SECURITY IN THE CLOUD
poses some extra challenges. Because cloud environments provide
shared resources, special care must be taken to ensure that users only
have access to the data they are authorized to view in their cloud-based
applications. Sensitive data is also more vulnerable in cloud-based
applications because that data is transmitted across the Internet from the
user to the application and back.
17. MOBILE APPLICATION SECURITY
Mobile devices also transmit and receive information across the Internet, as
opposed to a private network, making them vulnerable to attack.
Enterprises can use virtual private networks (VPNs) to add a layer of mobile
application security for employees who log in to applications remotely.
IT departments may also decide to vet mobile apps and make sure they
conform to company security policies before allowing employees to use
them on mobile devices that connect to the corporate network.
18. WEB APPLICATION SECURITY
WEB APPLICATION SECURITY
applies to web applications—apps or services that users access through
a browser interface over the Internet. Because web applications live on
remote servers, not locally on user machines, information must be
transmitted to and from the user over the Internet.
Web application security is of special concern to businesses that host
web applications or provide web services. These businesses often
choose to protect their network from intrusion with a web application
firewall. A web application firewall works by inspecting and, if necessary,
blocking data packets that are considered harmful.