A network which is connected to the Internet is vulnerable to attack using some of the methods that we saw on the threats to networks page. There are a number of ways which we can keep our networks safer and more secure and the ways in which we do this also depend on the type of network that we are managing. A home network will require less security and a large Business Network , although it is still important to have some basic security measures in place.
It’s likely that you already have some of the most basic network security set up on your own systems. Setting up strong passwords to ensure that only the authorised user can access accounts is an important part of network security. Often , you will find that you are forced to change these on a regular basis. This ensures that if your password has been accessed by someone else it is not vulnerable forever.
You may also find that some of the software used to protect the network is also on your computer. Anti malware software such as firewalls, antivirus, and antispyware also used and protecting network as well as protecting your own computer. Network firewall works in the same way as the firewall on your own system, preventing unauthorised access from outside the network from entering.
One of the most basic forms of protecting a network is by setting network policies. In its most basic form, a network policy is a rule about what can and cannot be performed on a device connected to a network. In a home network this may be a rule which is set on the software of the router. Newer smart routers often contain this software allowing parental controls to be set. On a large Business Network these rules would be set up on the proxy server. The proxy server acts like a gateway for data going in and out of the network and ensuring that the data meets the corporate policies (that is the rules set by the management of the company). It’s quite likely that you have come across a proxy server at school if you have ever found that an internet site, video, or image has been blocked on your network.
User Access Levels
Another simple way to ensure the network is protected is to set up user access levels. User access levels allow the network manager to assign different uses different permissions to areas of the network . Often, these are done in different groups and we refer to them as virtual networks. This means that when a user logs onto any machine in the network their access level is applied automatically and they will only be able to see and edit the data that they are authorised to access.
In some networks, more involved tasks are performed on a regular basis to protect the data and hardware in the networks from different forms of attack and security risks. One example of these tasks is penetration testing. When penetration testing is undertaken an expert in data security is often brought in test for vulnerabilities in the network. Sometimes we refer to this as white hat hacking (this simply means that the person undertaking the testing has knowledge of how to hack into a system, but is using it to help prevent the vulnerabilities instead of exploiting them).
Another technical task that can be undertaken network forensics. Like the name suggests, network forensics involves Using software to track how the network is being used and which users are accessing which data. Sometimes this can be as simple as keeping a log of the data that has been accessed by each user, or as complex as following the data packets around the system to detect unauthorised access attempts and trace them to the device that they came from.