The Little Geeni

Keeping your network up and running is a hardware issue. Keeping your network under control is a sociological one. What used to be the purview of a select group of security professionals and their adversaries has turned into a set of recipes for breaking into, defacing, or stealing information from various computer networks. With the internet, one does not need to be a genius to be a cracker or computer criminal. One needs a certain amorality and access to Google and the wits to follow a step-by-step tutorial. Sadly, targets abound for them.

Fortunately, your network needn’t be one of them. No network can be made perfectly safe, but a well-constructed network security policy can weed out the majority of threat vectors. Network security is fundamentally about tracking log files, accounting for logins and user activity and auditing anything that looks suspicious.

Like all things dealing with security, the significant trade-off is security versus ease of use. Anything that’s more secure will be intrusive, and one of the most compromised vectors for network security is the human element. If your security policies are onerous, and keep people from doing their work on the network, they will be circumvented by members of your organisation who will resent the put down on their time.

Communication with your organisation’s members is important. A good network security policy addresses the human factors in securing your data. It needs to explain what your organisation’s policies are, regarding proper use of computer and network equipment, and what procedures must be followed. It should have a clearly listed response chain for security incidents.

Some basic tips:

1) Be very clear in explaining why certain policy decisions have been made and what their costs are. Make people understand why they have to go through strange procedures, or have computers with no optical drives.

2) Understand that one size does not fit all; one of the worst examples of a network security policy is one that presumes that everything needs the same heightened level of security. In addition to driving productivity to a standstill, it often results in worse security, as people attempt to get their work done and leave classified documents out in the open rather than check them in and check them out every time they go to the rest room.

3) Evaluate your hardware as part of the policy. Do triage – what can you live with and live without? What absolutely needs to be restricted access, what needs off site backups to maintain organizational continuity and if an asset were lost, how much would it cost to replace? Will you spend more in employee time than the replacement costs, or are the replacement costs catastrophic?

4) Next, identify possible threats. What ways can someone access or distribute your data?

Once these have been identified, consider aspects such as physical security; who has access to the computers and the facility?, network security; who is to have access to which data sets, and authentication; how do you determine the right level of access per person and that the right people are using their pass codes?

Computer Security Network, Policy, Security, Write

Network security is vitally important for most business systems. Whilst email viruses and denial-of-service attacks (DoS attack) may cause us headaches on our home systems, for businesses, these sorts of attacks can cripple a network for days – costing businesses hundreds of millions each year in lost revenue.

Keeping a network secure to prevent this type of malicious attack is usually of paramount importance for network administrators, and while most invest heavily in some forms of security measures there is often vulnerabilities inadvertently left exposed.

Firewalls are the best place to begin when you are trying to develop a secure network. A firewall can be implemented in either hardware or software, or most commonly a combination of both. Firewalls are used to prevent unauthorized users from accessing private networks connected to the Internet, especially local intranets. All traffic entering or leaving the intranet pass through the firewall, which examines each message and blocks those that do not meet the specified criteria.

Anti-virus software works in two ways. Firstly it acts similarly to a firewall by blocking anything that is identified in its database as possibly malicious (viruses, Trojans, spyware etc). Secondly Anti-virus software is used to detect, and remove existing malware on a network or workstation.

One of the most over-looked aspects of network security is time synchronization. Network administrators either fail to realise the importance of synchronization between all devices on a network. Failing to synchronize a network is often a common security issue. Not only can malicious users take advantage of computers running at different times but if a network is struck by an attack, identifying and rectifying the problem can be near impossible if every device is running on a different time.

Even when a network administrator is aware of the importance of time synchronization they often make a common security mistake when attempting to synchronize their network. Instead of investing in a dedicated time server that receives a secure source of UTC (Coordinated Universal Time) externally from their network using atomic clock sources like GPS, some network administrators opt to use a shortcut and use a source of Internet time.

There are two major security issues in using the Internet as a time server. Firstly, to allow the time code through the network a UDP port (123) has to be left open in the firewall. This can be taken advantage of by malicious users who can use this open port as an entrance to the network. Secondly, the inbuilt security measure used by the time protocol NTP, known as authentication, doesn’t work across the Internet which means that NTP has no guarantee the time signal is coming from where it is supposed to.

To ensure your network is secure isn’t it time you invested in an external dedicated NTP time server?

Computer Security –Beginners, Guide, Keeping, Network, Secure

PCI Compliance affects millions of businesses around the world – e-commerce businesses, retail merchants and more.  This article will provide you with information about PCI compliance and how your network security provider should help you maintain it.  Whether you’re a business owner, an executive, or an IT manager, the following information will be beneficial to you.

Payment Card Industry (PCI) is a worldwide information security standard assembled by the Payment Card Industry Security Standards Council (PCI SSC). The standard, which is currently comprised of 12 guidelines, was created to help organizations that process card payments prevent credit card fraud through increased controls around data and its exposure to compromise.

The standard applies to all organizations which hold, process, or pass cardholder information from any card branded with the logo of one of the card brands, including shopping cart sites, e-commerce and retail merchants and other merchant services providers.

PCI compliance is critical for millions of businesses around the world.  What about yours?  And how does your network security provider help you to maintain PCI compliance?

Your network security provider should be able to address at least 5 of the critical PCI compliance requirements. They should also support periodic audits by generating reports and information to validate compliance to corporate policies and identify noncompliance issues prior to an audit.

Building and Maintaining a Secure Network
PCI Compliance Requirement 1: Install and maintain a firewall configuration to protect cardholder data
PCI Compliance Requirement 2: Do not use vendor-supplied defaults for system passwords and other security parameters

Network security providers maintain the integrity of the firewall by scanning for open ports that create outside access to the network. As part of an applied security policy, blank passwords must be identified and checked against 25 other security best practices.

Maintaining a Vulnerability Management Program
PCI Compliance Requirement 5: Use and regularly update anti-virus software
PCI Compliance Requirement 6: Develop and maintain secure systems and applications

Your network security provider should provide some of the most comprehensive vulnerability monitoring available on the market, covering 6 distinct security domains:

– Unapproved Software: Ensure that all software applications installed on your computer networks are approved by your company’s security policy.
– Suspicious Traffic: Detect abnormal traffic on your network that could indicate an attempt to access or manipulate your computers.
– Intrusion Vulnerability: Identify open ports or other undesired access points that could put your network at risk of intrusion.
– Malware Protection: Protect your network by ensuring antivirus and other network security software are installed, updated and functioning properly on all computers.
– Updates & Patches: Assure all critical security updates and patches are installed, with Microsoft’s minimum protection.
– Security Practices: Ensure all your computers are configured and used in accordance with best practices for network security.
– Clear Blue Agents: Monitor your network security status and lets you know how to solve any problems it detects.
– Virtual Security Assistant: Provide 24/7 security for your entire network at a fraction of the cost of human domain experts.

Regularly Monitoring and Testing Networks
PCI Compliance Requirement 11: Regularly test security systems and processes

This includes monitoring your entire network, including laptops, 24 hours a day, 7 days a week. As a SaaS enabled product, network security constantly provides updated security best practices and policies to your network.

Computer Security Compliance, Maintains, Network, Provider, Security

Network security auditing is one of the first steps in truly securing your computer or network environment. The purpose of network & security audits is to make sure that a company has followed the necessary steps for protecting its data. These audits usually involve a set of periodic, pro-active compliance and assurance procedures that help in the assessment of the security of the IT infrastructure of your organization.

The network & security audits encompass security architecture, security policy, and vulnerability assessment of  your information network. Many a time, these audits are performed by ethical hackers employed by the auditing companies on entire networks to assess the potential network vulnerabilities of your IT infrastructure. The ethical hacking team usually stimulates an attack without interrupting and damaging your crucial network services. This not only tests the network, but also the awareness and response of your company staff based on the assessment.

The professionals undertaking network & security audits create a detailed report of vulnerabilities and loopholes in your network security system, and also propose best practices for your network environment. The establishment of clear security policies and procedures would help you in better protection of your company’s information network by advising employees of expected conduct with regard to the proprietary information and use of company equipment.

Often, the term penetration test is used interchangeably with network & security audits. However, it is important to understand that both are not the same thing. Penetration Testing involves a very narrowly focused attempt to identify the security lapses in a critical resource like a firewall or Web server. Penetration testers usually look at one service on a network resource with minimum inside information.

On the other hand, network & security audits are systematic and measurable technical assessment of your organization’s security policy on a larger scale. The network auditors often work with the complete knowledge of the organization, sometimes even with inside information, for thorough understanding of the resources to be audited.

The network security auditors undertake their work through personal interviews, detailed examination of your operating system settings, vulnerability scans, proper analyses of network shares, and historical data. Their primary concern is how the security policies of your company, which form the foundation of an effective security strategy of any company, are actually used.

For getting more information on network consulting and Network & Security Audits, visit pronetexpert.com.

Computer Security Audits, Environment, Network, Secure, Security