Over the past few years, Internet-enabled business or e-business has drastically improved companies’ efficiency and revenue growth. E-business applications such as e-commerce, supply chain management (SCM) and remote access enable companies to streamline processes, lower operating costs and increase customer satisfaction. Such applications require mission-critical networks that accommodate voice, video and data traffic, and these networks must be scalable to support increasing numbers of users and the need for greater capacity and performance.
However, as networks enable more and more applications, and are available to more and more users, they become extremely vulnerable to a wider range of security threats. To combat these threats and ensure that e-business transactions are not compromised, security technology must play a major role in the today’s networks.
Security is the key to the success of any organization. It is necessary for the survival of many businesses to allow open access to network resources and ensure that the data and resources are as secure as possible.
To understand Information Security, we all need to understand, sustain and defend three critical security properties of information: confidentiality, integrity and availability.
Confidentiality: refers to assurance that information can be read and interpreted only by persons and processes explicitly authorized to do so.
Integrity: is the assurance that information remains intact, correct and authentic.
Availability: refers to assurance that authorized users can access and work with information assets, resources and systems, when needed, with sufficient response and performance.
The three core properties of Confidentiality, Integrity and Availability (CIA) serve as the foundation for information security. As information is shared, we must concern ourselves with another layer of properties: Identification, Authentication, Accountability, Non-repudiation, Authorization and Privacy.
If any of these higher-layer properties are compromised, you lose CIA as a whole. The key to mitigating this risk is to securely manage the interactions. This can be accomplished through various means, including, but not limited to a trong authentication mechanisms (e.g., Kerberos, Radius), data encryption (e.g., IPSEC, Encrypting File System, PGP), secure/thorough administrative practices (e.g., access controls, permissions/rights, integrity checking systems) and secure architectural design (e.g., limiting unnecessary services, security perimeters).
The key to achieve security starts from setting appropriate policies.
Administrators and engineers should use the information from the monitor and test phases to make improvements to the security implementation as well as to adjust the security policy as vulnerabilities and risks are identified. Security policies are the basis for sound security implementation. A security policy can be as simple as an acceptable use policy for network resources or it can be several hundred pages in length and detail every element of connectivity and associated policies. According to the Site Security Handbook (RFC 2196), “A security policy is a formal statement of the rules by which people who are given access to an organization’s technology and information assets must abide.” It further states, “A security policy is essentially a document summarizing how the corporation will use and protect its computing and network resources.” Security policies provide many benefits and are worth the time and effort needed to develop them. Developing a security policy:
* Provides a process for auditing existing network security.
* Provides a general security framework for implementing network security.
* Defines which behaviour is and is not allowed.
* Helps determine which tools and procedures are needed for the organization.
* Helps communicate consensus among a group of key decision makers and define responsibilities of users and administrators.
* Defines a process for handling network security incidents.
* Enables global security implementation and enforcement. Computer security is now an enterprise-wide issue, and computing sites are expected to conform to the network security policy.
* Creates a basis for legal action, if necessary.
There is one technique that many companies overlook when developing their Security Architecture, the self-administered vulnerability assessment. The practice of conducting a network Vulnerability Assessment (VA) against one’s own Enterprise can be very beneficial. It could lead to discovering exposures before potential attackers do, and assist in highlighting the overall security posture of the enterprise.
The absence or weakness of a safeguard constitutes vulnerability. A minor threat has the potential to become a greater threat, or a more frequent threat, because of vulnerability. Think of vulnerability as the threat that gets through a safeguard into the system.
There are three-phase cyclical vulnerability assessment procedure.
Conduct Assessment: This phase consists of two main objectives – the planning and performing of the vulnerability assessment. The planning component will include gathering all the relevant information, defining the scope of activities, defining roles and responsibilities and making others aware through the change management process. The method for performing the VA will include interviewing system administrators, reviewing appropriate policies and procedures relating to the systems being assessed and, of course, the security scanning.
Identify Exposures: This phase can include an assortment of tasks. For example, reviewing the resulting data from the assessment phase and tying it into the issue management process so that accountability for the issues are established and the exposures can be resolved. The data can also be stored and reviewed allowing for enterprise-wide risk analysis and trending.
Address Exposures: This phase tries to resolve the exposures identified in the previous phase. Before any steps are taken to fix the problem, an investigation must be conducted to determine if the service that caused the exposure is, in fact, needed. Performing a vulnerability assessment can provide an accurate “point-in-time” representation of the organization’s security posture. This way, it will be possible to accurately develop a risk curve to illustrate how the security posture trends over time. Ideally, the risk curve would be reduced, reaching the point where the network security and business requirements reluctantly meet. After we set our security policies and understand the vulnerabilities on the network, we go ahead and implement the required technology solutions to safeguard and protect our network from various security threats. Which means that we constantly need to keep on monitoring our networks for problem identification and problem resolution, which are the primary goals of monitoring. There are various types of Monitoring Techniques which are listed below:
* Intrusion detection
* Violation processing using clipping levels
* Penetration testing
As we all know and, as stated above, security is an ever-evolving process and after going through various above methodologies, we really need to understand as to whatever was done was implemented in the right fashion to achieve the right organizational goal.
See What’s Next in Tech With the Fast Forward Newsletter
Tweets From @varindiamag
Nothing to see here - yet
When they Tweet, their Tweets will show up here.
