Network Security and Defense against Insider Attacks


Added on  2019-09-24

8 Pages2647 Words154 Views
Table of ContentsIntroduction2Part 2: Network security Assessment3Bibliography 7
Network Security and Defense against Insider Attacks_1

Introduction:Securing the information from the threat is information security. It involves ininformation management, network security and data security. Different security layers arephysical security, network security, host security, perimeter defense and mobile device security.For any information three types of security goals should be satisfied. Confidentiality, integrityand availability of information should be maintained. But when these goals are unable to satisfythen it will be easy for the attacker to gain the access to the information. Let us discuss some ofthe security requirements, preventions and counter measures to provide network security.Physical security:Physical security is the process of securing the hardware, network and stored data from thephysical conditions which could cause permanent or temporary loss to an organization. Theattack may be two types of category. It can be from the outside of the company or from withinthe organization. The attacker tries to hack the system by threatening the password protected bythe company. This type of attack is from the outside of the company. When an employee of thecompany tries to hack the system in order to give the information of the company to the thirdparty attacker then this is said to be the attack within the company. Physical security requirements:Some of the physical security requirements are i.Stored data must be kept confidentially and should be used in one or more secure room inthe organization.ii.The secure rooms or server room should not be dedicated to specific project level.iii.The rooms must have one or two entry or exit point and should be protected with theemployee id.iv.The inside environment of the organization should not be visible to the outsideenvironment.Prevention:Physical security of the organization should be taken care. Facility such as traffic flow, naturalterrain, interior walls and doors, fire security should be considered. To avoid the physicalsecurity issues it should be prevented using alarm system, lock and keys, electronic monitoring,ID cards, smart card and vulnerabilities, motion detectors and using RFID tags. Alarm system isused by sensing the environmental changes by using sensors such as water sensor, motion sensor,ultrasonic sensor etc. ID cards and smart cards are used for security purposes in order to avoidunnecessary people to the secured room.
Network Security and Defense against Insider Attacks_2

Detection:Access controls are used for the security. The attackers can be detected by using the punch cards,biometric and electronic authentication. When the authentication does not matches then it isdetected as attacker is trying to access the system. Intrusion detection system is used to monitorthe system when any changes occurs it sounds the alarm to alert the company that there is someproblem in the server room .Electronic surveillance must be kept in the server room to detect thechanges made by the attacker. When the attacker is trying to enter the room it is monitoredthrough the electronic surveillance and intrusion detection system. The sensor used to detect theattacker and sounds an alarm. If intrusion detection is failed then we can find through the videosurveillance. Recovery:Recovery policies and procedures should be done regularly to ensure safety and to reduce thetime taken to recover from the man-made or natural disasters. The stored data should be takenback up whenever a data is getting updated. If back up is taken then we need not worry about thedata loss. We can use the data from the existing back up data.Control measures:These control measures should be taken by every organization inorder to avoid or prevent fromthe security disaster. They are1.Server room should be kept locked.2.Surveillance set up is needed to be fixed.3.Vulnerable devices must be kept in the server room.4.Rack mount servers should be used.5.Keep intruders from opening the case.6.Pack up the backups7.Protect the printersMobile device security:A device typically has a display screen with a touch keyboard or input. Different types ofmobile devices are mobile PC, digital camera, laptop, smart phones, tablet, pager etc. All thesemobile devices must support the multi security such as confidentiality, integrity and availability.To achieve these objectives the mobile devices must be secured against the variety of threats.
Network Security and Defense against Insider Attacks_3

End of preview

Want to access all the pages? Upload your documents or become a member.

Related Documents
Protecting Network Security and Defending Against Threats

Intrusion Detection Systems in WSNs

Information and System Security Research Paper 2022

Assignment on Physical Security

Effective Physical Security - PDF

Information and Systems Security