Question

To reassure your audience of your network’s security, you list some strategies your department used to build security directly into the design of your company network.

NTC/362 - FUNDAMENTALS OF NETWORKING

Answer 1

What Is Network Security?

Network security is a term that describes the tools, tactics and security policies designed to monitor, prevent and respond to unauthorized network intrusion, while also protecting digital assets, including network traffic. Network security includes hardware and software technologies (including resources such as savvy security analysts, hunters, incident responders, etc.) and is designed to respond to the full range of potential threats targeting your network.

In other words, it’s the defenses you use to keep the wrong people away from your sensitive data.

The vampires are trying to get in; network security keeps them out. Fairly straightforward, right? Well, within that definition, there are three key focuses that should serve as a foundation of any network security strategy: protection, detection and response.

Protection entails any tools or policies designed to prevent network intrusion. Detection refers to the resources that allow you to analyze network traffic and quickly identify problems before they can do harm. And finally, response is the ability to react to identified threats and resolve them as quickly as possible.

Unfortunately, most businesses simply do not know how to do this properly. In fact, in a survey of 4,100 executives, departmental heads, IT managers and other key professionals across the U.S. and Europe, it was revealed that nearly three out of four organizations (73 percent) are fielding a novice level cybersecurity strategy. This is a growing threat, because when network breaches occur, there’s more at stake than just the data itself.

Benefits of Network Security

Network security exists to help your organization protect not only its sensitive information, but also its overall performance, reputation and even its ability to stay in business. Continued operational ability and an intact reputation are two key benefits of effective network security.

Companies that fall prey to cyberattacks often find themselves crippled from the inside out, unable to deliver services or effectively address customer needs. Similarly, networks play a major role in internal company processes, and when they come under attack, those processes may grind to a halt, further hampering an organization’s ability to conduct business or even resume standard operations.

But perhaps even more damaging is the detrimental effect that a network breach can have on your business’s reputation.

Given the rising tide of identity theft and other dangers related to the theft of personal information, many customers are already hesitant when it comes to sharing data with businesses. And if a cyberattack should occur, many of these customers are likely to withdraw in favor of more secure alternatives. After all, why take the risk?

The loss or corruption of valuable data, along with a significant disruption to customer services and internal process, topped off with reputational injury that may persist long after other damages have been repaired — it’s not hard to see what’s at stake when it comes to network security. In fact, it’s been suggested that 66 percent of SMBs would have to shut down (either temporarily or permanently) after experiencing a data breach. And even larger, more established businesses may be unable to reclaim their former standing.

On the other hand, reliable network security software and hardware, coupled with the right policies and strategies, can help ensure that when cyberattacks occur, their impact will be minimal.

Network Security Tools and Techniques

Your network faces threats of all shapes and sizes, and thus should be prepared to defend, identify and respond to a full range of attacks. But the reality is that the biggest danger to most companies are not fly-by-night threat actors, but rather attackers that are well-funded and are targeting specific organizations for specific reasons. For that reason, your network security strategy needs to be able to address the various methods these actors might employ.

Here are 14 different cyber security tools and techniques designed to help you do just that:

1. Access control
   If threat actors can’t get into your network, the amount of damage they’ll be able to do will be extremely limited. But in addition to preventing unauthorized access, be aware that even authorized users can also be potential threats. Access control allows you to increase your network protection by limiting user access and resources to only the parts of the network that directly apply to individual users’ responsibilities.
2. Anti-malware software
   Malware, in the form of viruses, trojans, worms, keyloggers, spyware, etc. are designed to spread through computer systems and infect networks. Anti-malware tools are a kind of network security software designed to identify dangerous programs and prevent them from spreading. Anti-malware and antivirus software may also be able to help resolve malware infections, minimizing the damage to the network.
3. Anomaly detection
   It can be difficult to identify anomalies in your network without a baseline understanding of how that network should be operating. Network anomaly detection engines (ADE) allow you to analyze your network, so that when breaches occur, you’ll be alerted to them quickly enough to be able to respond.
4. Application security
   For many attackers, applications are a defensive vulnerability that can be exploited. Application security helps establish security parameters for any applications that may be relevant to your network security.
5. Data loss prevention (DLP)
   Often, the weakest link in network security is the human element. DLP technologies and policies help protect staff and other users from misusing and possibly compromising sensitive data or allowing said data out of the network.
6. Email security
   As with DLP, email security is focused on shoring up human-related security weaknesses. Via phishing strategies (which are often very complex and convincing), attackers persuade email recipients to share sensitive information or inadvertently download malware into the targeted network. Email security helps identify dangerous emails and can also be used to block attacks and prevent the sharing of vital data.
7. Endpoint security
   The business world is becoming increasingly bring your own device (BYOD), to the point where the distinction between personal and business computer devices is almost nonexistent. Unfortunately, sometimes the personal devices become targets when users rely on them to access business networks. Endpoint security adds a layer of defense between remote devices and business networks.
8. Firewalls
   Firewalls function much like gates that can be used to secure the borders between your network and the internet. Firewalls are used to manage network traffic, allowing authorized traffic through while blocking access to non-authorized traffic.
9. Intrusion prevention systems
   Intrusion prevention systems (also called intrusion detection) constantly scan and analyze network traffic/packets, so that attacks can be identified and responded to quickly. These systems often keep a database of known attack methods, so as to be able to recognize threats immediately.
10. Network segmentation
    There are many kinds of network traffic, each associated with different security risks. Network segmentation allows you to grant the right access to the right traffic, while restricting traffic from suspicious sources.
11. Security information and event management (SIEM)
    Sometimes simply pulling together the right information from so many different tools and resources can be prohibitively difficult — particularly when time is an issue. SIEM tools and software give responders the data they need to act quickly.
12. Virtual private network (VPN)
    VPN tools are used to authenticate communication between secure networks and an endpoint device. Remote-access VPNs generally use IPsec or Secure Sockets Layer (SSL) for authentication, creating an encrypted line to block other parties from eavesdropping.
13. Web security
    Including tools, hardware, policies and more, web security is a blanket term to describe the network security measures businesses take to ensure safe web use when connected to an internal network. This helps prevent web-based threats from using browsers as access points to get into the network.
14. Wireless security
    Generally speaking, wireless networks are less secure than traditional networks. Thus, strict wireless security measures are necessary to ensure that threat actors aren’t gaining access.