G061 - Network Security
Learning Objective: explain methods for combating ICT crime and protecting ICT systems
Network Security ICT crime often deliberate act of theft stealing data (whether viewing or taking), stealing software or equipment. natural disasters and mistakes by humans can also cause data to be lost or equipment to be damaged networked computers are prone to security problems: hacking (unauthorised access), viruses, spyware, malware
Network Security Preventative measures: Physical Security Software Security
Physical Security lock the computer up security guards/CCTV cameras entry measures to get into room/building security guards/CCTV cameras no floppy/CD/DVD drives prevents copying & theft of data prevents virus being transferred onto computer system disable USB ports memory sticks/removable HDD can’t be used
Software Security firewalls backup encryption biometric security software patches & updates anti-virus & anti-spyware software access rights auditing education of users user IDs, & passwords methods for ensuring passwords remain effective
Backup making copies of current data in case the originals are lost or corrupted (or stolen) back-up is made to removable storage media memory stick, portable HDD, CD-R, DVD-R, magnetic tape…. back-up copy is stored off-site or in different location data can be restored from the back-up if required
Firewall network security device stands between a network and the outside world can either be hardware and/or software based. examines data packets moving into and out of the system configured to permit or deny connections using a set of rules access is denied if not allowed by the rules filters websites users are permitted to visit
Encryption What is encryption? the process of disguising messages so that only the intended recipient can understand them. encrypted data can only be understood by reversing the encryption process (decryption) data is sent in a scrambled form. uses a random process set up using a special key value the data is then decoded at receiver by reversing the encryption process (decryption)
Biometric Security technology used to measure some feature of a person in order to identify them within a security system fingerprint scans fingerprint, finds identifying unique marks, matches/does not match to record in system voice recognition retinal scans facial recognition DNA
Software patches & updates corrects loopholes & bugs in software stops hackers exploiting them and gaining access must regularly update virus data files so new viruses can be detected regular security patches to operating systems & applications to combat security loopholes & bugs
Viruses a virus is a piece of software that is designed to: cause deliberate harm to data stored on a computer replicate itself so that it transfers to other computers removable media used in an infected system can then carry the virus to another machine programs downloaded from the Internet can also spread a virus.
Spyware What?: collects information about a person or organisation without the user’s knowledge can track a user’s keystrokes to find out what is being typed, including passwords Why?: can be used to pass information on to advertisers can be used to find out usernames and passwords used to hack into a user’s bank account
Virus & Spyware Protection install anti-virus software on all computers detects viruses & malware (e.g. spyware) allows removal of infected code from file allows deletion of infected files must regularly update virus data files
Access Rights data is commercially valuable could be stolen or damaged/modified may want to restrict access to data so that no unauthorised changes can be made different users are given different access rights to data legal restrictions on the access to personal data DPA
Levels of Access None user cannot obtain information nor change data Read only user can obtain information but not change the data Read/write user can change data as well as obtain information Append only user cannot change existing data but can add new data Full administrator/supervisor level - can perform all operations
Audit Logs logs are maintained automatically by the system audit logs track: who did what, at which workstation, when it occurred. logs can be used to see which member of staff: accessed particular files other resources web pages.
User IDs & Passwords Why? allow access to user areas stop unauthorised access protect data to make individual users members of groups allow access to files based on access rights allow access to resources – printers, software to be able to monitor use audit logs to comply with the law DPA
User IDs Effectiveness of user ID maintained by: must be unique so can be sure who is doing what can be suspended when user is away e.g. on holiday, leaves the company …. can be linked to resources an individual machine software applications times of use
Passwords Effectiveness of password maintained by: Network Manager: force password change frequently make minimum length password make unrecognisable words only (not in dictionary) must contain numbers and letters (& punctuations) cannot reuse passwords 3 incorrect password attempts account is locked User: not writing password down make it something others can’t guess – not personal make sure no one is looking when you type it in