Security in the network environment

February 2014 IT infrastructure

Threats to network security are escalating dramatically. Technology advancements in social media, mobile devices, Wi-Fi and cloud services are increasing a company’s vulnerability to attacks. Cyber risks and cyber threats are a major concern for large revenue-generating organisations.

It is therefore crucial for organisations today to become more proactive and to invest in technologies that secure their networks and company data.

“To mitigate the risk of attacks, companies are now forced to improve security policies, that will ensure employees abide by rules that will protect the organisation’s technology and information assets,” says Laura Niehaus, project manager for EES, an ISO 9001:2008 certified company, which provides project management for the provision of information communication technology (ICT) solutions.

“These security policies are driven from the highest level in an organisation with security professionals who are frequently advising on security matters and compliance monitoring.”

Even though organisations are moving in the right direction, there is still a need to analyse the current state of security in the network environment and identify areas of improvement. Health assessments focus on current threats and also help recognise potential new threats.

Access control

One of the ways in which network administrators control access to company data is by assigning user names and passwords. Standard security measures such as firewalls and proxy servers enforce access policies allowing users access to those services which they are entitled to.

“Although standard measures are effective in preventing unauthorised access, further systems are required to help detect and prevent harmful content,” Niehaus explains. “Intrusion detection systems, for example, should be used to detect malicious activity or intrusion attempts by outsiders and then log the activity for auditing purposes. Perimeter networking or demilitarised zones (DMZ) are also important in acting as a gateway to the public Internet and provides services to users outside of the local area network, such as e-mail and Web.”

Key threats to network security

Data leakage, data loss prevention and data protection are major concerns. “Organisations usually cover data protection in contracts with third-party vendors who have access to the company’s data,” Niehaus states. “Organisations should always implement enforceable contract clauses to make vendors responsible and accountable for information security that aligns to ISO standards.

“Employee negligence or lack of awareness also poses a serious threat to confidential data. Organisations are developing and implementing policies to ensure a more responsible attitude by employees to confidential information.”

In large organisations it is important to increase the awareness of information security, integral to which is training, in order to improve policies. Employees need to be aware of their responsibilities and the correct use of company assets and data. Companies must employ staff which have the right skills and competencies to support security policies and to make information security part of their performance assessments.

However, the trend of using personal smart devices for business purposes, allowing company information to leave the premises without authorisation, counters the principles of safeguarding sensitive data. Confidential data leaks can be the result of misplaced smartphones or tablets. This enables the introduction of malicious software into a company’s network, which could present damaging consequences.

Going forward

There is a great need to align security strategy with business strategy. It is vital to be more proactive and explore new technologies that can help prepare for the future. Processes need to be documented and communicated when opportunities for improvement arise, and budgets need to be made available to implement new security measures.

“Organisations need to shift their focus to security improvements, which will enable them to establish a framework for continuous improvement, proper governance, process, training and awareness.”

In conclusion, it is crucial to continually re-assess new technologies and threats, and always remain vigilant and listen to what is happening in the market.

Share this article:
Share via emailShare via LinkedInPrint this page

Further reading:

Home-grown, cloud-based safety and security solutions
Residential Estate Security Handbook 2020 , IT infrastructure, Integrated Solutions
BeSecure has taken security and communications technologies and turned them into what is best described as care and safety solutions for the estate community in South Africa.

Bringing the wonders of fibre to your estate
Residential Estate Security Handbook 2020, Vox Telecom , IT infrastructure
The Hi-Tech Security Solutions’ Residential Security Conference in Durban was a magnificent event where Vox showcased its visitor management solution.

Protecting your electrical equipment
Residential Estate Security Handbook 2020, BFR Digital , IT infrastructure
Load shedding is a constant danger as the surges that occur when the lights come on cause damage to electronic equipment, including security equipment, unless it is protected.

Secure biometric access for SAP
Issue 4 2020 , IT infrastructure
An expanded partnership offering endpoint biometric security for SAP takes on new importance amid COVID-19.

Security on the edge
Issue 4 2020 , IT infrastructure
From less than $1.5 billion in 2017 to an anticipated $9 billion by 2024, the worldwide edge computing market is set to show significant growth in the coming years.

Tips on secure remote working
Issue 3 2020 , IT infrastructure, Cyber Security
NordVPN advises how to stay secure while working from home during the coronavirus outbreak.

Wall-mounted solution for mission-critical IT
Issue 3 2020 , IT infrastructure
Schneider Electric’s latest iteration of its 6U wall mount has enabled convenient and easy deployment of edge computing systems.

Secure backup for SMEs
Issue 3 2020 , IT infrastructure
Cleeks Cloud has announced the launch of its online, direct-to-cloud backup solution aimed at the South African SME market.

Sophos Launches Xstream
Issue 3 2020 , IT infrastructure
SophosLabs research indicates 44% of prevalent information thieves use encryption to hide stolen data.

The complexity of connections
Issue 3 2020 , IT infrastructure
With 55 billion devices connected worldwide by 2022 and 90% of them unmanaged, Zero Trust is the new norm.