Security in the network environment

February 2014 Infrastructure

Threats to network security are escalating dramatically. Technology advancements in social media, mobile devices, Wi-Fi and cloud services are increasing a company’s vulnerability to attacks. Cyber risks and cyber threats are a major concern for large revenue-generating organisations.

It is therefore crucial for organisations today to become more proactive and to invest in technologies that secure their networks and company data.

“To mitigate the risk of attacks, companies are now forced to improve security policies, that will ensure employees abide by rules that will protect the organisation’s technology and information assets,” says Laura Niehaus, project manager for EES, an ISO 9001:2008 certified company, which provides project management for the provision of information communication technology (ICT) solutions.

“These security policies are driven from the highest level in an organisation with security professionals who are frequently advising on security matters and compliance monitoring.”

Even though organisations are moving in the right direction, there is still a need to analyse the current state of security in the network environment and identify areas of improvement. Health assessments focus on current threats and also help recognise potential new threats.

Access control

One of the ways in which network administrators control access to company data is by assigning user names and passwords. Standard security measures such as firewalls and proxy servers enforce access policies allowing users access to those services which they are entitled to.

“Although standard measures are effective in preventing unauthorised access, further systems are required to help detect and prevent harmful content,” Niehaus explains. “Intrusion detection systems, for example, should be used to detect malicious activity or intrusion attempts by outsiders and then log the activity for auditing purposes. Perimeter networking or demilitarised zones (DMZ) are also important in acting as a gateway to the public Internet and provides services to users outside of the local area network, such as e-mail and Web.”

Key threats to network security

Data leakage, data loss prevention and data protection are major concerns. “Organisations usually cover data protection in contracts with third-party vendors who have access to the company’s data,” Niehaus states. “Organisations should always implement enforceable contract clauses to make vendors responsible and accountable for information security that aligns to ISO standards.

“Employee negligence or lack of awareness also poses a serious threat to confidential data. Organisations are developing and implementing policies to ensure a more responsible attitude by employees to confidential information.”

In large organisations it is important to increase the awareness of information security, integral to which is training, in order to improve policies. Employees need to be aware of their responsibilities and the correct use of company assets and data. Companies must employ staff which have the right skills and competencies to support security policies and to make information security part of their performance assessments.

However, the trend of using personal smart devices for business purposes, allowing company information to leave the premises without authorisation, counters the principles of safeguarding sensitive data. Confidential data leaks can be the result of misplaced smartphones or tablets. This enables the introduction of malicious software into a company’s network, which could present damaging consequences.

Going forward

There is a great need to align security strategy with business strategy. It is vital to be more proactive and explore new technologies that can help prepare for the future. Processes need to be documented and communicated when opportunities for improvement arise, and budgets need to be made available to implement new security measures.

“Organisations need to shift their focus to security improvements, which will enable them to establish a framework for continuous improvement, proper governance, process, training and awareness.”

In conclusion, it is crucial to continually re-assess new technologies and threats, and always remain vigilant and listen to what is happening in the market.





Share this article:
Share via emailShare via LinkedInPrint this page



Further reading:

Upgrade your PCs to improve security
Information Security Infrastructure
Truly secure technology today must be designed to detect and address unusual activity as it happens, wherever it happens, right down to the BIOS and silicon levels.

Read more...
The hidden cost of cheap networking gear
Duxbury Networking Infrastructure
When it comes to building a network, price is always a consideration, especially in the current economic climate, but there is a difference between smart spending and short-term savings with long-term losses.

Read more...
Open source code can also be open risk
Information Security Infrastructure
Software development has changed significantly over the years, and today, open-source code increasingly forms the foundation of modern applications, with surveys indicating that 60 – 90% of the average application's code base consists of open-source components.

Read more...
Fastest PCIe Gen 5.0 NVMe SSD
Products & Solutions Infrastructure
Sandisk has unveiled the WD_BLACK SN8100 NVMe SSD with PCIe Gen 5.0 technology, an internal SSD delivering speeds up to 14 900 MB/s and capacities up to 4 TB, with 8 TB solutions available soon.

Read more...
Unified storage solution
Products & Solutions Infrastructure
CASA Software has announced the local availability of Nexsan’s upgraded unified storage solution, Unity NV4000, which is ideal for mixed workloads, from virtualisation and video surveillance to secure backup and recovery.

Read more...
Suprema unveils BioStar Air
Suprema neaMetrics News & Events Access Control & Identity Management Infrastructure
Suprema launches BioStar Air, the first cloud-based access control platform designed to natively support biometric authentication and feature true zero-on-premise architecture. BioStar Air simplifies deployment and scales effortlessly to secure SMBs, multi-branch companies, and mixed-use buildings.

Read more...
Back-up securely and restore in seconds
Betatrac Telematic Solutions Editor's Choice Information Security Infrastructure
Betatrac has a solution that enables companies to back-up up to 8 TB of data onto a device and restore it in 30 seconds in an emergency, called Rapid Access Data Recovery (RADR).

Read more...
Advanced surveillance storage from ASBIS
Infrastructure Surveillance Products & Solutions
From a video storage solutions perspective, SkyHawk drives, designed for DVRs and NVRs, offer high capacity, optimised firmware, and a reliability workload rating of hundreds of terabytes per year.

Read more...
Power surges are killing our networks
Duxbury Networking Infrastructure
With power surges and lightning strikes becoming an all-too-familiar threat to South African infrastructure, Duxbury Networking is calling on local installers and network integrators to follow proper grounding protocols.

Read more...
A passport to offline backups
SMART Security Solutions Technews Publishing Editor's Choice Infrastructure Smart Home Automation
SMART Security Solutions tested a 6 TB WD My Passport and found it is much more than simply another portable hard drive when considering the free security software the company includes with the device.

Read more...










While every effort has been made to ensure the accuracy of the information contained herein, the publisher and its agents cannot be held responsible for any errors contained, or any loss incurred as a result. Articles published do not necessarily reflect the views of the publishers. The editor reserves the right to alter or cut copy. Articles submitted are deemed to have been cleared for publication. Advertisements and company contact details are published as provided by the advertiser. Technews Publishing (Pty) Ltd cannot be held responsible for the accuracy or veracity of supplied material.




© Technews Publishing (Pty) Ltd. | All Rights Reserved.