The importance of network security
networkA group of interconnected computers/devices. operate on the principles of communication and sharing. Unfortunately, these principles mean that network traffic and dataUnits of information. In computing there can be different data types, including integers, characters and Boolean. Data is often acted on by instructions. risk being accessed by people who have no authority to do so, ie hackers.
A network and the serverA computer that holds data to be shared with other computers. Servers require server software. connected to it are likely to contain large amounts of information. This information could be valuable and some of it is likely to be private and confidential. For example, a school network is likely to have:
- names and addresses of students and staff
- medical details of students
- grades from exams
- details of behaviour from reports
- details of the financial state of the school
- details of staff salaries
This information needs to be kept secure and most of us wouldn鈥檛 be happy if our personal information was available to people who didn鈥檛 need it.
There are many ways to secure a network but the starting point is only allowing network access to authorised people. This is known as authenticationVerifying the identity of a user. and validationIn this specific case, involves a server validating a person鈥檚 username and password against a list of authorised users.. A person will authenticate themselves using a username and password. Before being given access to the network, a server will validate their username and password against a list of authorised users.
There are other methods of authentication and validation such as using PINs, a fingerprint or facial recognition.
Authentication of users isn鈥檛 enough to fully secure a network. Other important security measures are access control, firewallAn application that prevents unauthorised connections to and from the Internet. and physical security.
Access control
Access control determines the facilities a user has access to, such as:
- softwareThe programs, applications and data in a computer system. Any parts of a computer system that aren't physical.
- internet
- documents and data
- the ability to install and/or remove software
- the ability to maintain other users' accounts
A network administratorAlso known as network manager. A person with the responsibility of managing and maintaining the network within an organisation. should restrict most users to allow them to access only the facilities they need. For example, an office worker might need access to productivity software, email and the internet, but not to install software or access to other users' accounts. Restriction limits the actions a user can take, reducing the potential of threats. The restrictions can be precise, allowing different people access to different sets of fileAnything you save. It could be a document, a piece of music, a collection of data or something else. or information.
Firewalls
A firewall is a tool that monitors traffic going into and out of a computer or network, and either allows the traffic to pass through or blocks it.
The decision to allow or block traffic is based on rules, known as the firewall policy. For example, some programs, such as mail client Also known as email client. An application that sends and receives emails. and web browserAn application that displays web pages., have legitimate cause to send a transmission. These programs are known to the system and the firewall policy allows their communications. However, any transmissions that are not sent from, or to, known and allowed sources are blocked.
Firewalls can be hardware-based or software-based. hard disk driveA device used to store large amounts of data. firewalls tend to be more expensive, but are more effective.
Physical security
Physical security means restricting physical access to important parts of a network. For example, servers should be kept in a locked, secure room that can only be accessed by authorised people, such as the network manager.
This is important as anyone with physical access to a serverA computer that holds data to be shared with other computers. Servers require server software. could remove or access the hard disk driveA device used to store large amounts of data. containing private and confidential information.