大象传媒

Network security and cybersecurity - EdexcelThe importance of network security

Networks operate on the principles of communication and sharing. That means network traffic and data could be accessed by people who have no authority to do so. Enhanced security measures can help to prevent cyberattacks.

Part of Computer SciencePrinciples of computer science

The importance of network security

operate on the principles of communication and sharing. Unfortunately, these principles mean that network traffic and risk being accessed by people who have no authority to do so, ie hackers.

A network and the connected to it are likely to contain large amounts of information. This information could be valuable and some of it is likely to be private and confidential. For example, a school network is likely to have:

  • names and addresses of students and staff
  • medical details of students
  • grades from exams
  • details of behaviour from reports
  • details of the financial state of the school
  • details of staff salaries

This information needs to be kept secure and most of us wouldn鈥檛 be happy if our personal information was available to people who didn鈥檛 need it.

There are many ways to secure a network but the starting point is only allowing network access to authorised people. This is known as and . A person will authenticate themselves using a username and password. Before being given access to the network, a server will validate their username and password against a list of authorised users.

There are other methods of authentication and validation such as using PINs, a fingerprint or facial recognition.

Authentication of users isn鈥檛 enough to fully secure a network. Other important security measures are access control, and physical security.

Access control

Access control determines the facilities a user has access to, such as:

  • email
  • internet
  • documents and data
  • the ability to install and/or remove software
  • the ability to maintain other users' accounts

A should restrict most users to allow them to access only the facilities they need. For example, an office worker might need access to productivity software, email and the internet, but not to install software or access to other users' accounts. Restriction limits the actions a user can take, reducing the potential of threats. The restrictions can be precise, allowing different people access to different sets of or information.

Firewalls

A firewall is a tool that monitors traffic going into and out of a computer or network, and either allows the traffic to pass through or blocks it.

The decision to allow or block traffic is based on rules, known as the firewall policy. For example, some programs, such as and , have legitimate cause to send a transmission. These programs are known to the system and the firewall policy allows their communications. However, any transmissions that are not sent from, or to, known and allowed sources are blocked.

Firewalls can be hardware-based or software-based. firewalls tend to be more expensive, but are more effective.

Physical security

Physical security means restricting physical access to important parts of a network. For example, servers should be kept in a locked, secure room that can only be accessed by authorised people, such as the network manager.

This is important as anyone with physical access to a could remove or access the containing private and confidential information.