Network security
An organisation needs to be able to rely on the dataUnits of information. In computing there can be different data types, including integers, characters and Boolean. Data is often acted on by instructions. it is storing about its staff, customers and products or services. There are several dangers that are inherent in using networkA group of interconnected computers/devices.:
- hacking - just being connected to a network opens the data to the possibility of hacking
- virusAny computer program designed to replicate and damage other computer systems and software. - these may be sent via the internet, email, or as part of a hack
- technical breakdown - if this happens, there can be serious consequences for any organisation if it cannot network
- Denial of Service (DoS) AttackA denial-of-service (DoS) is any type of attack where the attackers (hackers) attempt to prevent legitimate users from accessing the service. In a DoS attack, the attacker usually sends excessive messages asking the network or server to authenticate requests that have invalid return addresses. - prevents users from accessing the parts of a network that they can normally access, which can prevent business from operating at all
- interception - if traffic can be intercepted then there is a possibility of accessing financial and personal data
If this data is breached it could:
- cost the organisation money through lost business, payments to recover the data or payment of ransom demands
- cause the organisation to incur a fine for failing to keep the data safe or for breaking the law by failing to comply with the Data Protection ActLegislation passed by parliament that governs the protection of personal data in the UK./General Data Protection Regulation (GDPR)
- make customers lose trust in the business if they fail to keep their personal details safe
- allow competitors to win business by gaining access to confidential client information
Ways to prevent network security breaches
Validation and authentication techniques
There are many ways that a network can ask a user to prove they are who they claim they are. This can include:
- using suitable user ID and passwords
- using a PIN
- drawing a pattern on a smartphone
- using face and voice recognition
- sending an email confirmation to ensure they are the correct person when making an online order
- two-factor authenticationVerifying the identity of a user., such as a bank ringing an accepted phone number to confirm when a new payment is set up, or a PIN and a card having to be used together
- using CAPTCHACompletely automated public Turing test to tell computers and humans apart. This is a way of working out if a user is a human or robot by asking them to identify image features. to prove they are human and not a robot
- validationChecking input data is sensible and in the right format. parameters sent with a webpage, eg HTMLHyperText Markup Language. The language used to write and display web page documents. pages might have malicious scriptingA type of computer programming which is executed in runtime, often used for web applications. embedded
Antivirus software
A virus is a computer program that is able to copy itself with the intention of causing damage to a computer system. It is often transferred with another file, known as a vector, without the computer user鈥檚 knowledge. anti-virusAnti-virus software scans all forms of storage devices for viruses (programs harmful to computers) and, if found, attempts to remove them. softwareThe programs, applications and data in a computer system. Any parts of a computer system that aren't physical. must be installed and regularly updated to search out and destroy viruses before they can cause damage to the system or spread to other users.
A wormA self-replicating virus that does not alter files but loads itself into active memory and duplicates itself. is like a virus but replicates itself before spreading to other programs and/or computers.
malwareSoftware that is designed to cause harm or damage to a computer. This includes viruses that might damage files, adware that causes pop-ups, and spyware that collects and shares login details. is a term that covers any software attempt to disrupt computer systems.
Access levels
An organisation is responsible for setting secure access levels for the users of the system. Some individuals may need access to sensitive data that should not be available to other users of the system. The network manager must ensure these are set up and maintained correctly.
Firewalls
The decision to allow or block traffic is based on rules, known as the firewallAn application that prevents unauthorised connections to and from the Internet. policy. For example, some programs, such as email software and web browsers, have legitimate cause to send a transmission. These programs are known and the firewall policy allows their communications. However, the firewall can block transmissions that are sent from unknown sources or to unknown destinations - as well as those that are known to be a security risk.
Firewalls can be hardware-based or software-based. hardwareThe physical parts of a computer system, eg a graphics card, hard disk drive or CD drive. firewalls tend to be more expensive, but they are also more effective.
Acceptable use policies
Acceptable use policies define how the users of a system must act. They can include:
- rules preventing the connection of external devices such as USB memory stickA physically small storage device. It normally plugs into a USB port. They are also called USB sticks, memory sticks, thumb or flash drives. These devices use solid state memory with no moving parts., which may contain and transmit viruses
- regulations regarding secure passwords, for example using a number of letters, numbers and symbols
- rules to govern which websites can and cannot be visited
- methods to prevent any user wirelessA connection that does not need wires and transmits data through radio signals. connecting an unsecured laptop, tablet or smartphone
- controls on what facilities can be accessed remotely (away from the organisation)
A network manager must attempt to prevent and thwart all types of threat. They need to be aware of new threats as they emerge and update their policies to reflect these changes.
Disaster recovery procedures
Disaster recovery procedures are defined to use in case of data loss. They tell staff what to do to recover the data. A disaster recovery procedure needs to anticipate natural disasters (flood, fire, etc) accidental loss (user error) and malicious attacks from both inside and outside the organisation. It should include backupA copy of important files that is kept separately in case the original files are lost or damaged. procedures and how to restore from backup.
More guides on this topic
- The CPU - Eduqas
- Primary storage - Eduqas
- Secondary storage and embedded systems - Eduqas
- Networks - Eduqas
- Data representation - Eduqas
- Storage and data organisation - Eduqas
- Operating systems - Eduqas
- Principles of programming - Eduqas
- Algorithms - Eduqas
- Sorting, searching and validation - Eduqas
- Software development - Eduqas
- Impacts of digital technology on wider society - Eduqas