All computer networks – personal and for business – should have a security system in place. On a personal level, this may be having an effective firewall, updated system, and technical and physical data storage, but businesses, in order to follow industry best practices, may be required to have a network security policy. Best practices, such as FFIEC and Sarbanes-Oxley for finance and HIPAA for health care, mandate a business or organization create a network security policy that incorporates risk assessment and management and includes regular IT audits to update the system against new attack tactics.
Network security standards encompass all ways in which data is needed by a business: usability, reliability, integrity, and safety. To protect this data, antivirus and spyware programs, a firewall, intrusion prevention systems (IPS), and virtual private networks (VPN) may be added in some kind of combination to a company system, and all need regular updates and management. For companies or organizations that utilize credit cards or electronic information management systems, protecting data goes beyond convenience, and if a security breach occurs, business or money can be lost or fraud, identity theft, lawsuits, stolen records, or corrupted information can result.
Hackers and similar online criminals, however, continue to revise their tactics to break through or bypass firewalls, and networks need to be updated to combat any new threats. Although threats are numerous, they typically fall into the following categories:
• Viruses and worms, which are malicious code that, inserted onto your system, spreads. Viruses typically come from attachments, and a worm may just be contained in an email.
• Trojan horses are malware that enters a network through a harmless-seeming file that can be embedded on a website, be free downloadable software, or come through a link. Trojans are easier to prevent than to remove, and a network, as a result, may keep a list of approve sites or use blocking programs.
• Spam is a mild threat, until it clogs up a network and causes the system to go down.
• Phishing is a tactic used to obtain passwords or other network access information. Usually in the form of a legitimate-looking email, a phishing scheme gets a network user to click on a link, usually one that seem to go to a banking or business website, and provide password information. Social engineering, additionally, falls under phishing threats.
• Packet sniffing also captures user data but not by email. Instead, a user is lured by a “honey pot” – an unsecured network in a public place – and a third party accesses the user’s data and captures streams of the user’s data, which can be used for fraud, stealing records or money, or identity theft.
• Zombie computers are spam threats taken to a higher degree. When a computer is infected with malware, it can become a spamming tool and, as a result, sends out thousands of emails over a network without the user’s approval. Although difficult to detect, a zombie computer may be the cause of a slow or crashing system.
A network assessment may find points where such threats can enter and offers solutions for repairing them. A company conducting a network security assessment uses a combination of ethical hacking techniques – emulating outside threats in order to find vulnerabilities – and social engineering to uncover these weaker areas. Typically, an assessment addresses technical, physical, and personal areas through penetration tests, staff interviews, vulnerability scans, examining operating system settings, and analyzing past attacks, and a report detailing all vulnerabilities and providing solutions is the result.