Thursday, 8 July 2010

Basic Security Tips

Basic Security Tips

This basic Network Security Guide provides useful security tips and methods to secure your network such as installing a updated antivirus program, email scanning programs, network monitoring tools, internet access policy and other security prevention methods. Network security is a very important aspect of a computer network. Minor security vulnerability can result in a heavy loss of the critical data of your server and other client computers. Keeping the computer as well as network secure, is the big responsibility of the network administrator and the security specialists. There are lot of security measures and prevention methods which I will discuss in this section. Typically a computer network can be attacked by a number of ways such as virus attacks, unauthorized access, cryptography attacks and a number of other security threats.
A network security threat can be prevented if you have an updated antivirus program, regularly scan all the network devices, emails, open ports, server and client computers. It’s the responsibility of the network administrators to check and deploy the missing security patches in all the network computers. They should also remove the unnecessary network shares, users accounts, wireless access points and restrict the access too the network users. There should be proper training of the network users, network administrators and IT managers about the vulnerable things that cause a network to be attacked. A network administration of an organization should be highly skilled person and have much experience in network/system administration as well as dealing with the security issues.
Security Threats
There are a number of security threats that can be the cause of a network security attack. Main security threats are denial of service, distributed denial of service, viruses, Trojan horses, spywares, malwares, unauthorized access to the network resources and data, accidental deletion of the files and the uncontrolled internet access.
Virus Attack
A computer virus is a small program or an executable code that when executed and replicated, perform different unwanted and harmful functions for a computer and a network. Viruses can destroy your hard disks and processors, consume memory at a very large scale and destroy the overall performance of a computer or network. A Trojan is a malicious code that performs harmful actions but it cannot be replicated. Trojan can destroy systems’ critical data. A computer worm is a program that replicates to all network and destroy useful data. The viruses, malware, adware and Trojan horses can be prevented if you have an updated antivirus program with the latest pattern files.
Security policy
Being a network administrator, you should implement a security policy in your network and educate your network users and other employees about the security threats.
Email scanning
Email is a big source of a virus and malicious code. You should have installed an email scanning and monitoring program. You should also have a tight security policy at your proxy server and should block the unnecessary ports and web applications.
Unauthorized Access
Access to the network resources and data should be allowed only to the authorized persons. Every shared folder and resources in your network should have been accessed only by the authorized persons and should also be scanned and monitored regularly.
Accidental deletion of the files
What will you do if you accidentally delete your organization’s critical data? This is a question, which every network administrator and security specialists thinks of and wants answer. Few days before I read on internet news site that a computer technician accidentally deleted a financial company’s $ 10 billions records. To avoid the big troubles like this for you and for your company, you should have excellent data recovery software in your software inventory. Many data recovery tools are good enough to recover every piece of data if the hard disk is not physically badly damaged.
Network Monitoring Tools
You must have a good network monitoring tools to detect various suspicious things and monitor the various activities in your network such as network traffic, open ports, useless shared folders. GFI LanGuard Network security scanner is a good scanning and monitoring tool and it checks for all the possible methods, which a hacker can use to attack your network.
Internet Access Control
Internet can be a big source of viruses and the major security attacks, if you are unable to implement a tight security policy in your network, if you have a old definition anti virus program and if your haven’t put any check on your network user’s activity. Your gateway or proxy server, which is directly exposed to the internet should have very tight security, updated antivirus program and network monitoring tools.
Information Theft and cryptography attacks
Another threat to a network is to loss of the important information and this loss can be prevented, if you good encryption methods such as 128 bit security or 256 bit security encryption methods. In this way, your data when transferred through FTP programs, can be encrypted and can’t be read or use.
Unauthorized application installations
Another virus and security attack prevention method is to install only the authorized software applications to your network server and your all client computers. Nobody should be allowed to install any kind of program which can cause security threats such as songs or video programs, codec, gaming software or other web based applications.
Security Conclusion:
I tried to point out the major security threat prevention methods also provided the solutions to avoid them. There are a number of ways, which guarantee for the safety and security of your network.
I have summarized the all these method as below.
1. Perform regular network security testing.
2. Don’t provide more or unwanted access to any network user.
3. Must have an updated antivirus program.
4. Operating system should be regularly updated. If you have windows based operating system you can update it from the Microsoft website.
5. Keep inventory of your network resources such as devices and software applications.
6. Regularly scan TCP/IP services
7. Turn off your computer when you are away and don’t leave your computer unattended.
8. Put a strong network and system administrator password.
9. Implement a strong security policy.
10. Use a switched network, so that you can identify the problem very quickly.

No comments:

Post a Comment