Introduction to network security
In the modern global world network security is decisive. At any time, enterprises have to provide their employees with secure access to network resources that is why modern strategy for network security must take into consideration such factors as the increase of network reliability, effective security management and protection against constantly evolving threats and new methods of attacks. For many companies the problem of providing network security becomes more difficult as today’s mobile employees, using their mobile phones, smart phones, notebooks and tablets in their work, bring new potential problems. Herewith, hackers do not have rest, but invent new cyber threats being more ingenious.
Asked question: When choosing a decision on network security, which factors are the most important for your company?
Network security vulnerability gives floor to a lot of potential problems and puts the company at different risks. Because of them, IT systems can be endangered, information can be stolen, employees and customers may have access problems to the resources which should be used by them, this may force customers move to a competitor.
A simple service related to the security problems can have other financial consequences. For example, a website which does not run during rush hours can generate direct losses and a powerful negative PR, which will surely affect the level of sales in future. Besides this, some sectors have strict criteria for resources availability, and their violation can lead to regulatory penalties and other unpleasant consequences.
In addition to the solutions reliability, there is a number of questions which came to the fore. For example, 23% of the asked IT specialists mark the cost of the solution as one of the main problems related to network security; this is not surprising due to the fact that IT budgets of the last years were significantly limited. Thereupon, about 20% of the respondents have marked the simplicity of integration as the prioritized parameter when choosing a decision. This is natural under the conditions when the IT department is required to do more with fewer resources.
Finishing the conversation about the key parameters when choosing a decision, it should be noted, that only about 9% of the respondents named network functions as the key factor when choosing a decision in the sphere of network security. When deciding on the provision of network security for corporate systems and minimization of the related risks, one of the most important factors for almost a half of the respondents (about 48%) was network reliability and the related decision.
Asked question: What kind of network attacks worries your IT company to the most?
These days, hackers use different methods of attacking companies’ networks. The research has revealed that IT specialists are very worried about two specific types of attacks: denial of service attacks (DoS) and Eavesdropping; these attacks were mentioned as the most dangerous and prioritized at about 25% of the respondents. 15% of the respondents have chosen IP Spoofing and MITM (man-in-the-middle) as the key threats. Other types of threats appeared to be important for less than 12% of the respondents.
Asked question: What does your IT company worry about when speaking about mobile security vulnerability?
Today the number of mobile employees is growing and the adaptation of the policy for the use of own electronic devices for work (BOYD) has new requirements for network security. Herewith, unfortunately, the number of unsafe network applications grows very quickly. In 2013 the HP Company tested more than 2000 applications and has found that 90% of them have security vulnerability. This situation poses serious threat to corporate security and it is not surprising that 25% of the respondents have evaluated the threats of hazardous applications as the most dangerous.
Making an intermediate decision to the stated above, it is possible to come to the following conclusion: modern decisions on network security must have the following properties, in addition to the already existing ones:
• Be able to operate on the seventh level of OSI model (on the level of applications)
• Be able to connect certain users with traffic content
• Have a network attacks security system integrated into the decision (IPS)
• Support the hardware protection against such attacks as DoS and eavesdropping
• Be highly reliable in general
For many enterprises the urgent character of network security issues is first of all related to the fact that they process the data of individual entities (at least, the data of their employees). Consequently, independent on the activity, any company must follow the legislation requirements and must take different organizational and technical measures for information protection.
Ignoring the problem of network security may not only lead to serious losses in business, but even entail criminal sanctions against certain company heads.
The threats of information security become more complex; hackers and cyber criminals use new methods and implement more ingenious attacks in order to hack systems and steal data.
Fight against new attacks requires decisions on network security and the development of a network security strategy which meets the requirements of reliability, cost and integration with other IT systems. The elaborated decisions must be reliable, secure against attacks on the level of applications and make it possible to identify traffic.
From everything stated above can be drawn a very simple conclusion: modern world should not ignore the issues of information security; in response to new threats it is necessary to look for new approaches to the implementation of the strategy for information security and use new methods and means, providing network security.