The Fundamental Concepts of Network Security
Security policies are those rules or guidelines which guide practices and standards of activity on a network. When considering the company as a whole with both electronic data and physical assets as the backbone of the company’s success; it is imperative that these assets be protected. The security policy must include several facets of protection such as daily security, threat mitigation, and disaster planning. Daily network security measures must be included for information handling, and other work process related network functions (Microsoft, 2015). Threat mitigation is a facet of the security policy in which managers and employees are aware of potential threats and have a system in place for reporting these threats. Policies may include, but are not limited to: permission levels, disabling accounts for departing employees, employees changing positions, and monitoring potential security issues. Policies will also include the enforcement of strong passwords, expiration of passwords when not being used, and monitoring logins from terminals to see if individuals are sharing passwords (Microsoft, 2015).
A security plan is a collection of policies, hardware, software, and protocols that are designed to secure a particular network with its specific needs. The security plan will involve the coordination of many different security functions on a computer network to implement an overall security plan. Policies are important to the security plan because if policies are weak this will weaken the plan.
Security plans and security policies work together in order to protect networks. For example, policies such as not allowing mobile devices in the work area reduce the risk of internal threats of people copying or introducing viruses or malware. The network security further enhances this type of policy by implementing challenges to entering the network from a remote device.
Protocols & Policies
There are a number of security protocols and policies which can be used to protect systems. One of the most popular and effective is the claims-based authentication protocol. Claims-based authentication is an authentication mechanism that allows users to enter networks from external or different computers by challenging the user for authentication. The claims made about the user may vary but often include having to provide information such as:
- username or user ID in remote system,
- full name of user,
- e-mail address,
- membership in security groups,
- phone number,
- color of eyes (Microsoft, 2015).
Claims-based authentication typically is a redirect from the login page and cookies are used to identify the user or their device. If the cookies are not present that identify the device then the user will be redirected to an authentication page where he or she must answer the claims (Kroenke, 2013). Once the claims have been answered the user is redirected back to the login for the network or application. This feature is often set up through a different service or computer although it can be on a different page. This type of security does have the disadvantage of reducing availability.
Kroenke, D. (2013). Experiencing MIS (4th Edition). New Jersey: Prentice Hall.
Microsoft. (2015, October 19). BranchCache Overview. Retrieved from Tech Net Microsoft: https://technet.microsoft.com/en-us/library/hh831696.aspx
Microsoft. (2015). Developing Network Security. Retrieved from Microsoft: https://technet.microsoft.com/en-us/library/cc960627.aspx