Network security and cybersecurity - EdexcelProtecting networks

A network can be protected from malware and cyberattacks by some methods of protection, while others help if the network has been attacked. These include:

• secure passwords
• acceptable use policy
• anti-malware
• recovery
• backups
• encryption

Secure passwords

The purpose of a password is to verify who a user is. Without knowing the password, you cannot use a user ID to sign into a network.

Unfortunately, many people have user IDs and passwords for many different situations so they do not easily remember them. They then choose simple, easy to remember passwords or use the same password for many situations.

Ideally, a secure password should be one that is not easy to guess, and that requires at least eight characters, including at least one uppercase letter, one number and one special character. This reduces the chances of someone easily working out what the password is. For example:

“c0Mput!ng” is harder to guess than “computing”

Acceptable use policy

An acceptable use policy defines how the users of a system must act. They can include:

• rules preventing the connection of external devices such as USB memory sticks, which may contain and transmit viruses
• regulations regarding secure passwords, for example using a number of letters, numbers and symbols
• rules to govern which websites can and cannot be visited
• methods to prevent any user wirelessly connecting an unsecured laptop, tablet or smartphone
• controls on what facilities can be accessed remotely (away from the organisation)

A network manager must attempt to prevent and thwart all types of threat. They need to be aware of new threats as they emerge and update their policies to reflect these changes.

Anti-malware

Anti-malware has three purposes:

• to detect malware that has been installed
• to prevent malware from being installed
• to remove malware from the system

Anti-malware includes anti-virus software, anti-phishing tools and anti-spyware software. It works by scanning through all the files on a computer and checking them against a list (known as definitions) of known malware.

The main problem with anti-malware is that it is reactive - it can only detect, prevent and remove known malware. When new malware is introduced, anti-malware has to be updated to take account of the new threats. The longer the gap before anti-malware is updated, the less protection it offers.

Recovery procedures

Disaster recovery procedures are defined to use in case of data loss. They tell staff what to do to recover the data. A disaster recovery procedure needs to anticipate natural disasters (flood, fire, etc) accidental loss (user error) and malicious attacks from both inside and outside the organisation. It should include backup procedures and how to restore from backup.

Backups

Backup software will backup files on a network server at regular set intervals. This can be backups to other hard disks (RAID) or, increasingly, servers on the internet (cloud backup).

RAID (Redundant Array of Inexpensive Disks)

When RAID is employed as a backup strategy, several exact copies of the data transactions (known as mirror images) are created on different disks. All data transactions are recorded on all copies simultaneously.

The mirror images are stored in secure and separate locations. If the system fails, there can be an instant switchover to one of the backup copies.

Cloud backup

Companies are increasingly using cloud services to backup data. Infrastructure as a Service (IaaS) companies provide online data storage for businesses. IaaS removes the need for organisations to have their own backups – they can simply download their data when required. Companies generally lease these services from providers of Infrastructure as a Service.