P2 - Describe How Networked Systems Can Be Protected

Emails are a very good method of communication; they do however have the potential to be harmful to a network. 

Spam Guard
Spam is one of the most common email security risks. Spam involves identical emails being sent to hundreds of thousands of people in the hope that a small percentage of the recipients will open them and be interested in them. The majority of spam emails are sent to advertise a product or service; however some of these emails may contain viruses or links to phishing websites. Roughly 130 billion spam emails are sent every day, this is why it is vital that you protect your organisation against it. In addition to wasting people’s time with unwanted email, spam also uses up a lot of network bandwidth slowing the whole network down. Spammers collect email addresses from chat rooms, websites, customer lists, newsgroups, and viruses which harvest users' address books, and are sold to other spammers. Sending the emails costs the spammer nothing, so even if only one person looks at the email and buys their product they are making money. Spam guards are usually already installed on the server, for example if you use an email application such as 'Gmail' or 'Hotmail' they will already have a spam guard installed. The user configures the spam guard by marking emails as spam, every time a user does this the spam guard will update itself so the next time they receive a similar email it will automatically go into the spam folder.

Hoaxing
Hoaxing is another possible risk regarding email. Hoaxing is the act of sending fake emails to a number of recipients in an attempt to phish them. For example an attacker would send an email to somebody claiming to be their bank, asking for their personal account details. The attacker would make the email appear to be from the recipient’s bank by changing the email address; this is usually done either on a website or using specialist software. The user will look at the email address and trust the information within the email. Usually the Spam Guard will remove most hoax emails, but some emails may still get through. This is why it is a good idea to configure your organisations email server to use a MIME protocol; this is a secure email protocol that checks the identity of the sender, therefore removing any hoax threats.

Secure MIME
As mentioned above, secure multi-purpose Internet mail extension is a widely used method of securing emails. This protocol will encrypt all incoming and outgoing emails which is vitally important for any organisation that may be exchanging sensitive information. 

WEP & WPA
WEP is short for wired equipment privacy; it is a method of encrypting data over IEEE 802.11 wireless networks. WEP is designed to provide the same level of security as wired LAN networks. Wireless networks are broadcast using radio waves meaning they are more vulnerable to tampering. WEP is a very weak method of encryption so data can be intercepted quite easily. WPA stands for Wi-Fi protected access, it is another method used to secure wireless networks. WPA was designed to work with existing Wi-Fi products already configured with WEP and improve upon WEPs security features. 

MAC Association
MAC association is another method of securing a network; you set up MAC association by providing the DHCP server with a list of all of the computers MAC addresses you want to be able to access the network. This means only the computers with one of the given MAC addresses will be able to access the network. You cannot change your computers MAC address meaning it would be very difficult for an attacker to access your network.

Wireless Access Point ID
Securing your wireless access point is vital; if you don't secure it somebody may be able to access any incoming and outgoing data. One simple way that you can make it more secure is by changing the SSID (Router Name). This is because if you leave your SSID as "BTHomeHub352" the attacker will know you have a BT homehub; they can then try a list of common default passwords and may be able gain access to your network. Another very good method of securing your access point is hiding it; this means when somebody searches for Wi-Fi, your router will not appear on that list making it very secure.

Shielded Cable
Using shielded cable can provide more security, this is because when using an unshielded cable, an attacker would be able to place a tapping device on the cable and gain access to any data flowing through that cable. A shielded cable will provide an extra layer of protection meaning the attacker would not be able to listen in.

Personal Access Control
There are many methods of access control, these are:
  • Something you know - Such as passwords, PIN numbers etc. This is the most common type of access control although it certainly isn’t the most secure. Anybody can potentially guess a password using specialist software.
  • Something you have - Such as an ID card. This is a secure method as you will need the card to gain access; although the card can also be lost meaning anybody could gain access.
  • Something you are - Such as fingerprints. For example if you had to provide a fingerprint to gain access to the server room it would be extremely secure because only authorised people would be able to.
Encryption
Encryption is the most effective way to secure data. Encryption is basically converting the data into an unreadable format; you will then need a secret key or password in order to decrypt it. When sending data, it will be encrypted before it is sent and then decrypted when it is received by the other user. 

Popular posts from this blog

P3 - Explain what an organisation can do to minimise security breaches in networked systems

D2 - Compare the security benefits of different cryptography techniques.

M3 - Report on the similarities and differences between securing wireless and wired networked systems.