Network Security and Risk Management Research Assignment (Essay Sample)

Network Security and Risk Management
Name
Institutional Affiliation
Date
The way toward ensuring the recovery of documents and bearings in a PC arrange against activities identified with hacking, abuse and unapproved changes to the framework is alluded to as system security. A decent case of systems administration security framework is the antivirus framework. It comprises of the approaches and practices completed to cripple to get to organize assets. System executive controls the openness of system information. System security grasps diverse PC arranges that are open and private. Private are the ones inside an organization and open will be interested in permit community. The most loved and clearest method for counteracting availability of system assets are giving the one of a kind name and a relating secret key.
Security policies contain a set of regulations that users and administrators and necessities for a system to ensure the security of network and computer system of a company. The wellbeing of network servers has three main functions that are namely; inform users, specify mechanisms for protection and to provide a baseline. The network security policies are as follows extranet policy, minimum requirement for network access policy, network access standards, router security policy and server security policy.
Extranet system defines how the third parties in an organization are allowed to connect to the organizational network when a business requires to be linked. This strategy enhances that the link between the third sides of a groups are safe. It is commonly used to link the external organization which connects to organizational resources or information that is not publically allowed to access for example the public web servers. This strategy does not include links from the company’s telephone and internet service providers (ISPs) which provides communication access to an organization. This policy applies to the cases of using a Virtual private
network(VPN), integrated service digital network(ISDN), frame relay, telephone and another method of connection.
The approved and recommended computer security staff must assess the external links and finally approved by the chief information security officer. In instances of alteration of the external connection, it must be rationalized and assessed by the suitable computer security specialist and lastly accepted satisfactory by the chief information security officer. The extranet strategy will also result into some detriment which are; transfer of enormous information will be enhanced by the use of Electronic Data Interchange(EDI). Also, providing of services by one company to other companies will be enhanced. For example, the online application for banking managed by one business on behalf of affiliated banks. Also, the extranet policy will decrease the percentage of error in the instances where it is used to allow specific groups to access to internal requisition.
Attainable necessity for network access rule is also a network security policy. The system states the requirements and specification as the policy indicates any requirements for any device that needs a link to the internal network. The process can illustrate the particular rule that must be sorted so that one can access the system. It is used by all gadgets that links them to the primary network. The gadgets that do not meeting the minimum requirements are obstructed or disengaged from the leading network.
The minimum requirements for network access have the following benefits. The availability of converted computation in the components that safeguards them against unwarranted monitoring of password. Strong encryption is recommended to be used while conveying password over a network. The strategy enhances timely updating of the security portions. The devices that are networked will enhance run of versions operating system and application software hence allowing the security of portions availability. The policy also refines safeguarding of linked gadgets from dangerous devices. Examples of gangrenous devices are viruses’, spyware and other types of malware. Presence of appropriate operating software will detect viruses running in a network. The policy also does not give access to unauthorized internet-based resources through the use of authenticated network proxy servers. An attacker may execute a dangerous program by use of user account to retrieve licensed resources.
The network access standards policy primary purpose is to state the requirements for joining computers servers and other devices to the primary computer network. The regulations are designed to reduce the capable exposure that may be caused by computers and servers that are not configured or properly maintained. The standards also make sure that the devices on the network are not carrying out actions that can adversely affect the functioning of the net.
The damages from the above situation may include loss of vital and confidential information, network services interferences, and costs of internal systems. This policy also provides resolutions for preventing end stations that do not possess antivirus from accessing the network. It also enhances network operators to state policy to areas of a system. It also illustrates and safeguard the access to policies.
Router/switch security policy is essential to ensure that the internal organization network is secure and functioning as per how it is supposed to since the routers are the crucial and necessary component of the computer. It describes the minimal configuration requirements for the routers or switches available in the organization network. The configuration recommendations meeting the security, change management requirements and functioning necessitate are also defined.
The router security policy is structured to take care of equipment and information of the institution and its partners in possession of by describing the minimum configuration standards for all routers and switches joining them to the organization network. This policy states the preferred minimum security configuration for all routers and switches joining its production network or used in a production capacity on behalf of the company.
Security server policy which is a vital element of organization security since most information are kept in the serves hence the servers will be tampered with if they are not correctly configured, update or monitored. Networking devices should be installed with security polices to ensure that organizational information is not compromised. Administrators should be in charge of the networking equipment since they have technical know-how of the servers' security. The administrators should also be in a position to perform administrative duties and make decisions relating to the server.
The importance of the server security policy is to avail common and minimum requirements for configuring and controlling the servers and network equipment. This strategy will enhance locating of files and dealing with the data also. This is resulted by server accepting access request then processing them against a form of statements that defines how the networking resources are to be distributed among the policies and then get back the responses to access control.
There are various techniques used managing network risks. This technique helps in protecting the usability and integrity of data and network.it includes both hardware and software. The security management of a security is a distributed function. Security management faces the same threats as other applications. Different applications can be used to make network security management be successful, they include electronic commerce, intrusion detection, access control application, firewalls database and Email. Security management requires presence of a technician at all the devices entitled to secure a system. This is to ensure close monitoring of all the events. This evaluation should be accompanied by correlation and management of system events. This is important since some attacks can only be detected when computer correlated tools are used.
Defining a security policy is crucial in security management. A well-defined policy should be stable even in dynamically changing network and should be easy to get right. A policy in the security management should be defined as statement with the desired security properties and whose compliance can be checked by configuring the network. Policy-based approach is adopted by most of the existing tools in network management. In this case administrators agree on a policy that is globally applied and...