Network security is a daily and complicated struggle for most network administrators who strive to keep on top of the latest virus outbreaks, network intrusion attempts, software patches, and web and email scams. Comprehensive Network security today requires a layered approach so that internal network resources can be properly protected against all the different types of malicious content out there.
Properly designing and maintaining a network to guard against these attacks can be a challenge to even the most seasoned admin. Fortunately there are some excellent network security appliances that are now available for even the smallest organization so that complete protection can be attained at the network perimeter. Newer 'all in one' appliances combine all the necessary protections into one device which can simplify administration and even reduce costs. One thing that all these sophisticated systems are unable to fully address though are employee actions. Internal users are responsible for many of the security breaches that organizations encounter these days and the results can sometimes be quite damaging. Some of these breaches are intentional but many are the result of well meaning employees who are unaware of the results of their actions.
Intentional or not the results can be devastating to an organization and can result in both financial losses and damage to reputations. Many of these issues are a consequence of employees not knowing that their actions may result in serious violations to the company security policy. A common example is an employee that Emails Company documents to a home computer so that they can get extra work done at night. Though they may have meant well this action could result in sensitive data being leaked and many times a copy will be left on the personal computer. This action could also result in malware attaching itself to the file or document and once brought back into the organization could result in a companywide outbreak.
Many security breaches are also the result of social networking scams where users are tricked into giving out sensitive data such as passwords which allow hackers to gain access to resources. Perpetrators of social networking scams often try to gain as much information on a target as possible and with the rise in social network sites this information is often readily available. Four out of Five adults with Internet access use social networks sites such as: Facebook, Twitter and MySpace while at work. Along with purely recreational sites there are also business oriented social networking sites such as LinkedIn.com which allow professionals to keep in touch with colleagues and develop professional networks. The very high volumes of traffic that these sites generate make them attractive to advertisers but also to phishers, SPAM'ers and malware providers.
The recent high profile attacks on Twitter and Facebook caused some businesses to reconsider whether or not they should allow employees to visit these sites while at work due to the risk of malware infection. Products that offer content filtering tools will allow businesses to block purely recreational sites such as facebook and myspace which will help guard against problems on those sites, but blocking these sites will not completely protect companies against malicious attacks since many times they're disguised as something else.
Similarly, technologies that offer Intrusion Prevention, Denial of Service protection, HTTPS scanning and other security functions are a giant leap toward protecting networks but will not entirely secure your network if the attacks are coming from within. Even with the most sophisticated network security products in place organizations are at greater risk unless they educate their employees on proper Internet usage and how to recognize the signs of a possible issue. Since most internal breaches are accidental it leads one to question whether or not individual common sense security practices are as common as we thought. Either employees are not aware of threats and how to avoid them or they believe their actions will not cause a breach. Perhaps powerful network security products have lulled them into believing their networks are impenetrable, but this is not entirely true.
Take, for example, the case of US Banking institutions being subject to phishing attempts via snail mail. It doesn't matter how powerful the banks' firewalls are or how effective their IPS are, if an employee inserts the CD into the CD-ROM then the network is infected. Employees at all banks (and for that matter all institutions) should be educated about this type of threat. Now that even trusted sites are hosts to malicious content it is even more important for organizations to educate their employees on safe Internet usage practices. Regular training sessions that highlight best practices are one way that organizations can help educate their employees. Having employees read and be aware of the organizations security policies can also be effective in highlighting computer do's and don'ts. Reviewing and updating these policies on a regular basis will also help to ensure that as new threats arise that the organization is aware and protected.
While none of these measures alone will completely eliminate threats they can help mitigate security risks if combined with the proper security equipment and a watchful network administrator.
The original article/video can be found at Knowing is half the battle