Problems of computer securities are increasingly becoming concerns to business organizations and computer security experts. Intruding in the database of different organizations is becoming widespread in the business cycles, and despite the sophisticated network securities that many organizations have installed for the securities of their computer warehouses, hackers are increasingly devising more sophisticated methods of intruding into computer databases of many business organizations, individual and governments. While computer hackers have devised methods of stealing sensitive information from databases of many business organizations, many organizations, especially small businesses have not yet realized the importance of providing adequate security measures on their computer warehouses. Many businesses are still finding it difficult of maintaining their network securities due to the technicality involved, and some organizations cannot maintain their network securities measures due to the costs of maintenances.
Scholars have provided several papers on network securities measures for the protection of organizational databases; this paper extends the lines of previous researches by examining the primary areas of Network Security.
The rest of the paper is organized as follows:
First, the paper discusses the opportunities the business organizations, individuals, governments derive from Network Security measures.
Moreover, research provides the problems associated with implementing issues of Network Security.
In addition, the paper provides possible solutions to the problems resulting from Network Security.
The author also examines trends and formulates a position of network security.
The paper enhances the knowledge of scholars, governments, and business organizations on the benefits of Network Security for data protection.
An increase in the deployment of network technology coupled with explosive growth of the internet for personal and business uses has led to rapid advancement in Information Technology. With advantages business organizations are deriving from network systems, many businesses are increasing their dependencies on network systems for their daily businesses, database information retrievals, and data processing. Despite the advantages computer networking is providing businesses, the openness that network creates has increased computer vulnerability, and is serving as a major threat to network security. Cases of hacking on the network systems of many organizations are at alarming rates; hackers are intercepting, manipulating, and illicitly collecting sensitive information. (Spinellis, Kokolakis, Gritzalis 1999, Sirisukha, 2003).
Vast network technologies have opened the doors for security threats inflicted on many organizations. Typically, both wired and wireless networks technology are inherent to risk attacks, and the activities of network intruders may even prevent an authorized user from having network access. The security threats that many organizations are facing through network interceptions have led many businesses, and governments to initiate policies of designing and implementing network security measures for the protection of their database. While most companies install some network security measures, the sophistication required of these network programs has increased alarmingly. (Sirisukha, 2003, Karigiannis,Owens, 2002).
This paper discusses the opportunities and threats of network securities to business organizations. The paper also provides the solutions to network security threats.
Network Security and its opportunities
With the increase in network attacks on several businesses, many organizations have realized the importance of Network Security for the protection of sensitive data in their database systems and intellectual properties. Network security is the policy of designing and implementing protection devices against unauthorized access to sensitive data. The critical importance of network security has made many organizations move their systems from application of large mainframes to Local Area Networks (LAN), since LAN has the ability to ensure limited access to information especially from different locations. (Forcht, Tsai, 1994, Staling, (2008),
Thus, this section describes four basic opportunities the users can derive from installing Network Securities.
Authentication: An authentication is an effective tool that does not give access to the network communication station that cannot provide proper authentication. The Institute of Electrical and Electronics Engineers (IEEE) 802.11 provides the authentication process whereby the users validate an attempt to gain access to the network. The basis of authentication is the cryptography system, and the main advantage of the authentication process is to safeguard unauthorized access to data from network intruders. (Karigiannis, Owens 2002).
Confidentiality: Confidentiality is important for the protection of information from unauthorized access, and the unauthorized access to data can erode the confidentiality of personal information, especially when an intruder breaks into the username and password and illicitly collect the users’ personal information without the owners’ knowledge (Cervone, 2005, Morgan, 2006). However, to protect users from unauthorized access, IEEE 802.11 provides a 40-bit cryptography system for data protection, and Wire Local Area Network (WLAN) offers protection of traffic through Transmission Control Protocol/Internet Protocol (TCP/IP), Internet Packet Exchange (IPX), and HyperText Transfer Protocol (HTTP). (Karigiannis, Owens 2002, Staling, 2008). These strategies enhance network securities and ensure the confidentiality of information against network intruders.
Integrity: Network security also provides data integrity. Integrity is very important for the protection of information against unauthorized alteration. Many organizations now conduct all their businesses online. For example, amazon.com conducts its business online and the company does not have a physical location. If amazon.com does not provide adequate network security for its database, data perpetrators or competitors may deliberately invade the network of amazon.com, and alter its financial records, and its database and this organization may incur a financial loss. The specifications provided by IEEE 802.11 helps data integrity between wireless client and access point, and the measure is to provide adequate security against modification of message in transit. ((Cervone, 2005, Englander, 2003). Karigiannis,Owens, 2002).
Availability: Business organizations need network security to provide availability of information, and availability is essential to ensure that users can have access to information anytime. Typically, the hackers may disrupt information by inflicting denial-of-service (DoS) attacks, which may render information unavailable. The network hackers may render information unavailable for unauthorized users by sending flood of networks to target machines, thereby overloading the computer machines. Thus, individuals and organizations derive several opportunities by installing network security to protect themselves from all these network attacks. (Cervone, 2005).
Despite the potential opportunities that network security provides for securing data authentication, integrity, confidentiality, and availability, there are still activities that lead to problems with network security. The author discusses some of these problems in the next section.
Problems associated with implementing Network Security
This section discusses some of the loopholes associated with network security. Despite the implementation of network securities by many organizations, there is still an increase in the malicious network attacks. Several problems have still arisen from installing network security despite various measures that some individuals and organizations are taking to protect the computer from network invaders. The attacks may be passive that ranging from eavesdropping to analysis of user’s network or active attacks that range from masquerading to denial of service (DoS). Network problems from eavesdropping arise when an individual listens to the network transmission in order to get hold of message contents. In addition, a person can also use intelligent methods of analyzing the network transmission to gain access to considerable information from the network transmission. The active attack may also involve masquerading where network invaders impersonate the authorized users to gain access. (Karigiannis,Owens, 2002).
Presently, several software packages are now available that can sniff the network of a user, and maliciously gather all the information through wireless network radio transmission and present the information in a meaningful manner in a plain text. (Morgan, 2006, Cervone, 2005). To reach global markets, most organizations now engage in electronic commerce where they accept credit cards as methods of payments, and if the business organizations do not provide adequate protection when there are exchanges of data, large amounts of data can end in the hand of network intruders. For example, network hackers broke online store of AT&T in 2007, and collected 19,000 credit card data. (Spinellis, Kokolakis, Gritzalis, 1999, Internet Retailer, 2009). In addition, the hackers broke into the database of creditcard.com and stole more than 55,000 credit card numbers. The hackers posted these credit card numbers online when creditcard.com refused to pay the money the hackers demanded. (The Berkeley Daily Planet, 2000).
Thus, the network problems have impaired the confidentiality, integrity and availability of data. Although, network security offers protection against various virus attacks such as worms, and Trojan horses, however network invaders have devised several tactics by sending malicious attachments to the users’ emails to break into the networks of the users through the backdoors. Typically, viruses can erode data integrity if permitted into the user’s network, and sometimes, viruses or Trojan horses can insert security holes, delete the hard disk, and cause damages to the information stored in the computer.. (Spinellis, Kokolakis, Gritzalis, 1999).
The network security problems lead the author to provide possible solutions for the enhancement of network security.
Possible solutions to the problems resulting from Network Security
Numerous scholars have offered solutions to network security problems.
Cha (2000) argues that Firewalls are the best solutions to network security problems. Firewalls are effective software that separate private networks from public networks. Typically, most network problems might arise when some people send load of networks to the network of users to disrupt functioning of their network. Thus, the techniques used to protect these problems are to make use of firewalls to separate trusted networks from non-trusted networks. The firewalls software also monitors detect and thwart external attacks that may come from external invaders. Many organizations have installed firewalls to deter unauthorized networks in their domains; however, organizations must ensure proper care when using firewalls as protective devices. Evidence has revealed that some unscrupulous individuals may use back doors to gain access to corporate networks. Sometimes, these individuals may send malicious email attachments to users and these may aid non-authorized persons to gain access to networks without the knowledge of users.
Curtin (1997) also provides solutions that may arise from network security problems. According to author, the use of Virtual Private Networks (VPNs) is advantageous for network security because VPNs provide connectivity between main office and satellite without showing their network to the world. Typically, many network problems arise when organizations subscribe to network service from public service providers. The network service providers connect several users for accessibility, and this may give rise-unauthorized access to network. Thus, encrypted VPNs have provided solutions to this problem, and are economically in nature. The danger to this solution is that some people might gain access through internet connectivity.
The best solution to network security problems is for an organization or individual to change user Id and passwords every two weeks and they should always create backup for all information on file.
Moreover, business organizations must ensure that they frequently update their network securities policies with the latest network securities software. Organizations should refrain from using outdated network security software.
Finally, all organizations and private individuals should install antivirus on their computers to scan emails and attachments. However, care must be taken in choosing an antivirus package. Norton Antivirus and PDA packages provide effective measures against viruses, worms, and Trojan horses.
Formulation of position and Trends in network security
Network security has become major policy issue in many organizations. With many attacks on financial institutions and universities, security on the network has come to stay and will become a major agenda in a policy of many corporations and governments in general. In the ’60s to the ’80s, network security was not a major issue, however, with Internet business on the increase, it has become much more important. The criteria given to Network Security by many organizations for the protection of sensitive data will increase in future.
While Network security is very important for all individuals and organizations for the protection of sensitive information, perception of network security for the protection of data by each organization is different. No matter the level of perception of network security, organizations and individual still require adequate security measures for their computer networks to avoid unauthorized intruding into their computer systems. This paper provides the opportunities, and problems of network security measures to the business organizations. The paper also provides solutions to the network security problems.
However, there is still a need for further research on network security measures that arise from the internal structure of an organization, since evidence reveals that some internal staff may collude with external intruders to pose security threats to many organizations.
- Cha,S, (2000), E-Commerce Security Technologies: Fire Wall, Network Security Library Firewalls & VPN’s.
- Curtin, M (1997), Introduction to Network Security, Kent Information Services, Inc.
- Cervone, F, (2005), Understand the Big Picture So You Can Plan for Network Security You Can Plan for NETWORK SECURITY, Computers in Libraries, 25 (3) pp 10-15.
- Forcht, K, I, Tsai, Y, A, (1994), Security and Network Management: Changes in the Way We Work, Information Management & Computer Security, 2, (4) pp. 35-41.
- Internet Retailer,(2009).
- Englander, Irv, (Ed) (2003), The Architecture of Computer Hardware & Systems Software: An Information Technology Approach, UK, Wiley,
- Karigiannis, T, Owens, L, (2002), Wireless Network Security 802.11, Bluetooth and Handheld Devices, National Institute of Standards and Technology, Special Publication 800-48.
- Morgan, B (2006), Wireless Cracking Tools, Network Security Library: Wireless Security.
- Sirisukha, S, (2003), The Advantages of A Virtual Private Network For Computer
- Security, School of Information Technology Auckland University of Technology.
- Spinellis, D, Kokolakis, S, Gritzalis, S, (1999), Security requirements, risks and recommendations for small enterprise and home-office environments, Information Management & Computer Security, 7, pp 121-128.
- Staling, William (Ed), (2008), Business Data Communication, UK, Prentice Hall.
- The Berkeley Daily Planet, (2000), Hacker infiltrates creditcards.com, The Associated Press, 2000.