Week 5 Network Security

Week 5 Network Security - Reading on Network Security What...

Info iconThis preview shows pages 1–2. Sign up to view the full content.

View Full Document Right Arrow Icon
Reading on Network Security What is security? Security has a wide range of meanings depending on the position of the stakeholder interested in  promoting it. To financial personnel, security not only includes ensuring only authorized personnel have access to data,  but also protection of equipment from theft.    To network administrators, it can mean all these things, in  addition to technologies used to ensure data is stored safely and is protected while in transmission.    To  average users it might refer to the ability to restore data that is inadvertently lost of destroyed, or the need  to remember a long list of passwords that change regularly. The heart of establishing security is developing a security policy that encompasses these concerns and  all of the security interest of the firm as they relate to equipment, data, and software. Security Policy and Organization Companies also develop policies regarding security.   This involves assessing the tradeoff between the  level of security and the cost of implementing it.   Tight security controls, while more effective in promoting  security, also have a significant cost in terms of inconvenience, loss of efficiency to users, human labor  involved in setting up, monitoring and maintaining such security, and auditing, reviewing and updating  security processes.   Typically, the level of security needed is determined by looking at the costs of  security breaches as well as their likelihood of happening. Security policies can vary in their restrictiveness.   A highly restrictive policy is necessary when the  benefits of security outweigh the costs.  For example, companies that are custodians of large volumes of  personal data such as social and credit card numbers face huge possible legal penalties if they allow  unauthorized access to such data, making the benefits of a highly restrictive policy outweigh its costs. At the other end of the spectrum, companies may also adopt a light security policy which has few  passwords, monitoring of auditing.  The goal of this policy is to maximize use of network resources by  end-users.   However, such policies tend to be adopted only in small companies with few resources, or  when equipment is inexpensive or there are few consequences if lost or compromised.   Typically open  security policies are applied to networks which do not have an internet connection, as access to the  Internet causes a dramatic increase in the potential for security breaches. Most companies adopt a moderately restrictive policy that is somewhere between the highly restrictive 
Background image of page 1

Info iconThis preview has intentionally blurred sections. Sign up to view the full version.

View Full DocumentRight Arrow Icon
Image of page 2
This is the end of the preview. Sign up to access the rest of the document.

This note was uploaded on 07/27/2009 for the course BIS 311 taught by Professor Marshburn during the Fall '08 term at DeVry Cincinnati.

Page1 / 6

Week 5 Network Security - Reading on Network Security What...

This preview shows document pages 1 - 2. Sign up to view the full document.

View Full Document Right Arrow Icon
Ask a homework question - tutors are online