Difference between Intranet & Internet • Typically, an intranet includes connections through one or more gateway computers to the outside Internet. • The internet is the one on which you can access anything and that is what an individual uses at home or on his/her mobile, while Intranet is inter connected network in a company or an organization.
Dr. Smita Ghoshal
Dr. Smita Ghoshal Dr. Smita Ghoshal Internet/Intranet Security Issues and Solutions • Even though the intranet is a closed, private network, it is still susceptible to external threats from hackers or malicious software including worms, viruses, and malware
Dr. Smita Ghoshal
Network Security Threats • It’s best to use a firewall to mitigate against external threats. In simple terms, a firewall is a protective barrier between the intranet and the internet. It is a software program or a hardware device that filters the information coming through to the intranet from the internet. • Firewalls may decide to allow or block network traffic between devices based on the rules that are pre-configured or set by the firewall administrator.
Dr. Smita Ghoshal
Security Breaches • From time to time, the intranet may encounter suspicious traffic such as spam, phishing, spyware or malware. – Spam: irrelevant or unsolicited messages sent over the Internet, typically to a large number of users, for the purposes of advertising, phishing, spreading malware, etc. – Phishing: the fraudulent practice of sending emails purporting to be from reputable companies in order to induce individuals to reveal personal information, such as passwords and credit card numbers.
Dr. Smita Ghoshal
– Spyware: software that of malicious types of enables a user to obtain software, including covert information about adware, spyware, viruses, another's computer Trojans and more. activities by transmitting data covertly from their hard drive
– Malware: Malware is a blanket term that is used to describe a number
Dr. Smita Ghoshal
Virus • Most organizations understand they need to have anti-virus software installed. However, the threat from viruses is constantly changing, and so it is vital that you regularly update the software with the latest versions. • A computer virus is a type of malware that, when executed, replicates itself by modifying other computer programs and inserting its own code.
Dr. Smita Ghoshal
Intranet Security: Internal Threats • Weak Passwords – Too often users have weak passwords, share them with colleagues, never change them and sometimes they even write them down or tape them to their PCs! • Access Control – Access to information can be secured on the intranet via a series of file permissions and page permissions. These permissions can be set by a job title, team function, geographic location – whatever is appropriate for that data.
Dr. Smita Ghoshal
• Encryption – Encryption is the process of converting data to an unrecognizable or “encrypted” form. It is commonly used to protect sensitive information so that only authorized parties can view it. – Secure Socket Layer (SSL) is the standard encryption security technology used by millions of companies around the world, particularly for online shopping.
Dr. Smita Ghoshal
3 reasons why encryption matters • Internet privacy concerns are real Encryption helps protect privacy by turning personal information into “for your eyes only” messages intended only for the parties that need them — and no one else. You should make sure that your emails are being sent over an encrypted connection, or that you are encrypting each message. • Hacking is big business Hackers aren’t just bored kids in a basement anymore. They’re big business, and in some cases, they’re multinational outfits. Large- scale data breaches that you may have heard about in the news demonstrate that people are out to steal personal information to fill their pockets. • Regulations demand it Ecommerce providers are required to implement security features that protect consumers’ sensitive information to be protected.
Dr. Smita Ghoshal
• Remote Access – Increasingly intranets are being accessed outside of the standard office environment by employees either working on the road or working from home. Often workers are doing so using their own personal smartphones, devices or tablets. Special steps are required to ensure security is maintained with remote access.
Dr. Smita Ghoshal
Intruder Detection • In information security, intruder detection is the process of detecting intruders behind attacks as unique persons. This technique tries to identify the person behind an attack by analyzing their computational behaviour. This concept is sometimes confused with Intrusion Detection (also known as IDS) techniques which are the art of detecting intruder actions. Dr. Smita Ghoshal Dr. Smita Ghoshal Enterprise Networking • Enterprise network architecture refers to the specific setup and layout of enterprise networks. • This type of system provides vital support for a business, from VoIP and telecommunications systems to data storage, data analysis, etc. • All of these are served by a good enterprise network architecture. • An enterprise network is also known as a corporate network. Dr. Smita Ghoshal Dr. Smita Ghoshal Antivirus • Antivirus software is a program or set of programs that are designed to prevent, search for, detect, and remove software viruses, and other malicious software like worms, trojans, adware, and more. • Some examples of anti-virus software are McAfee, Norton, and Kapersky