Scribd Logo
Upload

Welcome to Scribd!

  • Network Security Policy

    Uploaded by

    Hani
    13 views3 pages

    Copyright

    © © All Rights Reserved

    Available Formats

    PDF, TXT or read online from Scribd

    Did you find this document useful?

    Is this content inappropriate?

    Report this Document

    Copyright:

    © All Rights Reserved
    Download as PDF, TXT or read online from Scribd
    Flag for inappropriate content
    13 views3 pages

    Network Security Policy

    Uploaded by

    Hani

    Copyright:

    © All Rights Reserved
    Download as PDF, TXT or read online from Scribd
    Flag for inappropriate content
    of 3

    Network Security Policy

    Network security is critical because it prevents cybercriminals from gaining access to


    valuable data and sensitive information. When hackers get hold of such data, they can
    cause a variety of problems, including identity theft, stolen assets and reputational
    harm.

    The following are four of the most important reasons why protecting networks and the
    data they hold is important:

    1. Operational risks. An organization without adequate network security


    risks disruption of its operations. Businesses and personal networks depend
    on devices and software that cannot operate effectively when compromised
    by viruses, malware and cyber attacks. Business also rely on networks for
    most internal and external communication.

    2. Financial risks for compromised personally identifiable information


    (PII). Data breaches can be expensive for both individuals and businesses.
    Organizations that handle PII, such as Social Security numbers and
    passwords, are required to keep it safe. Exposure can cost the victims
    money in fines, restitution and repairing compromised devices.

    3. Financial risk for compromised intellectual property. Organizations can


    also have their own intellectual property stolen, which is costly. The loss of
    a company's ideas, inventions and products can lead to loss of business and
    competitive advantages.

    4. Regulatory issues. Many governments require businesses to comply with


    data security regulations that cover aspects of network security. For
    example, medical organizations in the United States are required to comply
    with the regulations of the Health Insurance Portability and Accountability
    Act (HIPAA), and organizations in the European Union that deal with
    1
    citizens' data must follow the General Data Protection Regulation (GDPR).
    Violations of these regulations can lead to fines, bans and possible jail time.

    Network security is so important that several organizations focus on instituting and


    sharing strategies on how to adapt to modern threats. Mitre ATT&CK, the National
    Institute of Standards and Technology and the Center for Internet Security provide
    free, nonproprietary security frameworks and knowledge bases to share cyber threat
    information and help businesses and other organizations evaluate their network
    security methods.

    How does network security work?


    Network security is enforced using a combination of hardware and software
    tools. The primary goal of network security is to prevent unauthorized access
    into or between parts of a network.

    A security official or team determines strategies and policies that keep an


    organization's network safe and help it comply with security standards and
    regulations. Everyone on the network must abide by these security policies. Every
    point in the network where an authorized user could access data is also a point where
    data can be compromised, either by a malicious actor or through user carelessness or
    mistakes.

    Types of network security software and tools


    The choice of security policies and tools varies from network to network and
    changes over time. Strong security often involves using multiple approaches,
    known as layered security or defense in depth to give organizations as many
    security controls as possible. The following are some commonly used types of
    network security tools and software:

    • Access control. This method limits access to network applications


    and systems to a specific group of users and devices. These
    systems deny access to users and devices not already sanctioned.

    2
    • Antivirus and antimalware. Antivirus and antimalware are software
    designed to detect, remove or prevent viruses and malware, such as
    Trojan horses, ransomware and spyware, from infecting a computer
    and, consequently, a network.

    • Application security. It is crucial to monitor and protect applications


    that organizations use to run their businesses. This is true whether
    an organization creates that application or buys it, as modern
    malware threats often target open source code and containers that
    organizations use to build software and applications.

    • Behavioral analytics. This method analyzes network behavior and


    automatically detects and alerts organizations to abnormal activities.

    • Cloud security. Cloud providers often sell add-on cloud


    security tools that provide security capabilities in their cloud. The
    cloud provider manages the security of its overall infrastructure and
    offers tools for the user to protect their instances within the overall
    cloud infrastructure. For example, Amazon Web Services provides
    security groups that control the incoming and outgoing traffic
    associated with an application or resource.

    You might also like