Network security. Cyber security. Endpoint security. These different, often overlapping arms of IT security can get confusing. As hackers get smarter, it’s increasingly important to know what each does and how to implement them into your own network.
In the wake of the highly-connected Internet of Things (IoT) and the rise of the cloud, we’re facing increased vulnerabilities to our networks—networks that are less monolithic, legacy architectures and more distributed, microservice-based networks. With large-scale data breaches making headlines, whether you’re a small startup or an enterprise organization, security should be a top priority.
The IT Security Chain
The more links in your network’s chain – databases, cloud-based servers, APIs, and mobile applications – the more potential vulnerabilities you face.
Why are there so many types of IT security? The more links in a network’s chain, the more opportunities for hackers to find their way in. Each component requires its own subsequent security measures—with many of them overlapping and working in tandem, much like the actual components of a network do.
It’s also important to note that with security, there’s no one-size-fits-all approach沙巴体育足球开户. Every network is different and requires skilled professionals to create tailored plans across all fronts: apps, databases, network devices, cloud servers, IT infrastructures, and the often weakest link in the security chain: users. These security plans are living, breathing things that need to be updated, upgraded, and patched on a constant basis, too.
Let’s start broad and work our way into narrower fields of security.
Information Security, IT Security, and Information Assurance
Information security and information technology (IT) security sound similar, and are often used interchangeably, but they’re slightly different fields. When we’re talking about information security (or infosec), we’re actually referring to protecting our data—whether that’s physical or digital. IT security is a bit more specific in that it’s only referring to digital information security.
IT security pretty much covers all of the types of security within a network, from components like databases and cloud servers to applications and the users remotely accessing the network. They all fall under the IT security umbrella.
Within this is another term to know: information assurance. This means that any important data won’t be lost or stolen in the event of an attack or a disaster—whether that’s a tornado wiping out a server center or hackers breaking into a database. It’s commonly addressed with things like backups and offsite backup databases and rests on three main pillars: confidentiality, integrity, and availability (CIA沙巴体育足球开户). These philosophies carry over into every other aspect of security, whether it’s application security or wireless security.
IT security experts (also, system administrators and network admins, which we’ll talk about next) are one of the most important team members you can hire. They’re responsible for the safety and security of all of a company’s hardware, software, and assets, and regularly audit back-end systems to ensure they’re airtight. Through security analysis, they can identify potential security problems and create “protect, detect, and react” security plans.
Network Security: The Best Defenses
Network security is anything you do to protect your network, both hardware and software. Network administrators (or system administrators) are responsible for making sure the usability, reliability, and integrity of your network remains intact. A hacker is capable of getting into a network and blocking your access, for example by holding a system hostage for a bitcoin ransom. You need an excellent defense in place to ensure you’re protected.
沙巴体育足球开户Detecting weaknesses in a network can be achieved through:
- Security engineering: the practice of protecting against these threats by building networks to be safe, dependable, and secure against malicious attacks. Security engineers design systems from the ground up, protecting the right things in the right ways. If a software engineer’s goal is to ensure things do happen (click here, and this happens), a security engineer’s goal is to ensure things don’t happen by designing, implementing, and testing complete and secure systems.
As a part of security engineering, there are proactive measures to predict where vulnerabilities might lie and reinforce them before they’re hacked:
- Vulnerability assessment: Engineers identify the worst case scenarios and set up proactive plans. With security analysis software, vulnerabilities in a computer, network, or communications infrastructure are identified and addressed.
- Penetration testing: This entails deliberately probing a network or system for weaknesses.
- Network intrusion detection systems (NIDS): This type of software monitors a system for suspicious or malicious activity.
沙巴体育足球开户Network admins are able to target threats (whether through suspicious activity or large queries to a database), then halt those attacks, whether they’re passive (port scanning) or active, like:
- Zero-day attacks, also called zero-hour attacks—attacks on software vulnerabilities that often occur before the software vendor is aware of it and can offer a patch. Or, hackers will initiate attacks on the software vulnerability the day that it’s made public there’s an issue, before users can install patches (hence the name “zero day”)
- Denial of service attacks
- Data interception and theft
- Identity theft
- SQL injection
Other methods of protecting networks include:
- IT Security frameworks: These act like blueprints for a company to set up processes and policies for managing security in an enterprise setting. Which a company uses can depend on the industry and compliance requirements. COBIT is popular among larger, publicly traded companies, ISO 27000 Series is a broad set of standards that can be applied to a number of industries, and NIST’s SP 800 Series is used in government industries, but can be applied elsewhere.
- Password “salt and peppering”: Adding a salt, or random data, to a password makes common passwords less common. A pepper is also a random value attached to the password, which is helpful in slowing hackers down.
- Authorization, authentication, and two-factor authentication (sometimes sent via SMS, although this can prove vulnerable as well)
- Virtual Private Networks (VPNs)
- Application whitelisting, which prevents unauthorized apps from running on a computer
- Firewalls: Block unauthorized access to a network or data interceptions
- Honeypots: These are like decoy databases that attract hackers but don’t house any important information.
- Anti-virus software
- Encryption—decoding data, in transit or at rest, including end-to-end encryption often used in messaging apps and platforms that only allows encrypted messages to be read by sender and receiver
Within network security is also content security沙巴体育足球开户, which involves strategies to protect sensitive information on the network to avoid legal or confidentiality concerns, or to keep it from being stolen or reproduced illegally. Content security largely depends on what information your business deals in.
Endpoint Security: Securing the Weakest Link
It’s said that users are often the weakest link in the security chain, whether it’s because they’re not properly educated about phishing campaigns, mistakenly give credentials to unauthorized users, download malware (malicious software), or use weak passwords. That’s why endpoint security is so crucial—it protects you from the outside in.
Endpoint security technology is all about securing the data at the place where it both enters and leaves the network. It’s a device-level approach to network protection that requires any device remotely accessing a corporate network to be authorized, or it will be blocked from accessing the network. Whether it’s a smartphone, PC, a wireless point-of-sale, or a laptop, every device accessing the network is a potential entry point for an outside threat. Endpoint security sets policies to prevent attacks, and endpoint security software enforces these policies.
If you’ve ever accessed a network through a virtual private network (VPN), you’ve seen endpoint security in action. Malware is one of the core threats addressed by endpoint security, including remote access trojans (RATs), which can hack into a laptop and allow hackers to watch you through your webcam.
Internet Security: Guarding Against Cyber Crimes
The internet itself is considered an unsecured network—a scary truth when we realize it’s essentially the backbone for how we give and receive information. That’s where internet security (or cyber security) comes in, and it’s a term that can get pretty broad, as well. This branch of security is technically a part of computer security that deals specifically with the way information is sent and received in browsers. It’s also related to network security and how networks interact with web-based applications.
To protect us against unwittingly sharing our private information all over the web, there are different standards and protocols for how information is sent over the internet. There are ways to block intrusions with firewalls, anti-malware, and anti-spyware—anything designed to monitor incoming internet traffic for unwanted traffic or malware like spyware, adware, or Trojans. If these measures don’t stop hackers from getting through, encryption can make it harder for them to do much with your data by encoding it in a way that only authorized users can decrypt, whether that data is in transit between computers, browsers, and websites, or at rest on servers and databases.
To create secure communication channels, internet security pros can implement TCP/IP protocols (with cryptography measures woven in), and encryption protocols沙巴体育足球开户 like a Secure Sockets Layer (SSL), or a Transport Layer Security (TLS).
沙巴体育足球开户Other things to have in an internet security arsenal include:
- Forms of email security
- SSL certificates
- HTTPS (encrypted transfer protocols)
- OAuth 2.0, a leading authorization security technology
- Security tokens
- Security software suites, anti-malware, and password managers
- Frequently updating and installing security updates to software, e.g., Adobe Flash Player updates
- Encryption, and end-to-end encryption
Cloud Security: Protecting Data That’s Here, There, and Everywhere
Much of what we do over the web now is cloud-based. We have cloud-based servers, email, data storage, applications, and computing, which means all of the communication between onsite and the cloud needs to be secure, too. With all of this connectivity and the flowing of (sometimes sensitive) information comes new concerns with privacy and reliability—and the cloud can be notoriously vulnerable. This has given way to a new sub-domain of security policies: cloud computing security.
沙巴体育足球开户Computer security, network security, and information security as a whole all need to be optimized for the cloud. For businesses that use public clouds, private clouds, or a hybrid cloud—information is getting exchanged between the two regularly and needs to be protected.
Building a cloud security framework沙巴体育足球开户 involves creating a strategic framework for how all operations will happen in a cloud environment, managing access, protecting data, and more.
Application Security: Coding Apps to Be Safe from the Ground Up
A lot of the internet security focus is on patching vulnerabilities in web browsers and operating systems, but don’t neglect application security—a majority of internet-based vulnerabilities come from applications. By coding applications to be more secure from the start, you’re adding a more granular layer of protection to your internet and network security efforts, and saving yourself a lot of time and money.
App security does rest on top of many of the types of security mentioned above, but it also stands on its own because it’s specifically concerned with eliminating gaps and vulnerabilities in software at the design, development, and deployment stages. Security testing沙巴体育足球开户 (which should be conducted throughout the code’s lifecycle) digs through the app’s code for vulnerabilities, and can be automated during your software development cycle.
Choosing a language, framework, and platform with extra security fortifications built in is paramount, too. For example, Microsoft’s .NET framework has a lot of built-in security, and the Python Django-style Playdoh platform addresses application security risks. Rising in popularity is the Spring Security framework, a Java framework known for excellent built-in authentication and authorization measures, and the PHP framework Yii prioritizes security, as well.
沙巴体育足球开户Aside from framework choice, there are a few strategies to bolster application security, including:
- Ensuring TLS
- Authentication and authorization measures
- Data encryption
- Sandboxing applications
- Secure API access
- Session handling