IT security prevents unauthorized access to computers, data and networks. For example, when you go online to your bank account, IT security ensures that you — and only you — can see and make changes to your checking account. The optimum goal of IT security is to uphold the confidentiality and integrity of sensitive information without inconveniencing the user.
Cyber-criminals are using tools like Viruses, Malware, Ransomware to constantly try to hack into your private network, corporate website and sensitive accounts. You need digital locks that prevent unwelcome visitors from accessing confidential data such as credit card numbers, emails communication or bank accounts. The IT security field integrates new technology that protects your computers and networks with consistency and vigilance like security systems complex and highly evolved locks. These locks easily allow authorized users in while blocking criminals and hackers.
Network security is anything you do to protect your network, both hardware and software. Network administrators (or system administrators) are responsible for making sure the usability, reliability, and integrity of your network remains intact. A hacker is capable of getting into a network and blocking your access, for example by holding a system hostage for a bitcoin ransom. You need an excellent defense in place to ensure you’re protected.Detecting weaknesses in a network can be achieved through:
Security engineering: the practice of protecting against these threats by building networks to be safe, dependable, and secure against malicious attacks. Security engineers design systems from the ground up, protecting the right things in the right ways. If a software engineer’s goal is to ensure things do happen (click here, and this happens), a security engineer’s goal is to ensure things don’t happen by designing, implementing, and testing complete and secure systems.
As a part of security engineering, there are proactive measures to predict where vulnerabilities might lie and reinforce them before they’re hacked:
Vulnerability assessment: Engineers identify the worst case scenarios and set up proactive plans. With security analysis software, vulnerabilities in a computer, network, or communications infrastructure are identified and addressed.
Penetration testing: This entails deliberately probing a network or system for weaknesses.
Network intrusion detection systems (NIDS): This type of software monitors a system for suspicious or malicious activity.
Network admins are able to target threats (whether through suspicious activity or large queries to a database), then halt those attacks, whether they’re passive (port scanning) or active, like:
Zero-day attacks, also called zero-hour attacks—attacks on software vulnerabilities that often occur before the software vendor is aware of it and can offer a patch. Or, hackers will initiate attacks on the software vulnerability the day that it’s made public there’s an issue, before users can install patches (hence the name “zero day”) Denial of service attacks
Data interception and theft
Other methods of protecting networks include:
IT Security frameworks: These act like blueprints for a company to set up processes and policies for managing security in an enterprise setting. Which a company uses can depend on the industry and compliance requirements. COBIT is popular among larger, publicly traded companies, ISO 27000 Series is a broad set of standards that can be applied to a number of industries, and NIST’s SP 800 Series is used in government industries, but can be applied elsewhere.
Password “salt and peppering”: Adding a salt, or random data, to a password makes common passwords less common. A pepper is also a random value attached to the password, which is helpful in slowing hackers down.
Authorization, authentication, and two-factor authentication (sometimes sent via SMS, although this can prove vulnerable as well)
Virtual Private Networks (VPNs)
Application whitelisting, which prevents unauthorized apps from running on a computer
Firewalls: Block unauthorized access to a network or data interceptions
Honeypots: These are like decoy databases that attract hackers but don’t house any important information.
Encryption—decoding data, in transit or at rest, including end-to-end encryption often used in messaging apps and platforms that only allows encrypted messages to be read by sender and receiver
Within network security is also
content security, which involves strategies to protect sensitive information on the network to avoid legal or confidentiality concerns, or to keep it from being stolen or reproduced illegally. Content security largely depends on what information your business deals in. INTERNET SECURITY: GUARDING AGAINST CYBER CRIMES
The internet itself is considered an unsecured network—a scary truth when we realize it’s essentially the backbone for how we give and receive information. That’s where
internet security (or cyber security) comes in, and it’s a term that can get pretty broad, as well. This branch of security is technically a part of computer security that deals specifically with the way information is sent and received in browsers. It’s also related to network security and how networks interact with web-based applications.
To protect us against unwittingly sharing our private information all over the web, there are different standards and protocols for how information is sent over the internet. There are ways to block intrusions with
firewalls, anti-malware, and anti-spyware—anything designed to monitor incoming internet traffic for unwanted traffic or malware like spyware, adware, or Trojans. If these measures don’t stop hackers from getting through, encryption can make it harder for them to do much with your data by encoding it in a way that only authorized users can decrypt, whether that data is in transit between computers, browsers, and websites, or at rest on servers and databases.
To create secure communication channels, internet security pros can implement TCP/IP protocols (with cryptography measures woven in), and
encryption protocols like a Secure Sockets Layer (SSL), or a Transport Layer Security (TLS).
Other things to have in an internet security arsenal include:
Forms of email security
HTTPS (encrypted transfer protocols)
OAuth 2.0, a leading authorization security technology
Security software suites, anti-malware, and password managers
Frequently updating and installing security updates to software, e.g., Adobe Flash Player updates
Encryption, and end-to-end encryption