Blog

A Brief Overview of Network Security

A Brief Overview of Network Security

The reliance the modern business has on its IT cannot be understated. As a result, to keep their computing network and infrastructure running efficiently, companies need to have a network and cybersecurity policy in place. With the development and use of organizational computer networks with multiple endpoints, understanding the basics of network security is helpful when implementing and employing network security systems. Today, we take a look at the parts of your network, their functions, and what you need to do to protect them.


Network Hardware
Your business’ computing network consists of, at the very least, two connected machines set up to share resources. Most of the time, a business network consists of centralized computers called servers, and endpoints called workstations. Major networking components (working backward from the endpoint) include, network switches (that allow multiple workstations to be connected in packets); a router (that allows for wired or wireless connection to the network); and the modem (that connects the network to the Internet). On your network can be all types of other accessories (printers, scanners, copiers, and more).

Today, wireless networks have been deployed to provide additional mobility. In this case the router, which would have to have Wi-Fi capabilities, allows mobile endpoints (laptops, smartphones, tablets, and IoT devices) to connect to, and share the files on, an organization’s network. This promotes mobility by allowing the sharing and use of files without being physically connected to the network.

Network Protocol
The network protocol is a set of rules that work to control communications between devices connected to the same network. They make connections and set rules for data packaging for both sent and received messages. Popular protocols include:

  • Transmission Control Protocol and Internet Protocol (TCP/IP)
  • Address Resolution Protocol (ARP)
  • Domain Name System (DNS)
  • Secure Shell (SSH)
  • File Transfer Protocol (FTP)
  • Dynamic Host Configuration Protocol (DHCP)
  • Hypertext Transfer Protocol (HTTP)
  • Hypertext Transfer Protocol Secure (HTTPS)
  • Internet Group Management Protocol (IMAP4)
  • Post Office Protocol version 3 (POP3)
  • Simple Mail Transfer Protocol (SMTP)

There are many more, and every protocol is basically the building blocks of a deliberate interaction. Each protocol works to connect one part of a computer to another. Much like a bank has procedures in place to help keep your money safe, protocols are the procedures at work to keep your data safe.

Securing TCP/IP is especially important. TCP/IP communications are made up of four layers that work together. When a user wants to send information across networks, the information is passed through each layer, each adding data. Each layer features a header and a payload. The header contains layer-specific information, while the payload consists of the information that has come from the layer above it. To illustrate this a little better, we’ll describe the four layers in TCP/IP communications:

  • Application Layer: This layer sends and receives the information for particular applications, with protocols such as DNS, HTTP, HTTPS, and SMTP. Each application has to have its own specific protocol.
  • Transport Layer: This layer of connected (or connectionless) services are for transporting application layer services between networks and works to assure that connections are reliable. TCP and User Datagram Protocol are commonly used in the transport layer.
  • Internet Layer: This layer routes the data packets across networks. Internet Protocol (IP) is at the heart of this layer. IP specifically allows information streams to be broken up into segments known as data packets (known mostly as “packets”) and works to define and establish the Internet, as we use it, through addressing and routing.
  • Network Access Layer: Finally, the network access layer is in place to define the method of use within the scope of the local network link. It adds the protocols used to define the relationships used to transmit and receive data packets from the other layers.

With so many moving parts every time you send and receive information over the Internet (and within your own Intranet), you can see how difficult it is to keep the network free from threats. Now that you’ve got a small introduction to what each layer in your TCP/IP-run command does, we can now look at the vulnerabilities (and fixes).

Vulnerabilities
The main security problem with any type of network is the dreaded “unauthorized user”. An attacker can connect through an unsecure hub/switch port. As a result, wireless networks traditionally are considered less secure than wired networks, as they can be accessed without a physical connection. Once in, a nefarious actor can steal valuable information, deny service to legitimate users, or spoof the physical identity of the network to steal more data. Here are a few TCP/IP vulnerabilities:

  1. ARP spoofing - Used to deliberately steal sensitive information, or to facilitate denial-of-service-attacks, session hijacking, man-in-the-middle attacks and more.
  2. Port scanning - Used to see what services are available to exploit.
  3. IP spoofing - Sending packets from what is seemingly a trusted address, while sending malware or stealing data.
  4. DNS spoofing - The Domain Name System associates domain names with IP addresses. So devices that connect to the Internet can have their DNS spoofed and reroute the info to a different IP address.

What to Do About It
Once the “bad” data has been sent to you there is very little you can do. That’s why we tell everyone that they need to be proactive about securing their IT. At White Mountain IT Services, we can help you meticulously maintain your software, monitor your files, permissions, and access, and deploy today’s strongest network and cybersecurity strategies to keep threats from hampering your business. For more information, contact us today at 603-889-0800.

Related Posts

If you shell out for brand new office equipment, you’ll naturally expect it to perform better than your older machines. Sometimes the age of your network hardware isn’t the only problem affecting your network’s performance. More often than not, netwo...
Anyone who uses the Internet has to be aware of the dangers involved. Beyond the safety of your network’s security solution, there lies a horde of malicious entities just waiting for you to let your guard down. All it takes is one moment to release t...
In order for an organization to maintain operations, a strong network that’s capable of handling internal traffic is necessary. These networks handle the deployment and access of mission-critical data, applications, and other important tasks that bus...
The modern business is inundated with all types of threats, from people outside the organization phishing around for information, to employees that are aloof to their role in your network’s security. If your network’s security is like a levee, it is ...
Most of your business’ technology is a direct result of your need to quickly and securely disseminate information. While there are solutions meant to improve efficiency peppered in there, the vast majority of IT solutions are designed to create, shar...
Mobile devices continue to be an important part of doing business, and organizations are ready and willing to accept them into the workplace environment with open arms. Yet, the fact remains that doing so can be of significant risk. Believe it or not...
If you ever question why your business needs to take advantage of network security and all of its components, consider this fact: the average cost of data breaches, worldwide, has increased by 29 percent since 2013. Believe it or not, the average cos...
Ransomware, the unpleasant form of malware dedicated to denying users access to their own device, has become more prominent with mobile technology. While ransomware is typically associated with desktop computers, it’s fully capable of infecting mobil...
Your data needs to be protected--that’s something that we all can agree on. However, even if your data were to be targeted in a data breach, would you be able to see the attack coming? Here are three telltale signs that your data is in imminent dange...
Encryption has become a very important part of maintaining an acceptable standard of security while browsing the web and storing data. Large enterprises and organizations have been using encryption for a long time, and even the average consumer uses ...
Based on the headlines you see today, it’s no question that cybersecurity is something that every business owner should be concerned about. As attacks become bigger and more frequent, all decision makers must ask the question: who needs to step up an...
It’s the nature of every problem relating to business to include consequences that extend far beyond the timeframe of the issue’s initial impact. This is especially true for data breaches; an all-too-common problem that hurts organizations in many mo...

Onsite Service Coverage Area

Although we provide remote services and support to businesses in over 20 states, onsite services are limited to within reasonable driving distance from our office in NH.  For locations outside of our service area, we will manage a local vendor to provide onsite assistance when needed.

 

Onsite Computer Support Services are available to businesses within 100 miles of Nashua New Hampshire. We have excellent onsite coverage from Concord NH, south through Manchester NH, and then down into Boston. From Northern and Central Mass, we cover from Worcester, east to the North Shore, including the Salem and Portsmouth NH area.

 

White Mountain IT Services
33 Main Street, Suite 302
Nashua, New Hampshire 03064

 

603-889-0800

map nashua4 1

 

Open Positions