The Internet is available to anyone with a network connection and an Internet Service Provider (ISP) account. In fact, it was designed to be an open network[1] and therefore has
little built-in capacity for securing information. From a security standpoint, the Internet is inherently insecure; the challenge is to protect sensitive data while allowing authorized personnel to use it.
Securing resources
In computer networking, security can be defined as a continuing process in which an administrator ensures that information is shared only between authorized users.
The process of planning and implementing security in your business requires that you understand the resources you are protecting, as shown in the MouseOver below.
Protect your employee workstations by enabling password-protected screen savers to prevent snooping. Require that each employee use a virus checker and observe caution when downloading anything from the Internet.
Your networks and its resources are the primary communications medium for the entire company. If a hacker gains access to or control of your networks, he or she has access to all or most company data.
A major asset of any company is the information it organizes and disseminates. A hacker's ultimate goal is to discover this information, as well as tamper with the networks and methods that help to create and communicate the information.
Your World Wide Web, email, and FTP servers are vulnerable to several types of intrusions. Typically, servers provide storage for the network infrastructure, and act as the hub. They also control overall system security. Hackers try to gain access to server resources, because they can then access and then control other resources.
do not have a written network security policy, and
do not know whether they had been attacked or not.
Effects of Security Policy
You always need to consider the effect that your security policy will have on legitimate users.
In most cases, if the effort required by your users to use the system is greater than the resulting increase in security, your policy will actually reduce your company's effective level of security.
[1]Open network: A group of servers and computers, such as the Internet, which allows free access.
[2]Firewall: A security system designed to prevent unauthorized access to or from a private network. Firewalls can be implemented in both hardware and software, or a combination of both.