Network Security Policy

Developing a security policy is the first step any organization should take to protect itself and data from a liability challenge. This policy should contain a set of principles which ensure that decision making is guided and that leaders in the same organization are able to distribute authority without inconvenience.

In order to get our security policy working for the betterment of the company and ensure maximum utilization of the network resources, our policy will involve training the users on the acceptable and unacceptable use of network resources and even explain to them how to handle security incidents. The users will be informed on who to consult to report an incident and define the role of those involved in the network administration. This, if implemented, will go a long way into making sure the resources are maintained in good state.

There could be bad consequences like loss of privacy, information theft if the security of any computer network is compromised. To counter these consequences to our network there is an urgent need to safeguard the network against people who have unauthorized intentions to our network. There are different types of individuals who are mostly identified with unauthorized access to networks. These are: hackers who are mainly computer programming experts, people who use their knowledge to get unauthorized access (black hat), people with bad intent access to computers (crackers), phreakers who attack phone network and make it perform things that is not supposed to, Spammers i.e. people who send large junks of emails without permission among others (Ekert, 2004).

To enable the network security policy to arrest these vices, white hats in conjunction with network administrators need to work together and put measures against these.

To begin with, we will need to identify the crimes that can be committed by these malicious intruders. These criminal activities may include: an insider trying to abuse the network, virus programs, phishing (this is where there is a false representation of the sender), Denial of Service (DOS), Password sniffing, Financial Fraud and even website defacing whereby a malicious individual will hack into a server of the website and change the way it appears.

To curb the problems associated with phishing, all the users of the network should be taken through a training session and be trained on how to identify junks of emails that come from these malicious websites. All departments should organize with the computer department to see this come through.

In light of these malicious mitigations, such protocols as Hypertext transfer protocol (HTTP) and Internet Control Message Protocol (ICMP) that are inherently known to be insecure should be avoided or at least given some modification in order to increase the security of the organization (Bellovin, 1989).

The organization’s objectives on the security of the network should entail, relying on a network that is world class best and one that is free from all kinds of threats, information theft and easy to maintain when problems arise. The security of the network should be reviewed regularly so as to update firewalls, antivirus software and add new features that will increase the dependability of the network.

The four types of attacks that measures should be put against are: Denial of Service (DOS), a case whereby an attacker corrupts or disables systems or networks so that intended users do not gain access. They can cause the systems to crash or make it to slow down until it becomes unusable. DOS can take the form of simple deletion of information. Others include worms, Trojan horses and viruses which may be put in a host computer to cause them to replicate themselves or make it to be denied service of the network (Bellovin, 1989). There are also others like reconnaissance and illegal access. Therefore, strong measures like use of reliable and updated antivirus software, good firewalls and strong passwords used in packet routing protocols with CCNA routers have to be put in place to help to boost the network policy requirement of the organization.

Network equipment such as routers, firewalls and switches servers and cabling need to be protected at all levels. Their weaknesses include password protection, routing protocols, lack of authentication and firewall holes. The default passwords should be changed during configuration and access given to only authorized personnel.

To mitigate physical threats, the measures that should be taken include: hardware threat mitigation which includes locking the closet which contains wirings and allowing only authorized personnel, mechanical threat mitigation, environmental threat mitigation and electrical threat mitigation by use of UPS and generator sets. In order to secure the network against physical damage, control over router console ports should be exercised and also cables should be clearly labeled to minimize confusion during repair and maintenance exercise.

Intrusion prevention systems should be used at network and host level to counter malicious traffic (Dittrich, 1993).

As a conclusion, constant and repeated system checkups and updating system resources should be done by all members of the organization so as to combat the threats of security in this company.