Saturday, January 24, 2009

Are you Controlling Access to your Network?

Networks are the nervous systems of our information technology body. Networks are integrated computers and peripheries that are linked through communication facilities.

They are basically two or more computers that share resources and data, linked by cabling, telephony or wireless equipment.

You have most likely heard of the Eastern Africa Submarine Cable System (EASSy) which will connect us to the global network. You will also have noted the numerous trenches been dug in major urban centers. This is the national fiber network been laid out.

Networks primarily transmit data electronically. This data is in the form of voice, video and images.

Networks have become indispensable parts of our lives and the Internet is a good example of our dependency on networks. The Internet is a network of networks that links millions of computers globally.

Companies have networks called intranets. This corporate network is tailored to meet the specific requirements of an organization.

Controlling who accesses the company intranet is a crucial security concern. This control involves a number of aspects. It is firstly concerned with what network resources (data or periphery devices) an authenticated user can access based on his/her rank.

Network access also involves all security policies assigned to a user and the behavior of the user once he/she has accessed the network. Today network security is about controlling individual user access to services and data, and auditing their behavior to ensure compliance with policies and regulations.

Network access control is also largely based on what layers of security are applied to a network. Businesses must inspect the valuable and sensitive information carried by the network to ensure its confidentiality and integrity.

Security policies are a component of network access that involves defining a manageable yet effective set of compliance-checking, enforcement and remediation policies. Companies should determine what types of checks will be performed, how often, what types of warnings will be displayed to users and how policies vary by user. The secret is to keep these security policies simple.

Another component of network access is giving the users the option to access a limited set of resources (such as the Internet or email) so that they can work without interruption.

Finally companies should be prepared to handle exceptional user scenarios which could occur at any time. For example if a natural disaster or another unusual problem prevented users from accessing the network. Provisions for access to critical resources from remote computers must have been outlined and appropriate access privileges assigned.

No comments: