Securing and protecting information has become increasingly far more difficult and complex then what is has been in the past. As the amount of internet users and new devices that use the internet continue to become more common, new methods and users trying to steal information will continue to advance as well. Just this year we have seen large companies, corporations, and banking institutions which some were thought to be very secure have been broken into. Hackers continue to develop new ways to steal private information and develop these tools with increased simplicity. Hackers use different methods in breaching the security of the companies they target. These methods have increasingly become increasingly more complex and difficult to detect with tools and programs that are developed to detect attacks and intrusions. With the increasing amount of security threats, new ideas and methods continue to be developed to prevent further attacks. Among these methods is security authentication, protection and prevention.
Security Authentication Process
There are four processes that are in the security authentication process. These steps are: 1). Identification; 2). Authentication; 3). Authorization; and 4). Accountability. It is vital to integrate these four steps into any network intended to be secure. A properly configured and secured network will be able to protect itself from attacks like: password hacking, DDOS attacks, brute force attacks, and employees abusing their system rights (internal and external). Identification is the first of four steps of the security process. Any user that expects to gain access to a system is referred to as a supplicant, and the tool that every user who gains entry to the system is referred to as an Identifier. The identifier can have many different methods for identifying the supplicant. The identifier should be able to locate the user’s credentials from a database the unique information that determines the supplicant’s identity. The most common form of verification is done by using the employees first and last name. In case there are coworkers with common names, such as John Doe, employee Id’s or Social Security numbers may also be used. In most companies, they are no longer using the employee’s Social Security number to identify them in their system.
They are replacing them with an employee ID. This reduces the information that a network intruder (also known as hacker) or another employee gaining access to their Social Security numbers. Authentication is the second step in this process. Once identification of the employee has been established, there will be a request for input from that user that will either prove to the system that he or she is who they claim to be, or that they are not who they claim to be. The complexity of the authentication process depends on the type of information that is being protected. Depending on the system, the authentication process may be done by a username and password, a common access card that has the users credentials stored on a magnetic strip, a PIN, or a bio-metric system. This type of authentication has been the most common for years, but as technology and hackers have become much more knowledgeable and tech savvy, this system is increasingly becoming obsolete. This will still be used in some shape or form, but not as common as it once was.
The more sensitive the information, the stronger the authentication process should be. When a system requires a user to enter more than one authentication, this is what is known as strong authentication. Strong Authentication combines multiple forms of authentication, such as a common access card and a personal identification number. This strengthens the integrity of the system, and reduces the likelihood of a security breach. This type of authentication is becoming much more common. Authorization is the third step in the Security Authentication Process.
Once the user has access to the system, the system must then determine what information that specific user has access to. There are multiple ways access is determined. A user can be individually assigned access to information based on their specific user needs. A users may also be placed in a security group which the group has access to specific information. This can be accomplished, for example, through an Access Control List, or ACL. Users may also have access multiple systems with a single user account; this is what is known as an authorization ticket.
Accountability is another important principle of information security. Accountability refers to the possibility of tracing actions and events back in time to the users, systems, or processes that performed the actions so that responsibility for actions or omissions can be done. Logs should be kept from internal employee, external employee, user, or customer usability. A system may not be considered secure if it does not provide accountability, because it would be impossible to determine who is responsible. That is why logs are kept to track user actions. System logs are an ordered list of events and actions that occur. Logs are the primary means of establishing accountability on most systems.
Most systems will have a log for who accesses the system, how long they were logged in, where they went and how many attempts were made for a user to login. Logs should also be time stamped so that they can easily be tracked and referenced should an event occur which require log information. However, logs may be considered untrustworthy if their integrity is not reasonably assured. This means that if anyone could change the system logs, they would not be considered dependable enough to serve as the basis for accountability. This is because the log could have been manipulated in their favor.
Effects of authentication for new information systems
An application security has the capability of trading off between the high security level and increased usability. By adding more security to authentication, the effect is seen through reduction in the acceptance rate of users while increasing the usability. Consequently, it is a very difficult process to find the most secure system of authentication that users will accept. Users are always seeking new features and applications whose interfaces will be easy to use. At the same time, these users express worries that there is an increase of threat. Another factor is the increase in the user mobility. These users are seeking to have their application gain access to their home desktop and to their smart phones.
These aspects require many changes and security implementations to that specific applications security. The authentication process is only as good as the hardware used in place to service the plan. Access controls do not fall squarely on the shoulders of one device or method. Devices such as firewalls, intrusion detection systems, disk redundancy, information archiving, scanning and analysis tools, and disaster recovery plan all play a vital role in the defense of a network.
Preventive measures for securing data
An external firewall is typically a networks primary defense. The purpose of a firewall is to scan incoming and outgoing network traffic to determine whether or not the information is given access. Network administrators determine what settings the firewall uses to filter out unwanted traffic, and allow desired traffic to pass. They can also open only specific ports and locking down the others to prevent intruders. Networks may have multiple firewalls, each configured differently to narrow traffic to really specific levels. Newer firewall appliances can actually block traffic from specific countries. Intrusion Detection Systems are for detecting unusual activity within a network. When the IDS detect unusual network activity, it takes several steps. It can note the activity in a log or alert an administrator of any suspicious activity. Intrusion Detection Systems are also programmed to immediately stop any suspicious activity.
For numerous database servers, the standard feature is disk redundancy. Most servers incorporate numerous redundant arrays of independent disks as part of their configurations. The level of RAID to be applied will be based on the type of database application that is to be utilized. Relying on RAID solely is not enough. That is why Information archiving is recommended. Various drives can be used to backup multiple information mediums. These include digital linear tapes (DLT) and digital audio tapes (DAT). Scanning and analysis tools are as helpful to both hackers and network administrators. A good strategy for an experienced network administrator is to employ a packet sniffer and port scanner and try to penetrate the network. This will allow the administrator to scan for potential weaknesses within the network and anticipate where a hacker might attempt to infiltrate the network. A disaster recovery plan is extremely important to protecting data. Without a disaster recovery plan, all data within a specific area could be lost. They are especially important to have in areas that are vulnerable to natural disasters. Places such as the West Coast where earthquakes are common, the Midwest which is susceptible to tornadoes, and also where major snow storms occur, such as the Northeast, and areas in the South where hurricanes occur, should all have a disaster recovery plan, possibly saving information in other locations throughout the country.
Securing information is one of the top priorities for any network administrator, or organization. Ensuring the safety of a company’s information is paramount. For most companies, losing even a small amount of information could be detrimental, like banks for example. Unfortunately, there is always a risk to organizational information. Whether the threat is external or internal, there is always a risk that important information could be lost or leaked to moment it is accessible to the world wide web. As discussed, there is no way to protect a network from every threat, but there are ways to protect your network from becoming a victim. That is why it is so important to follow the Security Authentication Process, to backup and archive important data, and to introduce security systems and measures to protect important information within the network.
Conklin, A., Williams, G., Davis, R., & Cothren, C. (2012). Principles of Computer Security: CompTIA Security+ and Beyond (3rd ed.). New York, NY: McGraw-Hill/Osborne Media. LaRoche, G. (2008). Fingering Transactional Strong Authentication. Security: Solutions for Enterprise Security Leaders, 45(3), 110-112. Laudon, K. C., & Laudon, J. (2011). Management Information Systems. Managing the Digital Firm (). Harlow: Pearson Education.