Threats to Security
Before we look at the measures you can take to secure your network, let's first look at what you are trying to protect against. The following are some possible threats to a network's security:
Internal threats— It is a sad fact that the most common source of security problems in an organization is from the employees of that organization. For example, a user might decide to “borrow” the apparently unused hub from the equipment cupboard on the third floor, or he might really want to know just how much money the president of the company actually earns. In more extreme cases, a user might attempt to pass valuable corporate information to an outside party. Sound far-fetched? It's not; it happens every day.
Deliberate data damage— To most people, the idea of deliberately damaging someone else's property is, to say the least, distasteful. Unfortunately, not everyone operates with the same values. Whether “just for fun” or with more shady intent, some people might delight in corrupting data or deleting it completely. Either way, business continuity will almost certainly be affected.
Industrial espionage— This rather James Bond–sounding security threat involves the process of a person retrieving data from a server for a purpose. The intruder might want to get her hands on the latest blueprints of your new widget, or she might want financial information for a buyout bid. Either way, the integrity (and in some cases, the future viability) of the business can be affected by such events.
Physical equipment theft— Although it is less of an issue than theft of data, theft of physical equipment can affect business continuity as well. If an important piece of equipment is stolen (for example, the server or a backup tape), the intruder will have access to your data. Insurance normally takes care of replacing the actual equipment, but data is generally not insured, unless specified, so the cost of restructuring the data is not provided for.
You might be fortunate enough not to suffer from any of these threats. Certainly, in a small organization that performs a seemingly uninteresting (to outsiders) business, there might not be any occurrences of security threats. But as an organization grows, so too do the amount of information, the number of methods that can be used to access it, and the number of people who are interested in finding out about the business. As the number of employees grows, the chance that a “bad apple” will find its way into the cart increases as well. Sadly, it is a fact of life.
Security Responsibilities of a Network Administrator
To combat possible security threats, what is expected of you, as a network administrator? The exact network security responsibilities you have depend on the kind of environment in which you are working. In large companies, there might be an individual or a group that is specifically responsible for security issues. You might be part of that group or be under its direction. In small companies, the entire onus of network security might lie on you—the network administrator's shoulders. This chapter assumes that as a network administrator, you are primarily responsible for network security. Assume that you need to do the following, to ensure network security in your organization:
Ensure that a security policy is in place— A security policy defines the security measures, how they function, what is involved in their operation, and how problems are dealt with. The security policy should be created with the support of management.
Ensure that the security policy is enforced— There is no point in having a policy if it is not enforced. As the network administrator, you need to make sure that the security policy works and is implemented as described.
Ensure that any infractions of the security policy are dealt with— Perhaps the most undesirable part of a network administrator's security responsibilities involves dealing with infractions of the security policy. Because the majority of security-related incidents occur with people inside the company, this can often be an unpleasant task.
Ensure that the security situation is continually evaluated, revised, and updated— Networks change, as does the company structure. The security needs of an organization should be evaluated constantly. Any changes deemed necessary should be incorporated into the security policy, again with the cooperation of management.
This is just a brief look at the responsibilities a network administrator has in implementing security on a network. Depending on the environment you work in, you might have to consider more or fewer security-related responsibilities. Now that you have an idea of some of the basic security responsibilities, let's look at the two types of network security: physical and logical.