Network Operating Systems and Security BEng Assignment

Network Operating Systems and Security BEng - Assignment Example In the context of network security definition, it consists of concerns related to network communication privacy, confidentiality of data over the network, accessing unauthorized classified data, access to prohibited network domains and utilizing Internet for concealed communication (Network Security. 2007). The security predictions that were published in an article for the year 2010 incorporates new advanced threats named as advanced persistent threats (APT), Cyber war escalates, VoIP attacks, Perimeter shrinks and harden, social networking sites, malware, DLP for intellectual property protection and malware as a service (MaaS) (Watchguard Unveils Top 10 Security Predictions for 2011. 2011). In order to protect the computer network, organizations emphasize on implementing hardware and software application as well as a security policy. This policy is followed by constructing a security policy document that defines rules and procedures. A typical security policy is constructed on a set of rules that defines authorization and access of network resources of an organization (, what is security policy? definition and meaning).The aim of implementing these security policies is to establish rules and procedures for improper use of network services. Moreover, the objective is to create a framework that will assist in identification and prevention of unauthorized access of network services (, Network Security Policy). Network security issues can lead to many different aspects. For example, if the server containing customer data is breached, organization will lose its credibility and trust among the customer and that will result in business loss. Similarly, if a critical system is hacked by internal or external sources, organization’s financial data along with goals and objectives can be revealed to other competitors. In order to eliminate the threats including unauthorized access, viruses, Trojans, malware and malicious codes, a security policy document is require d. The document will provide a consistent framework to secure the integrity of the network along with eliminating risk abided by security threats and vulnerabilities. 2 Risk Assessment Risk assessment is a process to evaluate risks associated with threats and vulnerabilities to the network. Three factors will be considered in this scenario i.e. Assets, Threats and Security Priority Identification. 2.1 Assets The identification of information assets is vital before conducting risk assessment. Information assets are defined as the entities that hold organization data. A good definition is available on ‘www.ibm.com’ which states it as, â€Å"information assets are specific to your business functions and business strategies, they may be contained within broad categories such as contractual and legislative compliance, those needing virus prevention, those critical to business recovery following security compromises, etc.† The information assets for an organization wil l be technology assets, data asset, service asset and people asset. In case of educational establishment the assets that need to be prioritized are: file space server, Linux web server, finance server, student database and email server. 2.2 Threats Threats are defined as