Introduction
In this paper, first I will give overview of network security fundamentals, discuss security threats and issues that are relevant to the medium-sized start-up company that processes credit card transactions on a daily basis. In the next part of the paper, I will provide detailed network security recommendations and give suggestions how to choose the right firewall and VPN solution. In the final part of the paper, I will give the summary of the paper and a conclusion.
Overview of network security fundamentals, security threats and issues
There are many threats that the medium-sized start-up company can face. These threats range from computer security threats such as distributed denial of service attack (DDoS), social engineering, and phishing to physical threats such as physical theft of the technical equipment (routers, hard drives with sensitive information, etc). It may too much the establishing security protection similar to that of the Fort Knox just for the needs of medium-sized start-up company, but since the company deals with credit cards, it is essential to design the security policy precisely for the needs of this specific organization (Conklin, White, Williams, Davis, & Cothren, 2011). While designing a security policy is a difficult process, which includes creation of the security policy roadmap and the security policy itself, such measures will definitely pay off in the long term (Chaiw, 2001).
One of the fundamentals of any security policy is that access privileges should be provided only to persons who explicitly needed the access to the accessed resource. Moreover, old accounts should be purged from the system, cleaning disk space and ensuring that they cannot be used as the backdoors into the system. Passwords should be regularly changed, and they must be easy to remember as well as hard to guess by an attacker. Specific password requirements should be specified in the document called Password Selection Guideline, supported by an appropriate standard. In addition to the aforementioned mechanisms, security culture can benefit the organization though improved security and computer literacy (Cisco Systems, Inc.).
Detailed network security recommendations
Fundamentals of firewalls and VPNs
Modern firewalls provide a great level of security for any company that utilizes networks for its operations. These firewalls could be either hardware or software, but the main principle of firewalls is common: they allow access to authorized and “good” users, and suppress any suspicious activities. Hardware firewalls are pieces of telecommunication equipment that block malicious connections before the data reaches the target computer. They do not slow down the functioning of the computer since they operate separately, and they usually are more sophisticated than software firewalls. On the other hand, software firewalls tend to be cheaper than their hardware counterparts, but they may slow down the computer and can have less features. In addition to the firewall, anti-virus, anti-malware, and anti-spyware tools can be used in order to determine the viruses, malware, and spyware present in the system and effectively remove it. Firewalls can protect the company from DDoS attacks, as well as many other threats relevant to the organization. It …