Image via Wikipedia
All computer users don’t focus on network security as they should, but in some situations it’s critical - particularly when the network in question is a professional one. A couple of overlooked threats to network security are basic physical security and physical, in-building protocols. If someone can physically access a server, it can be breached; there are ways to change a master password and then quickly transfer files with FTP software like FileZilla. Considering the ease of carrying a smart phone or a laptop, this threat has increased significanly in recent times. For physical security, not only should there be locks on doors (and an alarm system, if necessary) but there should be clear protocols about who gets access to what parts of the building and what parts of the network. This will make it more noticeable if someone is where they shouldn’t be.
It’s recomended that networks which need to be secure adopt two factor authentication. There are three basic concepts for authenticating users in this way. Authentication can be based on something they have, like a badge, pass card, or passcode-generating fob; it can be based on something they are, as with biometric scans; or it can be based on something they know, such as their password. Two factor identification means users are asked to identify themselves using at least two of these methods.
Though there have been a number of different systems used in the past, the current standard in encryption uses asymetrical key algorithms liberally. EAP, or Extensible Authentication Protocol, is an extremely flexilble user authentication system that works with a wide variety of customizations, and it’s one way to apply asymetrical key algorithms. Secure shell, or SSH, also uses them, and is a standard encrypted channel technology that has been applied to a number of other programs to make them more secure. If you have been using telenet, File Zilla for FTP, RSH, or versions 1 or 2 of SNMP, it may be time to switch to a more secure version.
