A little more than a decade ago, three famous paintings were on display at the Whitworth Gallery, an art museum in Manchester, England. Since the works of Gauguin, Picasso, and Van Gogh were valued at about $8 million, they were heavily protected by security guards and electronic systems. Guards patrolled the gallery. Alarms were set in place. And closed-circuit television scanned the paintings. Still, none of this was enough. Burglars broke into the Whitworth Gallery in late April, 2003 and stole the three paintings. A few days later, the expensive masterpieces were found in a public restroom near the art museum. A note attached to the masterpieces dismissed the episode as a caper designed to test the woeful security measures. This bold art burglary is a lesson for network administrators who guard information systems.
What does a brilliantly executed burglary have to do with network security?
It illustrates a powerful principle of security: no matter how carefully planned a security system might be, there is always the possibility that there is someone who has the time, patience, knowledge, skills, tools, and predisposition to wreck it.
Cultivating A Security Mindset
IT students acquire knowledge and practical skills about a vast range of technology from programming to systems analysis and from cloud computing to mobile architecture, only those who spend time at a workplace acquire experience.
Additionally, while technical knowledge and applicable skills are certainly important, network administrators who have specialized in security measures need to know more than technology. They also need to study theories about human nature and borrowed wisdom from fields as diverse as military defense and criminology. This equips them to think about network security in a broader context than simply figuring out how to install firewalls, antivirus software, and intrusion prevention systems.
Ultimately, then, each network has to be treated in a different way to analyze its potential for security breaches, and this requires an understanding of malicious human behavior as much as the anatomy of a Trojan horse.
Three Goals of Security
In order to understand the best measures to ensure network security, a broad understanding of security is necessary.
In essence, there are three goals in protecting any kind of information:
- Protecting information confidentiality.
- Deciding on how to store the information.
- Making the information available.
When setting up a governance model (policies, procedures, and regulations) network administrators have to consider each of these elements of data protection.
5 Sample Network Security Questions
Here is a brief sample checklist that exemplifies the right mindset to have when setting up network security:
- Does the current security system stop unauthorized users from modifying any data?
- Does the current security system stop authorized users from modifying data and making it inaccurate?
- Does the current security system have a system of checks and balances to make sure that data has not been removed?
- Can information be lost due to threats other than human interference or attacks by malicious software programs? For instance, can it be lost if there is a bomb, a strike, an earthquake, a hurricane, a flood, or a fire?
- Under what conditions will the computers and networks fail to work?
Properly addressing these questions will result in measures like:
- Applying the right amount of encryption to data that will be sent over the Internet.
- Applying the right amount of encryption to data that is stored on digital media.
- Routinely testing network security to reveal flaws and vulnerabilities.
- Using software that provides sufficient protection.
- Setting up a disaster recovery operation to ensure that business continues after the network and resources are compromised.
The best network security systems are those where factors other than the variable of computers and technology are taken into consideration. This broader understanding of security can be learned when knowledge and skills are amplified through experience and comparative studies. A network administrator is tasked with balancing confidentiality, system integrity, and availability.