A gateway is a network point that acts as an entrance to another network. On the Internet, anode or stopping point can be either a gateway node or a host (end-point) node. Both the computers of Internet users and the computers that serve pages to users are host nodes. The computers that control traffic within your company’s network or at your local Internet service provider (ISP) are gateway nodes.
In the network for an enterprise, a computer server acting as a gateway node is often also acting as a proxy server and a firewall server. A gateway is often associated with both arouter, which knows where to direct a given packet of data that arrives at the gateway, and a switch, which furnishes the actual path in and out of the gateway for a given packet.
Sending and receiving e-mail, file sharing and browsing websites may seem innocuous on the surface, but if you’re not careful these activities can open your computer to countless vulnerabilities. E-mail messages can easily be forged and they’re often used to launch malware. Malicious web sites can install software on your computer or collect personal information from your computer.
Here are a few basic things to keep in mind:
In network security, endpoint security refers to a methodology of protecting the corporate network when accessed via remote devices such as laptops or other wireless and mobile devices. Each device with a remote connecting to the network creates a potential entry point for security threats. Endpoint security is designed to secure each endpoint on the network created by these devices.
Usually, endpoint security is a security system that consists of security software, located on a centrally managed and accessible server or gateway within the network, in addition to client software being installed on each of the endpoints (or devices). The server authenticates logins from the endpoints and also updates the device software when needed. While endpoint security software differs by vendor, you can expect most software offerings to provide antivirus, antispyware, firewall and also a host intrusion prevention system (HIPS).
Endpoint security is becoming a more common IT security function and concern as more employees bring consumer mobile devices to work and companies allow its mobile workforce to use these devices on the corporate network.
Encryption uses a mathematical algorithm to scramble readable text that cannot be read unless the reader has the key to “unlock,” or convert, the information back to its readable form. This means that your sensitive data cannot be accessed without you providing a password.
It is the easiest and most practical method of protecting data stored or transmitted electronically and is particularly essential with sensitive data.
Even a single failure to encrypt sensitive data, whether through e-mail or via a stolen flash drive or laptop, can result in a security breach with criminal or civil liabilities and irreparable harm to finances and the reputation of the university.
The following items—while not a comprehensive list—are examples of sensitive data:
Two-factor authentication is a security process in which the user provides two means of identification, one of which is typically a physical token, such as a card, and the other of which is typically something memorized, such as a security code. In this context, the two factors involved are sometimes spoken of as something you have and something you know. A common example of two-factor authentication is a bank card: the card itself is the physical item and the personal identification number (PIN) is the data that goes with it.
According to proponents, two-factor authentication could drastically reduce the incidence of online identity theft, phishing expeditions, and other online fraud, because the victim’s password would no longer be enough to give a thief access to their information. Opponents argue (among other things) that, should a thief have access to your computer, he can boot up in safe mode, bypass the physical authentication processes, scan your system for all passwords and enter the data manually, thus — at least in this situation — making two-factor authentication no more secure than the use of a password alone.
Some security procedures now require three-factor authentication, which involves possession of a physical token and a password, used in conjunction with biometric data, such as fingerscanning or a voiceprint.
Security information management (SIM) is the practice of collecting, monitoring and analyzing security-related data from computer logs. A security information management system (SIMS) automates that practice. Security information management is sometimes called security event management (SEM) or security information and event management (SIEM).
Security information includes log data generated from numerous sources, including antivirus software, intrusion-detection systems (IDS), intrusion-prevention systems (IPS), file systems, firewalls, routers, servers and switches.
Security information management systems may:
Commercial SIM products include ArcSight ESM, nFX’s SIM One, Network Intelligence’s enVision, Prism Microsystems’ EventTracker, Trigeo, Symantec’s Security Information Manager, Cisco Security MARS and Snare. Open source SIM products include OSSIM, a product of the Open Source Security Information Management initiative, and Prelude, from PreludeIDS.
Although SIM products can automate many tasks around security information gathering and processing, they can’t operate effectively without significant effort and investment on the part of the organization in question. According to Neil Roiter, Senior Technology Editor of Information Security magazine, “Security information and event management (SIEM) products are only as good as the policies and processes they support, and the analyst resources that a company can pour into them.”