Network security – A Detailed Guide


Work in a professional environment where you are responsible, at least in part, for network security. You have firewalls, viruses, and spyware, and all your computers are up to date with security solutions. You sit there and think about the good work you've done to make sure they don't get hacked.

As most people think, it has taken the most important step towards a secure network. This is part of the truth. What about the other factors?

Have you ever thought about attacking a social engineer? And the users who access your network daily? Are you ready to face the attacks of these people?

Believe it or not, the weak link in your security plan is what your network uses. In most cases, users are unaware of the methods for identifying and neutralizing a social engineer's attack. What prevents a user from finding a CD or DVD in the dining room, going to a workstation and opening files? This hard disk may contain a spreadsheet or word processing document embedded in the malware. Next thing you know, your network is in danger.

This problem especially occurs in an environment where the phone password has been reset by the support server. Nothing prevents people from wanting to join your network, calling their panel, pretending to be an employee, and asking for a password reset. Most organizations use the system to create user accounts, so it's not hard to find them.

Before resetting your password, your organization must have strict guidelines to verify the user's identity. One simple thing is to let the user personally go to the information point. Another method that works well if your offices are geographically remote is to identify an office contact that you can call to reset your password. Thus, anyone working at the point of inquiry can recognize that person's voice and know what is being said.

Why would an attacker come to his office or seek support? Simple, this is usually the path of least resistance. You don't have to spend a lot of time on an electronic system when the physical system is easier to use. Next time you see a person walking behind you through a door and you do not recognize it, stop and ask who they are and what they are. If you take action and you are someone who does not have to be there, you will be leaving most of the time soon. If the person is present, the name of the person he or she sees may appear to him or her.

I know you're going to say I'm crazy, right? So think of Kevin Mitnick. He was always a decorated hacker. The US government thought it could break the phone and launch a nuclear weapon. Most of his hacking was done with the help of a social engineer. Whether you have a physical visit to the offices or are called, you have some of the most important ones to this day. If you want to know more about Google's name or read the two books you wrote.

I have no reason that people are trying to get rid of such attacks. I think some network engineers are very proud of their network for recognizing that they can be easily damaged. Or do people not think they should be responsible for educating their employees? 

Most organizations do not give their IT departments the power to promote physical security. This is usually a problem for the building manager or property owner. However, it can even be trained for its employees; you can prevent network disruption from physical or social attacks.

Comments

Popular posts from this blog

Network Operations Center: A Detailed Guide

What are the Job Responsibilities of a NOC Technician?

Is it true that you are removed to work in a Network Operation Center?