We are as strong as our weakest link

--Originally published at The Hitchhiker's Guide to information security… according to me!

Achilles, the mythical Greek hero, son of a king and a nymph, invulnerable in every part of his body except the heel… Seriously, the lamest part of the body. But Greeks have something very important to teach us and it’s that there’s always a week spot in something. Even though it may seem unbreakable, unstoppable or impenetrable we’re not looking carefully enough. And it’s when we find that weakness that we now have control. As it is, we are as strong as out weakest link. So we need to be harder, better, faster, stronger when it comes to information security and what will be a better place to start than the network of our organization.

DEFINITION I CHOOSE YOU! Network security refers to any activity that will protect the integrity, availability and consistency (CIA coff coff) of the physical and logical assets from any threats or prevent the breach from getting worst. We’ve been talking a lot about threats in information security, and I’m sure that by now you must be as paranoid as I am, so I’m sure there’s not need to discuss threats anymore, but the real question is… what are those activities that will helps us protect our love ones from evil hackers? Well here are some layers of security.

Security Devices: refers to hardware or software devices that help improve security on the networks. For example:

  • Firewall: a hardware software based mechanism that helps control incoming and outgoing traffic permitting and denying it depending on a set of rules.
  • Honeypot: is a computer system that acts as a decoy to attract hackers into access it in order to gain information about the hackers methods and goals.

Network Isolation: refers to the segmentation of the network in order to create a more secure

architecture, being able to have certain information out of reach in case of a breach and also in order to add extra security like more firewalls. For example:

  • VLANS: in networking this refers to a broadcast domain that it’s partitioned and isolated from the network. This technique is use to divide a domain into many isolated subdomains and group host that may not be connected to the same network switch.

Protocol Security:  refers to the use of tools that help protect the normally used communication protocols like DNS and IP. For example:

  • DNSSEC: means DNS Security Extensions and refers to adding and extra layer of security to the DNS protocol by requesting an extra validation in the transaction. This, to avoid a middle man attack where the IP address you requested is intercepted and in exchange another IP is send to the host.
  • IPsec: is a protocol suite for securing IP communication that can encrypt and authenticate each packet.

Client Protection: refers to the security measures used for protecting the end user of the network. For example:

  • Antivirus
  • File encryption

Physical security: refers to the security measures that need to be taken in order to secure the physical assets of the networks such as router, servers, desktops, etc. For example.

  • Locks and security cameras
  • Authentication points
  • Training personnel in order to respond accordingly to social hacking
  • Secure design of the building where the assets are

All of this layers of security need to be implemented in order to achieve a secure network. Remember, we don’t want the evil doers to find out our Achilles heel, so that’s why we need to implement a variety of strong security measures. Remember, we’re as strong as our weakest link. Thanks a lot and keep on reading.