How is security management done in home and small businesses?

As there are different kinds of networks, so there are different types of security management for them. In this article we shall talk about how security management is done in the home and small businesses. Only basic security is required for a small office or at home. On the other hand a lot of maintenance is required for large businesses and large institutions. Also here, normally used hardware and software is used when compared to the sophisticated hardware and software that is used for the prevention of spamming, hacking and other kinds of malicious attacks. Here we list some basic points for security management at home and small office:

- A basic firewall can be installed or even a unified threat management system can be used.
- A basic antivirus software will do the task if you are working in the windows environment.
- Other software that can be installed for security include anti – spyware programs. A number of anti – virus and anti – spyware software are available in the market.
- If you are using a wireless connection, you must take care to secure your system with a robust password. A number of security methods are supported by the wireless devices. so try to use the strongest of those methods such as the AES, WPA2. A wide range of devices are supported by the TKIP. But they can only be used in the cases where there is no compliance with the AES.
- While using wireless, the default SSID name of the network must be changed. Another security measure that can be taken is to disable the SSID broadcast as this is not required for the home use. This can be easily bypassed by the use of modern technology and if the attacker has some knowledge regarding how the wireless traffic can be detected.
- You can enable the MAC address filtering for keeping track of all the MAC devices that are on that network connected to your router. Even though strictly this is not a security feature, it does can be used for limiting and monitoring the DHCP address pool for the attackers by both AP association and exclusion.
- Static IP addresses can be assigned to the devices connected to the network. This is done for complementing the other security features and to make the AP less desirable to the attackers.
- The ICMP ping on the router must be disabled.
- You can even review the logs of the router and the firewall for identification of any abnormal traffic or connection if any is there.
- Passwords must be set for all the accounts.
- If you are using a windows operating system, you can create multiple accounts for the family members to limit all the activities.
- Children of the family must be given lessons about the information security.

Security management is about identifying the important assets of the user that of course includes the information assets and checking whether the policies protecting these assets are implemented properly. It is also about protecting these assets from loss. It identifies the critical assets and focuses on protecting them first. The potential threats to the system are assessed. Then measures are taken for eliminating or minimizing these threats. The security risks are managed by the virtue of the risk management principles. It involves identification of the risks, assessment of the effectiveness of the control strategies, determination of the consequences. The risks are identified by means of the impact they can have. The identified risks are classified and appropriate response is selected for each. 

What are different types of attacks that network face?

With a lack of security measures and checks in the right place, we put our data to risk of various types of attacks. Attacks are of two types namely active attacks and passive attacks. The active attacks involve altering the information with an intention of destroying or corrupting the network and the data. If you do not have a security plan in place your network and data are vulnerable to these types of attacks. In this article we discuss about few of such attacks:
- Eavesdropping: generally most of the network communications occur in a format that is very unsecure (i.e., clear text). This gives a chance to the attacker to gain access to all the available data paths in that network for interpreting or listening to the traffic. Eavesdropping on someone’s communication is referred to as snooping or sniffing. The eavesdropper gets a great chance for monitoring the whole network which has become a great cause of concern for the administrator of an enterprise.  There are services that are based up on cryptography. With a lack of strong encryption the data of these services can be read or traversed by the eavesdropper.
- Data modification: after the data has been read by the attacker or eavesdropper, altering this data is his/ her next step. Without coming to the knowledge of the receiver and the sender the data in the packet can be modified by the attacker. Even if confidentiality is not required in all the communications, it is a must that any of the messages should not get modified in the transition.
- IP address spoofing (identity spoofing): the computer’s IP address is used by most of the operating systems and the network for identifying whether an entry is valid or not. In some cases, a false assumption of the IP address is possible. This is called identity spoofing. Some special programs might be used by the attacker for constructing the IP packets that might seem to come from the systems that are inside the intranet of the corporate. After the attacker gains the access to a network having a valid IP address, he/ she might reroute, delete or modify the data.
- Attacks based up on passwords: the password based access control is a common denominator of many network security plans and operating systems. By this we mean that your user ID and password determine your access rights. Always protection to identity information is not provided by the old applications as they might be validated when passed through the network. This might give a chance to the eavesdropper who poses as an authorized user for gaining access to the data. Whenever a valid user account is found by the attacker, he/ she gets the exact rights which are possessed by the real user. Now suppose if the user is admin of the network, then attacker gets the same rights as the admin and can create accounts for subsequent use. After gaining access to an account, the attacker can get lists of the authorized users and network info. He can make changes in the configurations, routing tables and access controls of the networks and servers.
- Denial – of – service attack: this attack prevents a valid user from using the network or the computer. By means of this attack the attention of the staff can be diverted from the internal information systems so that they don’t get to know about the intrusion. In the meantime attacker can make more attacks. Invalid data can be sent to the network services or applications. He can even overload the whole network so that it shut downs.