Академический Документы
Профессиональный Документы
Культура Документы
College of Engineering
CASE STUDY
(Measures on how to Protect Network Devices and Critical Information from Threats)
By
BSIT 3-1
February, 2018
1
I. Introduction
Network devices has a significant role in a computer network. A network will not work without
equipment or devices. Network facility are made up of interconnected devices like cables, routers
and switches in order to established communications needed for data and applications. Vulnerable
network devices can be used as a path to gain access to a computer or network server in order to
deliver malicious outcomes and one of the most effective way for sophisticated hackers and
advanced threat actors. Threats on network devices have a great impact on securing information
systems, this can lead to data loss so organization must also be aware of common security threats
to devices.
“Network security is any activity designed to protect the usability and integrity of your network
and data. It includes both hardware and software technologies. Effective network security
manages access to the network. It targets a variety of threats and stops them from entering or
spreading on your network” (CISCO). Network security plays an important role on preserving the
rising, threats to information systems are increasing globally. The rapid growth of such cases
places more demands on network administrator and other network personnel to put more effort to
2
II. Background of the Study
1. The US National Park Service data center, located in Denver, Colorado, went completely dark
on 1 January as a result of a utility power outage, causing damage to hardware systems and
data stored in the facility. The NPS building housing the data center went dark around 3pm,
and power was restored about two hours later, according to a note on the agency's website.
“The power outage was due to an underground cable that either had water seepage or rodent
2. April 27, 2000: Cheng Tsz-chung, 22, was put behind bars last night after changing the
password on another user's account and then demanding $500 (Hong Kong currency) to change
it back. The victim paid the money and then contacted police. Cheng has pleaded guilty to one
charge of unauthorized access of a computer and two counts of theft. The magistrate remanded
Cheng in custody and said his sentence, which will be handed down on May 10 pending
reports, must have a deterrent effect. Cheng's lawyer told Magistrate Ian Candy that his client
The cases above are an example of Network Devices Threats and Password breaching which will
be tackled later. The first case is an example of Electrical threats, due to power loss, thus hardware
and data was damaged. The second one pertains to online hacking which the hacker alter the other
3
III. Discussion
According to Computer Networking Notes. “A computer network is basically built from two
components; hardware and software. Both components have their own vulnerabilities and
computer network wherein risks can lead to a business disruption, financial losses, loss of privacy,
etc. Example of vulnerabilities are hardware flaws, ineffective controls and human error.
“Hardware threats are easy to detect in comparison with software threats. Hardware threats
cause more damage in network than software threats. A software threat can only harm the data
while a hardware threat can harm both device and data”. Software and hardware are
interdependence, hardware will not function unless software is loaded and software need to be
installed into a hardware in order to deliver its functions. But in terms of damage, when hardware
This section tends to discourse measures on how to address Common Threats to Network Security
or the Physical threats in terms of network devices such as Hardware threats, Environmental
threats, Electrical threats and Maintenance threats. An attacker can deny the use of networks
Hardware Threats
unsecure or less secure network components can cause physical threat to the critical network
resources.” For instance, upon installation of cables, you use incorrect type of cable and yes, it is
working but it is not the best type of cable that is suitable to and this can lead to some possible
4
threats. Other examples are physical damage to server, routers, switches and workstations.
“Hardware Threats are divided in two types; accidentally and intentionally.” Accidentally
pertains to something happens without purposely doing it while intentionally, you do it on purpose
as simple as that.
The following are the measures on how we protect networking devices in terms of Hardware
threats;
Accidentally
Accidental damage can be deal through proper planning. Developing a plan or a guide upon
installation for example has a big impact in order to prevent physical damage.
Intentionally
The reason why you have to go with branded components is that you are sure that it has a good
quality, provide safety and it will give you a peace of mind. Never go with unknown brand
especially when your data is very confidential and it cause you profit, unbranded do not have
quality guaranteed.
People who handle your devices must have a proper knowledge. It is better to hire those personnel
5
5. Critical resources should be kept in a room or location that meets with following requirements;
Every entry should be logged by security systems and monitored by security personnel.
Environmental Threats
Network devices are very sensitive hence proper and serious care is required. Environmental
factors should be considered in order to prevent harm in these devices. Temperature is one of this,
excessive heat and unstable temperature can easily damage device components. As the heat
increases the device has a lower capability to stay cool until it crashed. Second one is humidity;
wherein quick temperature drops can cause moisture. Heat and moisture accelerate the breakdown
1. Wherever possible keep away EMI (Electro Magnetic Interference) devices from critical
Electromagnetic interference has a negative effect on the performance of these devices. Routers
and switches are devices use in transmission of data wherein EMI interfere the signal of
transmission.
6
2. Usually networking devices have recommended environmental parameters. Always maintain
3. Keep the critical networking devices away from direct sun light and heavy winds.
Electrical Threats
Irregular power supply (such as fluctuations, high voltage, low voltage or surge voltage) can cause
Uninterruptible Power Supply serves as battery backup whenever there is a power loss. It contains
a battery that provides power for a few minutes in order to shut down the device properly.
Redundant power supply is similar to Uninterruptible Power Supply wherein it is used as a power
backup every time power loss occur. The difference of RPS to UPS is that RPS contains two power
supply units inside it. RPS is essential for network devices like servers to reduce chance of
3. Use backup generator systems with auto inverter technology that switches on backup power
7
Blackouts and power outages are becoming frequent nowadays, backup generator systems
especially in a network facility are very important in order to keep facility running in the event of
In order to detect electrical threats and prevent its harm earlier, installing monitor and alarm
Maintenance Threats
Network devices is a key part in order to keep a network up and running. As time passes by these
devices slows down its performance which lead to maintenance threats. Improper disaster planning
causes the maintenance threats. lack of spare parts, poor cabling, incorrect or no labeling on
Labelling lead to an organized network. Every process in a network relies on cables for instance,
any disruptions of it can affect wide range of processes. Absence of components label will waste
time and assets trying to find where and what the problem is. So, it is a must to do labelling on all
network components.
The essence of racks is to holds multiple servers inside a single room. Racks provide safety to
8
3. Always maintain a sufficient stock of critical spare parts for emergency use.
There are instances that one of your equipment will be damage and it’s a suggestion to always
“With the introduction of computer, the need for automated tools for protecting files and other
information stored on the computer became evident” (William Stallings). Dealing with critical
information requires critical security that will ensure privacy, confidentiality and to defeat any
attempt that will compromised other private information. Critical information is stored and
delivered via network such as the internet thus, it gives opportunity to hackers to take advantage
According to David Howell, the following are the measures on how critical information can be
protected;
Anti-virus software is crucial in detecting, locating, and removing unwanted applications such as
viruses and any malicious threats that steal sensitive information. Installing anti-virus will help to
prevents loss of critical data and prevents identity theft. Keeping firewall up-to-date will help to
protect the network and of course critical information. Firewall that is not updated provide less
effectivity.
2. Educate your staff about good data security policy, which means locking computers when not
in use.
9
As a network administrator it is your responsibility to instruct your subordinates on how customer
3. Prevent sensitive customer data from being removed from your secure premises on removable
4. Ensure that mobile devices such as smartphones and tablet PCs use secure connections – such
as a VPN (Virtual Private Network) – when they connect with your servers to access customer
data.
6. Backups of customer data are vital to carry out on a regular basis. Using an off-site data
backup service can provide a level of redundancy to allow your business to protect customer
“Passwords are the first line of defense in protecting access to our finances, credit information
and identities” (CNBC). Passwords purpose is to ensure the security and confidentiality of any
information of a person and organization, like for example your Facebook account which is
protected through your password. But hackers will do a lot of mechanism just only to breach your
password and access your account and steal your private information and use on illegal activity.
The following are the steps on how your information will be protected online;
Never use a password that is so obvious to detect by both human and computer. As much as
possible avoid using your related personal information and simple patterns in creating your
password. It is recommended that your password is be at least 8-10 characters long and longer for
10
administrative accounts. Use alpha (lower and upper case) and numeric characters including
special character.
Using MFA, an online user will be identified by validating in to two or more verification. It
includes option for an additional step between entering your password and accessing your account.
Using same password to your different accounts will increase your vulnerability. In case that your
one account is compromised then the other one will be easily for the hackers to breach it as well.
1. Secure: Lock your networks with a combination of authentication, encryption, firewalls, and
2. Examine: To maintain a secure network, you have to regularly monitor the state of security
from a number of reputable vendors will proactively locate areas of weakness, and IDSs can
alert and respond to security events when they occur. Your organization can get high visibility
of the network data stream and the security condition of the network using emerging security
solutions;
3. Test: Equally as vital as network examination and assessment is testing. Without adequate
testing of the security solutions, it's tough to know about new threats and attacks. The hacker
community is an ever-changing continuum with menacing designs on your systems and data.
You can perform this testing yourself or you can outsource it to a third party;
11
4. Enhance: Use the information gathered from the Examine and Test phases to constantly
enhance and improve the corporate security implementation and modify the security policy as
new vulnerabilities and risks are identified and the business model changes.
IV. Conclusion
As our technology rising too fast the level of security in terms of a network is getting stronger but
the requirements on how to compromise the security of a network only need a lower level of
knowledge that even non-IT people can do it. There is so many software which is easy to use and
contains many features and video tutorials available online that everyone can download and use to
There is no such thing as 100% secured network and we cannot stop hackers to do illegal thing but
we should be aware that we have something to do with it. At the end of the day, what we need in
order to avoid hardware threats, environmental threats, electrical threats and maintenance threats
and other online wrong doings is proper knowledge and awareness about it. Always do planning
and be ready and of course we should always be careful when dealing online.
12
V. Reference
The Increasing Threat to Network Infrastructure Devices and Recommended Mitigations. (2016,
250A
C. (2018, February 05). Network Security Threat and Solutions. Retrieved February 09, 2018,
from https://www.computernetworkingnotes.com/ccna-study-guide/network-security-threat-and-
solutions.html
Howell, D. (2012, August 01). Data Protection and Data Safety Measures. Retrieved February 09,
Morris, C. (2016, February 24). 8 surefire ways to protect your online passwords. Retrieved
from-identity-theft-online.html
What Is Network Security? (2018, February 07). Retrieved February 10, 2018, from
https://www.cisco.com/c/en/us/products/security/what-is-network-security.html
Stallings, W. (1999). Cryptography and Network Security: Principles and Practice (Second ed.).
13