Central Luzon State University

Science City of Muñoz, Nueva Ecija

College of Engineering

Department of Information Technology

CASE STUDY

(Measures on how to Protect Network Devices and Critical Information from Threats)

By

Eduardo L. Dela Cruz Jr

BSIT 3-1

February, 2018

1
 I. Introduction

Network devices has a significant role in a computer network. A network will not work without

equipment or devices. Network facility are made up of interconnected devices like cables, routers

and switches in order to established communications needed for data and applications. Vulnerable

network devices can be used as a path to gain access to a computer or network server in order to

deliver malicious outcomes and one of the most effective way for sophisticated hackers and

advanced threat actors. Threats on network devices have a great impact on securing information

systems, this can lead to data loss so organization must also be aware of common security threats

to devices.

“Network security is any activity designed to protect the usability and integrity of your network

and data. It includes both hardware and software technologies. Effective network security

manages access to the network. It targets a variety of threats and stops them from entering or

spreading on your network” (CISCO). Network security plays an important role on preserving the

confidentiality, integrity, and availability of communication and services. As our technology

rising, threats to information systems are increasing globally. The rapid growth of such cases

places more demands on network administrator and other network personnel to put more effort to

protect the information systems from any kind of attacks.

2
 II. Background of the Study

1. The US National Park Service data center, located in Denver, Colorado, went completely dark

on 1 January as a result of a utility power outage, causing damage to hardware systems and

data stored in the facility. The NPS building housing the data center went dark around 3pm,

and power was restored about two hours later, according to a note on the agency's website.

“The power outage was due to an underground cable that either had water seepage or rodent

invasion,” the note read. – Data Center Dynamics

2. April 27, 2000: Cheng Tsz-chung, 22, was put behind bars last night after changing the

password on another user's account and then demanding $500 (Hong Kong currency) to change

it back. The victim paid the money and then contacted police. Cheng has pleaded guilty to one

charge of unauthorized access of a computer and two counts of theft. The magistrate remanded

Cheng in custody and said his sentence, which will be handed down on May 10 pending

reports, must have a deterrent effect. Cheng's lawyer told Magistrate Ian Candy that his client

committed the offenses "just for fun." - Microsoft

The cases above are an example of Network Devices Threats and Password breaching which will

be tackled later. The first case is an example of Electrical threats, due to power loss, thus hardware

and data was damaged. The second one pertains to online hacking which the hacker alter the other

persons password and use it to gain money.

3
III. Discussion

According to Computer Networking Notes. “A computer network is basically built from two

components; hardware and software. Both components have their own vulnerabilities and

risks...,” Vulnerabilities or weakness of an asset can be a cause of a potential threat/risk in a

computer network wherein risks can lead to a business disruption, financial losses, loss of privacy,

etc. Example of vulnerabilities are hardware flaws, ineffective controls and human error.

“Hardware threats are easy to detect in comparison with software threats. Hardware threats

cause more damage in network than software threats. A software threat can only harm the data

while a hardware threat can harm both device and data”. Software and hardware are

interdependence, hardware will not function unless software is loaded and software need to be

installed into a hardware in order to deliver its functions. But in terms of damage, when hardware

is damaged it affects the whole network.

This section tends to discourse measures on how to address Common Threats to Network Security

or the Physical threats in terms of network devices such as Hardware threats, Environmental

threats, Electrical threats and Maintenance threats. An attacker can deny the use of networks

resources if those resources can be physically compromised.

Hardware Threats

“Improper installation, selecting wrong components, incomplete devices, lack of knowledge,

unsecure or less secure network components can cause physical threat to the critical network

resources.” For instance, upon installation of cables, you use incorrect type of cable and yes, it is

working but it is not the best type of cable that is suitable to and this can lead to some possible

4
threats. Other examples are physical damage to server, routers, switches and workstations.

“Hardware Threats are divided in two types; accidentally and intentionally.” Accidentally

pertains to something happens without purposely doing it while intentionally, you do it on purpose

as simple as that.

The following are the measures on how we protect networking devices in terms of Hardware

threats;

Accidentally

Accidental damage can be deal through proper planning. Developing a plan or a guide upon

installation for example has a big impact in order to prevent physical damage.

Intentionally

1. Always purchase branded and genuine components.

The reason why you have to go with branded components is that you are sure that it has a good

quality, provide safety and it will give you a peace of mind. Never go with unknown brand

especially when your data is very confidential and it cause you profit, unbranded do not have

quality guaranteed.

2. Hire experienced and knowledgeable technical staff.

People who handle your devices must have a proper knowledge. It is better to hire those personnel

who has a degree related to networking.

3. Always remove console cable after use.

4. Always log off from administrative interfaces before leaving a station.

5
5. Critical resources should be kept in a room or location that meets with following requirements;

Room must be accessible only by a single secured access point.

Access point must be monitored via security cameras.

Only authorized person should be allowed to access the room.

Every entry should be logged by security systems and monitored by security personnel.

Environmental Threats

Network devices are very sensitive hence proper and serious care is required. Environmental

factors should be considered in order to prevent harm in these devices. Temperature is one of this,

excessive heat and unstable temperature can easily damage device components. As the heat

increases the device has a lower capability to stay cool until it crashed. Second one is humidity;

wherein quick temperature drops can cause moisture. Heat and moisture accelerate the breakdown

of the device components.

The following are the measures on how to lessen environmental threat;

1. Wherever possible keep away EMI (Electro Magnetic Interference) devices from critical

networking devices such as routers, switches, PCs and Servers.

Electromagnetic interference has a negative effect on the performance of these devices. Routers

and switches are devices use in transmission of data wherein EMI interfere the signal of

transmission.

6
2. Usually networking devices have recommended environmental parameters. Always maintain

room temperature and humidity level between these parameters.

3. Keep the critical networking devices away from direct sun light and heavy winds.

Electrical Threats

Irregular power supply (such as fluctuations, high voltage, low voltage or surge voltage) can cause

serious damage to the network components.

Following precautions should be taken to minimize the electrical threat;

1. Use UPS (Uninterruptible Power Supply) for critical network resources.

Uninterruptible Power Supply serves as battery backup whenever there is a power loss. It contains

a battery that provides power for a few minutes in order to shut down the device properly.

2. Use RPS (Redundant power supplies) for critical devices.

Redundant power supply is similar to Uninterruptible Power Supply wherein it is used as a power

backup every time power loss occur. The difference of RPS to UPS is that RPS contains two power

supply units inside it. RPS is essential for network devices like servers to reduce chance of

complete computer shutdown or failure.

3. Use backup generator systems with auto inverter technology that switches on backup power

supply automatically if main supply went down.

7
Blackouts and power outages are becoming frequent nowadays, backup generator systems

especially in a network facility are very important in order to keep facility running in the event of

a total power failure.

4. Use monitor and alarm system at device levels.

In order to detect electrical threats and prevent its harm earlier, installing monitor and alarm

systems are recommended.

Maintenance Threats

Network devices is a key part in order to keep a network up and running. As time passes by these

devices slows down its performance which lead to maintenance threats. Improper disaster planning

causes the maintenance threats. lack of spare parts, poor cabling, incorrect or no labeling on

components are the cases that cause maintenance threats.

The following are the guidelines in order to avoid maintenance threat;

1. Clearly label all components.

Labelling lead to an organized network. Every process in a network relies on cables for instance,

any disruptions of it can affect wide range of processes. Absence of components label will waste

time and assets trying to find where and what the problem is. So, it is a must to do labelling on all

network components.

2. Secure cabling equipment in racks.

The essence of racks is to holds multiple servers inside a single room. Racks provide safety to

server and provide more space.

8
3. Always maintain a sufficient stock of critical spare parts for emergency use.

There are instances that one of your equipment will be damage and it’s a suggestion to always

have backup in order to avoid downtime.

Protecting critical information

“With the introduction of computer, the need for automated tools for protecting files and other

information stored on the computer became evident” (William Stallings). Dealing with critical

information requires critical security that will ensure privacy, confidentiality and to defeat any

attempt that will compromised other private information. Critical information is stored and

delivered via network such as the internet thus, it gives opportunity to hackers to take advantage

to initiate cyberattacks to compromised this critical information. As a network administrator you

have to ensure customers data that is entrusted to you to be protected.

According to David Howell, the following are the measures on how critical information can be

protected;

1. Keep all of your IT systems' anti-virus and firewall protection up-to-date.

Anti-virus software is crucial in detecting, locating, and removing unwanted applications such as

viruses and any malicious threats that steal sensitive information. Installing anti-virus will help to

prevents loss of critical data and prevents identity theft. Keeping firewall up-to-date will help to

protect the network and of course critical information. Firewall that is not updated provide less

effectivity.

2. Educate your staff about good data security policy, which means locking computers when not

in use.

9
As a network administrator it is your responsibility to instruct your subordinates on how customer

critical information will be protected. It is also important to be careful on hiring staff.

3. Prevent sensitive customer data from being removed from your secure premises on removable

media such as USB drives.

4. Ensure that mobile devices such as smartphones and tablet PCs use secure connections – such

as a VPN (Virtual Private Network) – when they connect with your servers to access customer

data.

5. Be aware of any data that is contained on obsolete IT equipment.

6. Backups of customer data are vital to carry out on a regular basis. Using an off-site data

backup service can provide a level of redundancy to allow your business to protect customer

data as part of its contingency planning.

“Passwords are the first line of defense in protecting access to our finances, credit information

and identities” (CNBC). Passwords purpose is to ensure the security and confidentiality of any

information of a person and organization, like for example your Facebook account which is

protected through your password. But hackers will do a lot of mechanism just only to breach your

password and access your account and steal your private information and use on illegal activity.

The following are the steps on how your information will be protected online;

1. Don't pick a weak password.

Never use a password that is so obvious to detect by both human and computer. As much as

possible avoid using your related personal information and simple patterns in creating your

password. It is recommended that your password is be at least 8-10 characters long and longer for

10
administrative accounts. Use alpha (lower and upper case) and numeric characters including

special character.

2. Use multifactor authentication

Using MFA, an online user will be identified by validating in to two or more verification. It

includes option for an additional step between entering your password and accessing your account.

3. Different accounts need different passwords

Using same password to your different accounts will increase your vulnerability. In case that your

one account is compromised then the other one will be easily for the hackers to breach it as well.

Additional Network Security;

1. Secure: Lock your networks with a combination of authentication, encryption, firewalls, and

continuous patching of system vulnerabilities;

2. Examine: To maintain a secure network, you have to regularly monitor the state of security

mechanisms, readiness, and incident handling procedures. Network vulnerability scanners

from a number of reputable vendors will proactively locate areas of weakness, and IDSs can

alert and respond to security events when they occur. Your organization can get high visibility

of the network data stream and the security condition of the network using emerging security

solutions;

3. Test: Equally as vital as network examination and assessment is testing. Without adequate

testing of the security solutions, it's tough to know about new threats and attacks. The hacker

community is an ever-changing continuum with menacing designs on your systems and data.

You can perform this testing yourself or you can outsource it to a third party;

11
4. Enhance: Use the information gathered from the Examine and Test phases to constantly

enhance and improve the corporate security implementation and modify the security policy as

new vulnerabilities and risks are identified and the business model changes.

IV. Conclusion

As our technology rising too fast the level of security in terms of a network is getting stronger but

the requirements on how to compromise the security of a network only need a lower level of

knowledge that even non-IT people can do it. There is so many software which is easy to use and

contains many features and video tutorials available online that everyone can download and use to

do illegal activity like hacking.

There is no such thing as 100% secured network and we cannot stop hackers to do illegal thing but

we should be aware that we have something to do with it. At the end of the day, what we need in

order to avoid hardware threats, environmental threats, electrical threats and maintenance threats

and other online wrong doings is proper knowledge and awareness about it. Always do planning

and be ready and of course we should always be careful when dealing online.

12
 V. Reference

The Increasing Threat to Network Infrastructure Devices and Recommended Mitigations. (2016,

September 28). Retrieved February 09, 2018, from https://www.us-cert.gov/ncas/alerts/TA16-

250A

C. (2018, February 05). Network Security Threat and Solutions. Retrieved February 09, 2018,

from https://www.computernetworkingnotes.com/ccna-study-guide/network-security-threat-and-

solutions.html

Howell, D. (2012, August 01). Data Protection and Data Safety Measures. Retrieved February 09,

2018, from https://www.plagaware.com/service/measures-data-protection

Morris, C. (2016, February 24). 8 surefire ways to protect your online passwords. Retrieved

February 09, 2018, from https://www.cnbc.com/2016/02/24/8-ways-to-protect-your-passwords-

from-identity-theft-online.html

What Is Network Security? (2018, February 07). Retrieved February 10, 2018, from

https://www.cisco.com/c/en/us/products/security/what-is-network-security.html

Stallings, W. (1999). Cryptography and Network Security: Principles and Practice (Second ed.).

Upper Saddle River, New Jersey 07458: Prentice-Hall, Inc.

13