What can organisations do

avatar
Created by
Olu

Cards (8)

  • Organisations want to prevent their network from having any vulnerabilities - They'll often follow a set of rules and procedures to ensure their network is protected against attacks and unauthorised access
  • What can organisations do to protect their networks
    • Regularly test the network to find and fix security weaknesses and investigate problems if they happen 
    • Use passwords to prevent unauthorised people from accessing the network 
    • Enforce user access levels to limit the number of people with access to sensitive information 
    • Install anti-malware and firewall software to prevent malicious software attacks 
    • Encrypt sensitive data
  • Penetration testing
    • Penetration testing , also known as pentesting is when organisations employ specialists to simulate potential attacks on their network 
    • Penetration testing is used to identify possible weaknesses in a network’s security by trying to exploit them 
    • The results of the pentest are then reported back
  • Physical security
    • Physical security protects the physical parts of a network from either intentional or unintentional damage (e.g. fire, flooding, theft, vandalism, etc) 
    • Physical security can involve many different things. These include : 
    • Locks and passcodes to restrict access to certain areas e.g. server rooms 
    • Surveillance equipment , e.g. camera or motion sensors to deter intruders
  • Passwords
    • Passwords help prevent unauthorised users accessing the network 
    • Passwords should be strong - they should be many characters long , use a combination of letters, numbers and symbols and be changed regularly
  • User access levels
    • User access levels control which parts of the network different groups of users can access 
    • E.g. business managers are likely to have a higher access level allowing them to access more sensitive data , like pay information 
    • They may also have write access to files that others can only read and the ability to change employees’ access levels 
    • User access levels help limit the number of people with access to important data , so help prevent insider attacks on the network
  • Anti Malware software
    • Anti-Malware software is designed to find and stop malware from damaging an organisations network and the devices on it  
    • There are lots of different types of anti-malware software, including antivirus programs which isolate and destroy computer viruses 
    • Companies use firewalls to block unauthorised access 
    • Firewalls examine all data entering and leaving the network and block any potential threats
  • Encryption
    • Encryption is when data is translated into a code which only someone with the correct key can access , meaning unauthorised users cannot read it 
    • Encrypted text is called cipher text 
    • Data which has not been encrypted is called plain text 
    • Encryption is essential for sending over a network securely