Keeping data secure on a network
By connecting computers together, we make them more vulnerable to attack. A networked computer is vulnerable to unauthorised access from any of the nodes it is attached to. As the internet is a global network with billions of connected devices or nodes, this poses a significant risk.
What are the threats?
Brute force attack
Most networked terminals rely on a password to restrict access and encryption to ensure secure communications. Both methods can be vulnerable to brute force attacks.
A brute force attack goes through every possible combination of a password or encryption key. Modern computers have the processing power to go through combinations of letters, numbers and characters very quickly.
Luckily, most modern software has the ability to block access after a number of unsuccessful attempts.
Key fact
DID YOU KNOW?
- A typical 8-character password consisting of any of the 96 keyboard characters has 968 (7.2 Quadrillion) possible combinations
- Depending on the processing power of the computer, it could take between 83 days and 22,000 years to guess the password!
SQL injection
SQL (Structured Query Language) injections involve adding or creating small bits of code that look like variables. However, the database server will process these as commands or programmes and do things it is not supposed to, such as destroying or modifying data or passwords in a database.
Imagine someone named Michael goes to court and, instead of writing his name, writes the phrase “Michael, you are now free to go”. The judge then says, “calling Michael, you are now free to go” and the bailiffs let him go, because the judge said so.
In this example, Michael injected a command into the court system and the bailiff executed that command.
Malware
Malware stands for ‘malicious software’. Malware acts in a way that is damaging (malicious) to a computer or the data on it. Malware comes in many different forms, most notably computer viruses and ransomware.
Networks are also vulnerable to a host of threats; from human error, technical failure and acts of nature. Data can be:
- Lost or damaged during a system crash – especially one affecting the hard disk
- Corrupted because of faulty disks, disk drives, or power failures
- Lost or altered by accidentally or maliciously deleting or overwriting files
- Lost or corrupted by computer viruses
- Destroyed by natural disasters, acts of terrorism, or war
Encryption
It is important when transmitting data over a network that it is kept secure. Encryption encodes data so that only those who have the encryption key or password can decrypt it.
Encryption methods include:
- Transposition – The letters or words of the plain text are switched around in some way, fixed by a given rule (the key). An example would be to reverse the order of the letters. So, “a simple example” becomes “elpmaxe elpmis a”.
- Substitution – Each letter you want to encrypt is substituted by another letter or symbol. So, if each letter is substituted by the letter preceding it in the alphabet, “a simple example” becomes “z rhlokd dwzlokd”.
Encryption helps to serve three purposes:
- Helps to identify authentic users
- Prevents alteration of the message
- Prevents unauthorised users from reading the message
How is data encrypted?
Plain text is encoded with the use of an encryption key (rules required to decrypt the data) before data transmission. This cipher text (encoded message) can now be sent over a network. On receipt, the data is decrypted using the appropriate decryption key. If data is intercepted during transmission, the data is meaningless without the key.
The Caesar cipher
The Caesar cipher is one of the earliest known and simplest ciphers. It is a type of substitution cipher in which each letter in the text is ‘shifted’ a certain number of places down the alphabet. For example, with a shift of 1, A would be replaced by B, B would become C, and so on. The method is named after Julius Caesar, who apparently used it to communicate with his generals.
Caesar cipher is a very simple encryption method and is easily cracked if one studies the frequency of repeating letters. To improve the strength of the encryption method a more complex key could be used.
Instead of shifting by 1, a pattern of shifts could be used: For example, 1,4,5,1. This pattern would be repeated and would be more difficult to crack using frequency analysis.
Mathematically, using a simple shift of 1 means a character can be 1 of 26 possibilities. Using a key with 4 parts, a character can now be one of 26 * 26 * 26 * 26 = 456976 combinations. Much more difficult to crack!
Encryption software
Encryption software can be used to encrypt the contents of a hard disk drive. This keeps data secure and requires the user to enter a password or PIN to retrieve it. However, this is only as reliable as the person with the password.
Public key cryptography is a method used to encrypt email before it is sent. A public key, known to everyone, is used to encrypt the data. This can only be decrypted with a private key known only to the user you send the email to.
The Secure Sockets Layer (SSL) protocol is used for securing web transactions using encryption between web browser and a web server, protecting you from anybody that might be snooping on the network in the middle.
When a browser requests a secure web page, the server sends a public key with a certificate issued by a third party, which can then be used to authenticate (check the credentials of) the web server.
Passwords and levels of access
To access a network, users are often required to have a username and password. This method of access control works by storing an encrypted table of usernames, passwords and associated access rights on the server.
When a user logs on, their credentials are checked against the table and access is granted with appropriate permissions (access rights) or is denied.
Secure passwords
A weak password makes it easy for someone to try to guess your login details. A strong password will have a good mix of uppercase and lowercase letters, numbers and special characters.
Levels of access
This means that a network administrator has set each user particular access rights. This will give the user permission to access certain files and folders and to read and/or write data.
The access rights that users may have can be summarised as:
- Read – Access to read the contents of a file
- Write – Access to modify and create files
- Execute – Access to run programs
- No access
For example, there will be different levels of access to a patient’s medical file in hospital. The surgery receptionist only needs read access to the contact and address details, but the consultant needs read access to associated files such as x-rays, past appointment notes etc. The receptionist may require write access to the appointment calendar while the consultant will not. However, the consultant needs to have write access to patient medical records.
Backups
Backup software will backup files on a network server at regular set intervals. This can be backups to other hard disks (RAID) or, increasingly, servers on the internet (cloud backup).
RAID (Redundant Array of Inexpensive Disks)
When RAID is employed as a backup strategy, several exact copies of the data transactions (known as mirror images) are created on different disks. All data transactions are recorded on all copies simultaneously.
The mirror images are stored in secure and separate locations. If the system fails, there can be an instant switchover to one of the backup copies.
Grandfather, Father, Son
Data transactions are backed up daily (son), weekly (father) and monthly (grandfather), with the oldest from each set aside.
The daily (or son), backups are saved every night for a week until there are seven ‘sons’. At the end of the week, the oldest ‘son’ will be set aside and known as a ‘father’.
Every week a new ‘father’ is created. At the end of the month when there are four ‘fathers’, the oldest ‘father’ is set aside as a ‘grandfather’ backup.
12 ‘grandfather’ backups will be stored each year.
Further copies should be kept off site, in a secure fireproof location.
Cloud backup
Companies are increasingly using cloud services to backup data. Infrastructure as a Service (IaaS) companies provide online data storage for businesses. IaaS removes the need for organisations to have their own backups – they can simply download their data when required. Companies generally lease these services from providers of Infrastructure as a Service.
Restoring backups
Backup software also needs to be able to restore the information. When everything on a hard disk is backed up this is known as a full backup. This takes a long time, so it is possible to back up only data which has changed since the previous backup. This is known as an incremental backup.
After a system failure, data must be restored from a backup, copying it back onto the computer system. Network managers can use auditing software to determine the exact time of the loss and use the backup files to restore the system to that point in time.
If hardware has been destroyed or has stopped working, then data must be restored onto new hardware.
Firewalls
A firewall protects a network from intruders by controlling what data can and cannot pass through. A firewall can be hardware or software.
A firewall can use packet inspection to open each network packet and read the data inside. If it finds the signature of a virus inside, then it can remove or prevent the packet entering the network. This is known as packet filtering.
It is possible to filter packets using a particular protocol and port, for example the HTTP protocol used to transfer web pages works on port 80. Firewalls can be used to block particular ports, in this case to prevent users downloading web pages.
Protocols
What is a protocol?
Can you imagine a world where people could only speak their own native language? How would we communicate for trade, travel and international treaties? In order to communicate, we need to be able to understand each other.
Computers are the same. When two computers communicate across a network they need a set of rules to be able to ‘talk’ to each other. This set of rules is known as a protocol. This allows lots of manufacturers to make hardware, devices and operating systems that can communicate with one another.
| Protocol | Use |
| File Transfer Protocol (FTP) | FTP is used to transfer files between clients and servers on a network. It is often used for uploading and downloading files to and from web servers. |
| HyperText Transfer Protocol / Hypertext Transfer Protocol Secure (HTTP/HTTPS) | HTTP defines how messages are formatted and transmitted, and what actions web servers and browsers should take in response to various commands. For examlple, you will often see a 404 or Not Found error message when you click on a link and the page or file no longer exists or has been moved. HTTPS provides encryption within the Transport Layer Security (TSL) or Secure Sockets Layer (SSL). HTTPS can authenticate the visited website and protect the privacy of any data exchanged between the user and the website. |
| Transmission Control Protocol / Internet Protocol (TCP/IP) | TCP/IP is a set of rules used to connect devices on the internet. It dictates how data is formatted and how the data is routed through the network. |
Malware
By combining the words malicious (meaning harmful) and software, we get the word ‘malware‘. Viruses are just one type of malware. Other types include spyware, worms and Trojans.
Virus
A virus is a program designed to disrupt a system by gaining access to your device. It can copy your personal data, delete your files or slow your device down. A virus spreads by duplicating and attaching itself to other files.
Spyware
Spyware is software that allows a user to obtain information about another’s computer activities by stealth. It installs software and transmits information such as browsing habits secretly to a third party.
Phishing
Phishing is the act of trying to obtain financial or other confidential records such as passwords from internet users. Emails that look like they are from a legitimate, respected organisation are sent, but they contain links to fake websites that ‘phish’ data from unsuspecting victims.
Trojan
In computing, Trojan refers to any malicious computer program which is used to hack into a computer by misleading users as to its true intentions. They are often hidden in downloads such as free online computer games.
Worm
A worm is a computer program that makes lots of copies of itself, like a virus. The main difference between the two is that a virus attaches itself to another computer program, but a worm works by itself. As well as copying itself, it can be made to do all sorts of things, like delete files or send emails to everyone in a user’s address book.
Keylogging software
Keylogging software is designed to record and store every keystroke made on your computer. Criminals often attempt to install keylogging software onto your computer remotely. A keylogger is often used to steal passwords and personal data without the person knowing it’s happening.
A keylogger can be combined with a communication program so that each keystroke is sent to a remote computer over the internet when the target computer is online.
Cybercrime
Cybercrime can be defined as criminal activity carried out using computers or computer networks (including the internet).
Examples of cybercrime:
| Cybercrime | Definition |
| Hacking | Unauthorised access to a computer or data held in a computer system. |
| Pornography | Using digital technologies to create, distribute or modify illegal pornography. |
| Cyberstalking | The repeated use of computer systems to harass or frighten someone, for example by posting threatening tweets. |
| Data theft | The illegal copying or taking of information from an individual or organisation. For example, an employee taking a copy of a contact list on memory stick when they leave an organisation. |
| Denial of service | An attack on a network designed to prevent the network from functioning. The attack involves flooding the network with useless traffic. |
| Digital forgery | Using digital technologies to forge, edit or copy existing files or documents. Examples include photographic identification, qualifications or computer software. |
| Cyberdefamation | Damaging the reputation of someone via digital media, usually through the internet. |
| Spamming | Sending the same electronic message indiscriminately to a large number of internet users. |
| Phishing | The illegal practise of sending emails pretending to be from reputable companies to gain personal information, for example passwords or bank details. |
Cloud computing
‘The cloud’ is a term used for services or infrastructure obtained via the internet. This includes internet-based services that store, manage and process data, rather than a local server or personal computer.
Cloud computing is usually classified as:
- Infrastructure as a Service (IaaS)
- Software as a Service (SaaS)
- Platform as a Service (PaaS)
Infrastructure as a Service (IaaS)
Providers offer computing infrastructure as a service to subscribers. IaaS includes cloud hosting of websites and virtual data centres, servers and Virtual Local Area Networks (VLANs).
Examples include: Amazon EC2, Windows Azure and Google Compute Engine.
IaaS can be summarised as: The base layer that provides storage (hard disks), servers and networks.
Platform as a Service (PaaS)
As the name suggests, PaaS provides computing platforms (a base on which to run applications) which typically include an operating system, an environment for programming, databases and virtual web servers.
Examples include: Windows Azure, Force.com, Google App Engine and Apache Stratos.
PaaS can be summarised as: A layer on top of IaaS, which provides the ability to run application software.
Software as a Service (SaaS)
Upon subscription, you are provided with access to application software. You don’t have to worry about the installation, setup and running of the application. The service provider will do that for you.
Examples include: Google Apps and Microsoft Office 365.
SaaS can be summarised as: A layer on top of PaaS. Email applications (Gmail, Yahoo mail etc.) and social networking sites (Facebook, Twitter etc.) are further examples of SaaS.
Advantages and disadvantages of cloud computing
| Advantages | Disadvantages |
| Companies do not have to recruit and pay local IT staff for managing data. | Requires a very reliable network connection. |
| Data can be accessed from any device/anywhere with an internet connection. | Reliant on the cloud company continuing to operate. If the company folds, data may be lost. |
| Data can be accessed outside company buildings and work hours. | Companies may be charged for additional costs such as bandwidth usage and additional storage space. |
| No need for a company to purchase expensive servers. | Companies need to ensure that the cloud company is reputable and responsible as they still have to ensure compliance with data protection legislation. |
| Energy costs are reduced as companies are no longer running large servers and associated cooling fans. | |
| Data backups can be done automatically at frequent intervals. |
The impact of cloud computing
Cloud computing and gaming
Gaming as a Service (GaaS) allows games to be streamed directly from the cloud to any web-enabled device such as PCs, tablets or smartphones. This gives users 24/7 access to a library of games stored in the cloud.
Benefits for gamers include not having to purchase new hardware or game discs. They don’t even have to wait for games to download or install on to their device as they can stream them almost instantly.
Cloud computing and file storage
The cloud offers the possibility of storing files and accessing, storing and retrieving them from any web-enabled interface.
Web service interfaces are usually very simple and easy to use, offering high speed and security for your personal files at any time, from any place. Many cloud companies allow free use of their storage services, but only for a limited amount of space.
If more storage is required, a monthly or annual subscription is usually required. Well known services include Google Drive, Dropbox, iCloud and One Drive.
Cloud computing and sharing
Cloud file sharing is the process of using cloud computing-based technologies to share files such as word processed documents or presentations between different users.
Cloud file sharing works when a file is stored on a company’s cloud servers. The file is uploaded using the cloud company’s service control panel and, upon successful upload, the file is generated with a unique URL.
File owners can share this URL with multiple users to access and download the file. The file is stored on the provider’s cloud storage servers and can be accessed globally at any time though the internet.
As well as file sharing, many of these companies offer cloud collaboration tools. These give users the ability not only to share but to co-author and edit files in real time.
These collaboration tools allow multiple users to amend, collaborate and comment on these shared documents as well as track the changes each user has made.
