In information technology, network security is the act of maintaining the integrity of a computer network and the data within it. A network is comprised of any number and variety of interconnected devices. Network security is important because it keeps sensitive data safe from cyber attacks and ensures that the network is usable and can be trusted.
Network security management may involve a wide variety of security tools, for both hardware and software. Security becomes more important as networks become more complex, and enterprises become more reliant on their networks and data to conduct business. Methods for enforcing security should strive to evolve as networks and attack methods evolve, and aim to prevent breaches by limiting risk on the network. No matter the specific method or enterprise security strategy, security is usually framed as everyone's responsibility, because every user on the network represents a possible vulnerability in that network.
Why is network security important?
Network security is important because it protects valuable data, which, when possessed by the wrong person, could end up causing a wide spectrum of problems -- from inconveniences to catastrophes. An organization without adequate network security cannot function.
How does network security Work?
Network security is enforced using a combination of hardware and software network tools. The primary goal of network security is to prevent unauthorized access into or between parts of a network. Network segmentation is often used to achieve this. Network segmentation is the division of networks and the designation of resources to those divisions.
A security official, or group of them, determines security strategies and policies that keep the network safe and help the organization comply with security standards and regulations. It is the responsibility of everyone on the network to abide by these security policies. Every point in the network where an authorized user could access data is also a point where data could be compromised, either by a malicious actor or simply through a lack of diligence from the user. It also the responsibility of security tool vendors to update tools and software to stay ahead of evolving cyberthreats.
Types of network security
Networks contain layers, as represented by the OSI model. Data passes through these layers as it travels between devices. All layers in the stack must be secured for the network to be considered secure.
The table below matches the OSI levels to the corresponding type of network security.
|Layers (ISO 7498-1)||ISO 7498-2 Security Model|
|Data Link||Assurance / availability|
|Physical||Notarization / signature|
Notice that the third layer from the bottom is called "Network," but network security does not apply only to this layer. Every device in a computer network functions on multiple layers when processing information, and therefore each layer must be secure for the network to be considered secure. In other words, the word "network" in this definition of network security refers broadly to the corporate infrastructure as a whole, not just layer 3.
For example, some people may make the distinction between cloud security and network security. Cloud security would include things like application security and container security, which exist outside of layer 3. However, those cloud functions can still be considered part of the overall corporate network, and therefore securing them constitutes as network security.
Benefits of network security
The main benefits of network security are:
- It ensures the functionality of the networks that businesses rely on.
- It ensures the confidentiality, integrity and availability of data on a network. This is known as the CIA triad.
- It ensures compliance with security regulations -- the HIPAA Security Rule, for example. Compliance is also important to the success of a business.
- It creates a safer marketplace overall when organizations take a proactive approach to security, and share their strategies continually with non-proprietary security frameworks like MITRE ATT&CK.
- It helps businesses build and maintain customer trust. Security breaches can damage a business's reputation.
Challenges of network security
One main challenge of network security is the rate at which cyber attacks evolve. As technology evolves, new exploits are developed, and new defenses are required to protect networks from them.
Another challenge is the large scope of security strategy. As mentioned, security is every network user's responsibility. It is difficult to construct a strategy that enables everyone to live up to that responsibility while simultaneously evolving to address the newest threats.
More companies are adopting a bring your own device (BYOD) method, which means a more distributed and complex network of devices for organizations to protect. Working from home has also become more prevalent. This makes wireless security more important, as users are more likely to be using a public network when accessing company networks that include sensitive financial, health and consumer data.
Cloud providers, managed security services and security product vendors are also responsible for security. When a business gives a third party access to its data, the third party must also be held accountable for security responsibilities. Some examples of this include using:
- A virtual network such as a software-defined wide area network (SD WAN);
- A third-party security consultant;
- A third-party security software or product; or
- A cloud service like AWS.
Businesses need to be cognizant of every point at which sensitive data can be accessed in their network, and adapt their treatment of those points to suit the evolving technological relationships between them.
Another specific challenge is riskware, which is legitimate software with features that can easily be exploited by malicious actors.
Network security software and tools
The specifics of security policy and security tools used vary from network to network and change over time. Some basic, commonly used network security tools and software include:
- Firewall -- Firewalls are some of the most widely used security tools and can be used at multiple different layers of the network.
- Antimalware software -- This is software designed to detect, remove and/or prevent malware from infecting a computer, and consequently, a network.
- Intrusion prevention system -- This is a system designed to prevent intrusions. It actively removes unauthorized attempts to access a network.
- Intrusion detection system -- This system detects unauthorized access attempts and flags them as potentially dangerous, but does not remove them itself. This or intrusion prevention systems are often used in combination with firewalls.
- Virtual Private Network (VPN) -- This is a program that uses tunneling protocols to encrypt information and send it over a public, less secure network.
- Cloud security tools -- Cloud providers often provide security tools that allow organizations to hand some of their security burden to the provider. The cloud provider manages the security of their overall infrastructure and offers tools for the user to protect their instances within the overall cloud infrastructure. For example, AWS provides application security groups, which are virtual firewalls that protect AWS instances and relational database services among others.
Network security jobs and certifications
Some jobs pertaining to network security include:
- Chief Information Security Officer (CISO) -- This is one of the highest-paying positions in the network security job landscape. CISOs are responsible for developing and implementing an information security program.
- Penetration tester -- Pen testers are hired to break into a corporate network to expose vulnerabilities. This can be automated or performed manually by in-house employees or third-party pen-testing-as-a-service providers.
- Security engineer -- These employees focus on quality control within the IT infrastructure.
- Security architect -- These employees plan, analyze, design and test the company's IT infrastructure.
- Security analyst -- These employees analyze and plan security strategy, as well as perform security audits.
Certifications for careers in network security include:
- (ISC)2's Certified Cloud Security Professional (CCSP) certification;
- (ISC)2's Certified Information Systems Security Professional (CISSP) certification;
- ISACA's Certified Information Systems Auditor certification;
- CSA's Certificate of Cloud Security Knowledge (CCSK) certification;
- AWS Certified Security;
- Google Professional Cloud Security Engineer; and
- Azure Security Engineer Associate.