The online world has grown in leaps and bounds in the last few years. This provides the public with some amazing resources - the ability to access information with the touch of a finger, the ability to communicate via fast and inexpensive methods, and more functionality and ease of use are being introduced every day. Unfortunately, as with all good things, there is also a dark side.

While there are plenty of people who use the internet and computers responsibly and honestly, there are predators and hackers out there who spoil the fun for everyone if their dirty deeds go unchecked. There are a lot of ways for these people to compromise your computer and your network. Below we will review just a few of the ways that your network can be compromised.

Two destructive network breaches fall under a category known as "destructive behavior." One involves the complete obliteration of data within your network. It is called "data destruction" and it is just what it sounds like. It happens when someone breaches your network and deletes data. If your network is business-related, this can be devastating. Experts say that it is no less destructive than a fire that destroys your computer equipment.

Some perpetrators have more than simple destruction in mind. They do something called "data diddling" which means that they alter the data in your system. They might change data in spreadsheets or other documents, or they might tamper with your accounting system. Some examples of things that have really happened involve the accounting system specifically. "Hackers" have broken into a network, accessed the accounting system, and changed the account numbers on direct deposit paychecks to go into their own accounts. Thefts like this take some time to track down - first the employee has to not get paid, investigations have to be made, and someone has to think to double-check the direct deposit account information. In some cases, companies have cut new paper checks and it has taken months to retrieve the lost funds.

Another way in which networks are vulnerable is in the realm of confidentiality. A lot of times, companies possess information that, if shared with a competitor, could be very bad for business. In this case, predators are not looking to alter or destroy data, they are merely trying to find out information they're not supposed to know. If someone were to find out financial performance information before a public release of said information it could affect the stock negatively. If a company is planning to roll out a new product and someone gets that information and gives it to a competitor, or leaks the information to the public, it could hurt the company's sales. Even more frightening is the possibility of someone breaking in to view confidential employee-related data - like home addresses, social security numbers, and bank account information.



Article Source: http://EzineArticles.com/?expert=Lawrence_Reaves

A penetration test (in the IT vernacular referred to as a "pen test") is also known as "ethical hacking", and this network security tool provides an essential function in vulnerability assessment. By actively seeking out and deploying attacks and penetration efforts against your network, you are more likely to uncover vulnerabilities and be able to take action to block holes in your security and pre-empt attacks on the perimeter defences.

Penetration testing includes both script-based and human-based attacks on the network in order to seek out and exploit vulnerabilities. The difference between this and say, criminal hackers looking to cause mischief or theft of data, is that you control the "attacker". The "attacker" reports back to you on whether they were successful and if so, how to stop such an attack from being successful in real-life. Penetration testing will reveal network security holes but more than this, it will be able to provide you with a realistic risk assessment including the impact on your business should such an attack succeed. Knowing what such an attack may cost your business will provide you with the ability to quantify the business risk and determine whether you do in fact, need to implement a solution.

"Black Box Testing" involves a penetration test where the attackers have no knowledge of the network infrastructure. They are working from what a real, external hacker would be using - online connectivity and any human intelligence or reliance on human nature, in order to discover vulnerabilities.

"White Box Testing" involves attackers who have full knowledge of the network infrastructure and are seeking out vulnerabilities and scenarios to take advantage of perceived weaknesses.

An intermediate form exists, known as "Grey Box Testing" where some knowledge is provided, known also as "partial disclosure".

The aim of these differing forms of testing is to compel imaginative ways to hack into the network, compromising network security. While having full knowledge of a system may lead the ethical attacker to use an obvious defect in network security, they may pass over and completely miss a less obvious but more severe vulnerability. Blind or black box testing does not allow for precise testing of certain components of the network because they don't know how the network is established but, this form of testing does lead to more imaginative attack scenarios being developed and hence, a more realistic prospect of stopping a real attacker with mischief in mind.

Penetration testing should be a regular scheduled activity and performed at least once a year and every time the network infrastructure is added to or changed. Penetration tests are also a serious component of risk audits conducted to determine network operation and integrity. Script-based penetration testing is relatively inexpensive because of the level of automation involved and is eminently suitable for white box testing. Black box testing, on the other hand, is labor intensive because it involves real people emulating real life hackers and such a penetration test will involve more than simply running an online attack against the network, for instance, rummaging through company trash for computer information, and this dramatically increases the cost.


Article Source: http://EzineArticles.com/?expert=Lawrence_Reaves

Using your company network as the backbone for making telephone calls is not a new concept, in fact it has been around for several years but recent developments in technology has increased the rate of adoption of internet telephony. Internet telephony goes by numerous names and acronyms - VOIP, Voice Over IP (IP stands for Internet Protocol), IP telephony, broadband telephony and VoBB (Voice Over BroadBand). Skype is the first widely adopted application which uses the internet backbone as the basis for transmitting voice and video call data.

The advantages of internet telephony are numerous, not least the cost savings associated with running telephone calls over the same network as the company network and internet. By combining the two applications - use of the web and making telephone calls - only one network is required instead of two separate telephony and IT networks. In a wider context, telephone and internet service providers (ISP's) can use their existing network, and network security , infrastructure to deliver services to customers. This is why it is so common to find cable/telephone/internet access all bundled together from companies in the business and domestic customer markets.

The cost of making calls also drops significantly as the internet (which is free) is simply being used to transmit your call in the form of data which is reassembled at the other end of the connection. A user simply needs to pay for internet access and this bypasses the need to pay a telephone company for the service. The cost savings become even more apparent when you consider that the internet backbone is just as capable of delivering your voice or video data to Australia as it is to the cubicle next door in head office.

Issues arose with internet telephony because of the poor call quality which was frequently experienced by users. Call quality has dramatically improved with better technology and data transmission techniques such that call quality is in many instances just as good as a land line call. A further drawback was the inability to make telephone calls if the internet connection was down - as internet telephony relies on the internet backbone to transmit the call, if you cannot access the internet for whatever reason, you cannot use the internet telephony service. This has led to criticisms of VOIP for its lack of redundancy but installations frequently run hand in hand with a fixed line system and still deliver significant cost savings.

Modern internet telephony systems use bandwidth with a high degree of efficiency and as this limiting factor has now been removed, more and more businesses are performing the migration of their business telephone service to IP based services. It is not just the cost savings which can be achieved which is the business driver but the functionality which can be delivered. Internet telephony encompasses much more than voice calling and includes video and web conferencing, interaction with email systems, multiple and anywhere/any device utility for making and taking calls, faxes and emails and much more. This is referred to as "unified communications" - treating any communication which can be made or taken using any device and internet telephony provides the basis for this merging of communications technology and application.



Article Source: http://EzineArticles.com/?expert=Lawrence_Reaves