Technologies and Methodologies Evaluation
Introduction
Information Security is the primary objective of any organization these days. In order to secure the information systems and mitigating the Information Management risks, organizations are implementing and following different security technologies and methodologies. There is no single methodology or security technology that can secure the information in the network. However, organizations are putting different methodologies and controls in place to protect the information available on the network.
Technologies and Methodologies
Securing and protecting an organization’s information assets involves establishing and implementing a state-of-the-art, multi-dimensional approach, beginning with security authentication processes, which, in addition, involves information system design and security. Information management risks involve cybercrimes or crimes in the cyber world. To protect the Information or to mitigate the Information Management risks there are various security technologies available but not limited to access control, Firewalls, Intrusion Prevention Systems, Intrusion Detection Systems, and cryptographic tools.
Access Control
Access control is primarily preventing the unauthorized use of a resource and allowing authorized users to access the information in the authorized manner only. In a network, there are several client systems and servers available and various users have access to the available resources. Organizations create Access Control Lists (ACL) to control the access to the resources and to allow only authorized users to access the information. It is the first line of defense for the information security within the organization. Access control works as a mediator between the users and network resources such as Computers, Firewalls, Databases, or Routers. Authentication mechanism within the access control ensures the permitted access to the system by an authorized user only (Stallings & Brown, 2012).
Firewalls
Firewalls are the devices that help protect the network and block the network traffic on certain ports, IP address or protocol.
There are various types of Firewalls available like Packet Filtering Firewall, Stateful Inspection Firewall, Application Level Gateway and Circuit-level Gateway (Stallings & Brown, 2012).
Internet is not an optional thing for any organization. However, with access to the Internet come the security risks that call for the devices that can protect the network. Firewalls provide a security layer between the on-premises networks and Internet. In addition, Firewalls also protect and block the unauthorized network traffic between different subnets within the organization. Firewalls provide a single point of protection by allowing only the authorized network traffic to go out or coming into the network.