Be a Specalist in your field

                     http://mtechlearn.com/knowledge-base/706/

Techlearn = Encryption

http://mtechlearn.com/cryptography-classical-crypotography/

Cloud Computing

Its an extension and evaluation for virtualization concept,  Cloud Computing is a popular term referring where data  storage and process are performed in an unknown place,accessing cloud network can be done through Internet, Its alternative for having our traditional IT infrastructure in our local lan environment to an unknown place, thus reducing the cost of our data center infrastructure and its maintenance.

As it have some flaws also, as the datas are stored in unknown environment security is the main concern, we should have a strong SLA(service level agreement) for down time and data security.secondly we should have a strong internet bandwidth consumption also.

Some of the service of cloud computing are :

• Platform-as-a-Service : it's a concept of providing a computing platform and solution for software in the virtual cloud environment

• Software-as-a-Service : it’s a concept of providing a software as service google drive, Microsoft office 365 all fall on this categories, microsoft already replaced its exchange server concept with 365 as the corporate email service will be done through 365(as software as a service).

• Infrastructure-as-a-service: it’s a concept of providing or outsourcing full infrastructure to the cloud environment. Famous amazon AWS, Microsoft azure, google compute engine are all the famous service providers of Infrastructure-as-a-service and most of the corporate are moving to IaaS service environment

BYOD(Bring Your Own Devices)

Bring Your Own Devices is a new service, which is an increasing trend hitting in Business, the concept is employee can bring their own devices to the Business entity. As the emergence of smartphone system has made the corporate to accept user can use their own devices in business Environment.

Smartphone is the best example for BYOD devices, other than BYOD, BYOC (Bring your Own Computer), BYOL (Bring your own Laptop) are some of the similar services are also emergence with BYOD.

Security risk for BYOD is very high, as users are allowing to accesses corporate network result in security attack and breaches. High restricting security policy will minimize the risk in corporate network.

·         A well training to the users about the value of the data to provide for the BYOD users, such Business Impact if their devices is not full secured.

·         Policy should be made for data ownership even though their devices having personal data, having ownership like remote wiping to factory default setting of the stolen devices which is under BYOD policy.

·         Patch management, for those BYOD devices updating of Patch file should be done only by the management approach only, like the administrator have check the positive and negative site of the batch and recommend for new update.

·           If the devices are under violation or illegal activates, it should be clearly mentioned to the users about legal investigation of the devices.

·          Antivirus management also maintained through the policy, BYOD devices users should install recommended antivirus software in order to have a secure environment.

·         There should be clear concern about camera and video, as some company will not allow the users to take pictures and videos of their environment this should be clearly mentioned.

·         Finally, the users should accept the policy required by the office, else should not allow the BYOD devices to the offices.

Firewall - Part 2

Firewall had undergone lot of changes with added services, today let us see the generation of firewalls and its futures.

First generation firewall:

First generation firewall is a packet filter firewall, it will check network addresses and ports of the packet to decide, weather the packet should be blocked or allowed.

Packets are on the layer 3, which means most of the networks are done between physical and network layers, it will inspect the traffic flow and check weather to block or allow the traffic. For example, if the rule in the firewall for blocking telnet it will filter the port number 23 to block the traffic.

Second generation firewall:

It’s a state full firewall, second generation firewall perform the work of same first generation firewall, but operate on transport layer. It will keep the packet until enough information is made to judge about it state, this process is known as state full inspection.

Third generation or Next- generation firewall:

The main success of the firewall is application layer filtering, means it can understand certain application and its protocols such FTP, DNS, HTTP.

It’s also called as next generation firewall after 2012 itself.

Based on its services and its evaluation, firewall is divided into four types

·         Static Packet filtering firewall
·         Application level gateway firewall or Proxy firewall
·         Circuit level gateway firewall
·         Stateful inspection firewall

Firewall Part -1

Dear Friends ,in our previous threat we looked about securing of data i.e privilege classification, securing of data in stored environment, securing of data while in communication.

Today let us look about function and evaluation of firewall . Firewall in network terms connecting private secure network with secure public network to outside world through a secured environment. Secondly it has great impact on controlling IPV4 public IP addresses.before we are going into deep about firewall technology. Let us have a basic understanding of IP addresses and ports  

IP address : its an a internet  protocol address assigned for all networking devices, devices will communicate with their assigned  ip address. It's a 32-bit address . As per IANA ( Internet Assigned Numbers Authority) has segregated public and private IP addresses.

Public IP address: Public ip addresses are globally assigned unique IP addresses used for networking devices to communicate with global network.

Private IP address: Private IP address are assigned internally to an organisation, but when its need to communicate globally its needs public IP address.  Below are ranges of IP address and its classes instructed by IANA to use as private  IP ranges.

RFC1918 name	IP address range	number of addresses
24-bit block	10.0.0.0 – 10.255.255.255	16,777,216
20-bit block	172.16.0.0 – 172.31.255.255	1,048,576
16-bit block	192.168.0.0 – 192.168.255.255	65,536

Due to the lack availability of unique public IPV4 addresses leads to the development of IPV6, due to the lack availability of public ranges leads to formation of NAT/ PAT concepts .

What is nat , as all we know all the devices need an unique public ip address to communicate with outside globally, how about private IP ranges here the NAT concept is raised Network address Translation means Translating private IP into public IP address. This translation part will be done firewall and what about a group of private IP addresses ? this can be done by translating using single public IP with port address  , it's known as port address translation PAT.

Now lets come back to our firewall discussion, as we discussed previously firewall will act as inter-mediator with private internal network with communicating with external global network with IANA assigned public IP addresses .

Thus your internal network ranges will never know to the outsider, it's a type of securing our internal networks.

Default rule for firewall is internal users can able to access outside network without any restricted, whereas the restricted outside users only can able to access our Internal network, with the certain rules for allowing and denying, commonly it's referred as ACL it will be deny by default .

Due to advanced in technology, firewall also underwent serious of changes with the added functionality. Let us discuss about generation growth of firewall technology on next threat.

Data Secure Communication

In our last two threads I mentioned how data are secured in Production Environment and in data stored state.

What about the data’s while in transaction state, like office in one country and regional office in another country and how the data’s are transferred securely?

Think about voice/video communication all communication is made through IP packets only. Do you think its secured and it cannot have hacked by others?

We need all the data should be secured in either form of communication through data, voice or video mode.

Even accessing remote devices through command prompt or remote desktop are replaced by SSH access.

In corporate network, most secured form of transaction is done through Encrypted VPN connection either client access the network i.e. users is accessing from his own laptop. Or for site to site access.

Organizations often enable remote access solutions such as virtual private networks(VPNs). VPNs allow employees to access the organization’s internal network from them home or while traveling. VPN traffic goes over a public network, such as the Internet, so encryption is important. VPNs use encryption protocols such as TLS and Internet Protocol security (IPsec).

What is VPN?  VPN stands for Virtual private network, connecting to private through a secured tunnel in public Environment (through worldwide internet), which is an unsecured. we need to understand what is tunnel for complete understanding of VPN connectivity.

What is tunneling? it’s a network communication process, it protects the content of the packet by encapsulating with another protocol. Encapsulation and decapsulation will be done by both the end, by using a VPN device. Normally this services will come along with all the firewall devices.

Common VPN protocols are PPTP, L2F, IPSEC VPN technology.

In SSH mode of communication all the data will be encapsulated, old form of remote accessing like telnet has a serious of security issue, which result in accessing Encrypted session like SSH. Putty is the software commonly used for accessing remotely.

Data storage

In my previous thread we discussed about , labelling of data’s and privileges to accessing of data in secured way.

Let us look on how the data’s are secured in the stored environment, below are the storage places where datas are stored .

• Hard-disk
• External Hard-disk
• USB Flash drive
• CD-Drive
• Memory Card etc
• Tape drive

CD-Drive/Floppy disk now a days most of the peoples are stopped using this as datas are moving in terabyte sizes now a days, so let us ignore this devices .

Devices like hard,flash drive can be protected by password mechanism, privilege level access to the storage devices are also provided ,like the Administrator can only able to access all area in the hard drive. End users was restricted to access it .

In USB type storage ,users are restricted with passwords . so high security devices can be accessed only through the required credentials.

A common and recommended form of  protecting mechanism is through Encrypting the devices, You can see the encryption software in external hard drive by default , the data will get encrypted with the encryption only it will be decrypted with the same key .we will see deeper into encryption and decryption on my future threats.

How about the recovering of erased data ? yes it can be recovered using a recovering software and lot other technologies .

Data should be permanently deleted as the data should not disclosed to anyone. Below are the some common form of deleting datas

• Erasing
• Clearing
• Purging
• Declassification
• Sanitization
• Degaussing
• Destruction

Still to go a lot on data security .....

Thought of the day...!

Stress Management...In today's environment  we can commonly hear the word stress in their jobs most of the youngsters are facing stress mainly in IT environment . And they don't know how to overcome from the stress. From my experience i will suggest some tips which will be useful for yours .

• Job is not only a world to you, and you are the not one and only employee to your company.
• Don't ever postpone your works and be in time and leave in time. Don't forget there is a family waiting for you after office hours .
• Be positive and ignore people who make pressurized
• Laughing is a big remedy, have jokes .
• Involve in nature ,gardening swimming early morning walking.
• Spend your time with your loved one, time will go will never come again.
• Don't ever spend more than your income , ignore credit cards and type of loan cards.
• Plan yours life such that you can save some thing on your monthly income
• Interact with people ,spend time with them not through social medias  
• Learn to give back to society, as a aid or free knowledge transfer.
• Get involved in Music ,arts ,games which will make you feel relaxed.
• Explorer world ,travel a lot migrate the people with different culture and character.
• Take everything easy …:)

Sensitive Data Classification - Labeling

As I Informed in my previous writing, we will start discuss the security concept one by one. I am discussing the things based on my experience and the knowledge which I gathered from valuable material.

Our First Topic is about privileges in on the corporate environment, as all of us knows humans are the main cause of attacking either they known or the unknowingly they become victims for attack.

What is meant by unknowingly …? here our risk starts.

A study says most of the network are attacked due to the in-proper or poor privilege management from the user level. So how will the privilege have given. Here security study starts.

Labeling: Have to segregate data based on its sensitive and its Business Impact. I am going to label data based on its Sensitive data.

·         Confidential – Data if its disclosed outside will cause a serious damage, example let’s say formula for making coke, company sensitive data if it’s disclosed it will lead to serious damage to the organization. Personal Information includes Bank Number data which leads to serious damage will also include confidential.

·          Sensitive – Data which will give a negative impact but it will not create a serious damage to the corporate or individual.

·         Public – These data are not sensitive, will all come in to this level.

So how the labeling is going to work, based on the Positon the user handling we have to provide privilege to the users. For Example, the account Manager have rights to access only the account related documents like employee salary not the employee attendance or employee leave Access.

Handling of data’s can be managed by providing ownership to the documents and the owner can grand privileges to his employees, Example Account Manager have rights to access all the data’s related to account department. He can grand read /full access to his team member based on the role his team member is handling. like Internal accounts employee can have only rights to access employee salary detail nothing else in the department. Same Accountant who is handling for payment of purchase he have only had rights to access Invoice payment only nothing else in his own department.

Each department will have data owner and the respective privileged employee, in centralized environment the whole data is controlled by data security professional. Privilege revocation will also have done in a fast manner if the employee is shifted to other department.

                                                                                                       Will continued on next threat...

Top Security Certification in 2017

As we discussed  in the previous threat about deep study of technology and certification in IT world, let's us analyse deeper about certification first.

Below recommended certifications are neutral product vendor support and having a great booming in security world.

1)      Certified in Risk and Information Systems Control (CRISC)

                                                  Click here for CRISC

2)      Certified Information Security Manager (CISM)

  
                                                         Click here for CISM

3)      Certified Information Systems Security Professional (CISSP) 

                                         Click here for CISSP

4)      Certified Information Systems Auditor (CISA)  

                                                    Click Here for CISA

We will discuss  each certification in detailed manner on upcoming threat

Technology Growing where we are

   Hello world, today we are going to see the growth of network technology in the networking and security world.

Ten years before in the networking world Vendor based devices are dominated in the networking world, corporates are forced to go for the vendor based devices for the stability of the network, vendors developed their own protocol and this created vendor based certification and vendor related jobs in the marked.

Now the situation is changed tremendously, corporates are started movie from vendor based to their own requirements, it’s time for us to concentrate more on technology rather than going vendor based devices.

Now the situation is changed tremendously, corporates are started movie from vendor based to their own requirements, it’s time for us to concentrate more on technology rather than going vendor based devices.

Let us go more deeply into the today networking world in corporate environment, Entry of mobile devices (BYOD device) created a new environment in corporate world, Technical person should concentrate more on securing data, as the Mobile devices are going beyond corporate control.  

Security is one of the main area we should concentrate in today environment. Starting from sharing the folders to the terabytes data storage, Encrypted Communication, VPN technology and so on.

Let us look on the technology on by one on my upcoming writings and also Neutral vendor certificates are also hitting tremendous growth in the market, let us look one by one on the coming threats.