Security

securityThe trend towards mobile computing adds further risk of data leakage (and loss) as well as unauthorised access to systems. These and other vulnerabilities may exist throughout the infrastructure yet the technological remedy must also be considered alongside the role of people and process.

At the very start of a network project the initial design can have a big impact on how secure a network is. Architectural weaknesses should be avoided by employing good practice whenever possible.

For example, securing a wireless network with a pre-shared key (PSK) instead of centralised authentication integrated with Active Directory using 802.1X. When a laptop, tablet or smartphone is lost or stolen, the risk of unauthorised access can easily be removed if using 802.1X authentication. In contrast a non-centralised approach will require a new PSK and every device must be updated manually before the threat is removed.

The three main fundamental principles of security in a business environment are Availability, Integrity and Confidentiality.
Security Design
Availability

System and Networks should be designed to provide enough capacity in order to perform in a predictable way and operate to meet business requirements. Availability is measured by the reliability and delivery time of resource to authorised personnel.

Integrity
Is upheld when the accuracy and reliability of data provided to a system is maintained. Measures should be in place to only allow users the ability to access and input data to permitted information stores.

Confidentiality
Guarantees the appropriate level of secrecy is in force. Confidentiality can be achieved by encrypting stored data, or whilst transmitting over networking media.

Toranet’s approach to accomplish the three main principles is always a consultative one, as each client will have different security requirements, priorities and risk requirements. Toranet always aims to provide the best value & function which will fulfill the requirements.

It is always our intention to provide the lowest possible levels of risk for the most effective security solution, and the best levels of customer support to maximise the effectiveness of the solution.