Networking and Cryptography

Networking and Cryptography

Networking and Cryptography

Networking or computer networking is the data transportation and exchange between nodes in an information system over a common medium. The process of networking involves designing, constructing, managing and maintaining the network infrastructure and the policies.

There are three main types of networking which are; the local area network (LAN), wide area network (WAN) and wireless local area network (WLAN) (Patel & Wang, 2010). Cryptography on the other hand is the process that involves the conversion of an unintelligible text to a simple text and vice versa. Encryption was earlier known to be the same as cryptography but the latter is mainly associated with computer science and mathematical theory (Lindell & Katz, 2014).

Cryptography is an important aspect of networking as it facilitates protection of data and could also be used for authentication. It has been used in networking for a long time and is preferred because it secures data in such a way that unauthorized personnel cannot have access to it (Patel & Wang, 2010).

It is majorly concerned with principles which are; confidentiality in a way that the information cannot be understood or interpreted by anyone, authentic in a way that information can be confirmed by both the sender and receiver, integrity in that no one can alter the context of the message and non-repudiation where the sender is responsible for sending information and cannot deny his or her intentions even in future (Lindell & Katz, 2014).

Due to the increase in the networking perimeter, threats have become more risky and has brought a negative impact to the business environment. Threats such as hacking, malware, spoofing and spam have become common (Chen& Zhao, 2012). The availability, confidentiality and integrity of communication services is essential for an organization, therefore, the need to protect the networking medium. Perimeter defense mechanisms have been developed to help curb this problem as it protects data from external threats.

This defense generally outlays the 7 layers of Open System Interconnection that helps to secure data. The layers of the OSI model are interconnected from the 7th layer which is application, to the 1st layer which is physical. The model is responsible for inter-networking and vertical stacking (Daemen & Rijmen, 2013).

The threats brought about due to the expansion of the networking perimeter should be addressed in order to secure data. Securing data is not necessarily for the purpose of preventing unauthorized people from accessing it but also to prevent destructions which may not have happened intentionally (Chen & Zhao, 2012). There are necessary ways that have been developed for this purpose.

Encryption of data has been one of the recommended ways used to secure both stored data and mobile data. An organization should take necessary measures to keep updating their systems and back up essential data to prevent the loss of important data.  The should also only allow trusted people to have access to data and install software applications such as anti-malware applications, email security solutions, firewalls and intrusion detection to prevent data hacking. The organization should also hire qualified IT personnel that will assist them in case they are faced with any of these threats.

Despite the many ways that one can prevent data loss, some ways such as creation of passwords still do not work due to increased hacking (Chen& Zhao, 2012). I would therefore recommend the backing up of data often not only for the sake of theft but for accidental instances that may occur for example, the computer may crush.  Encryption can be used in online backup which is more effective as an organization gets to use two ways of safeguarding data (Daemen & Rijmen, 2013).

An external hard drive is also necessary for backing up data and is also safe as it is kept away from the computer. The importance of using hard drives is the fact that they are portable and could store a large amount of data depending on their sizes. Online backing up facilitates the ease of data recovery and is recommended due to the low costs associated during the recovery of data compared to what could have been used by the organization in the case of data loss.

Other devices such as the terabyte drives are quite cheap and could also be of help and come in different sizes which makes it easy for organizations to make their decision on which one to purchase. The organization should either use online backing up or use hard drives depending on whether the storage is temporary or permanent.

Encryption is one of the common methods that have been used even in the past to secure important information. The only difference is that it is now advanced and the information is encrypted using computers. Encryption can be used in two main ways which are asymmetric and shared secret encryption (Daemen& Rijmen, 2013). Shared secret encryption will only be successful if the other person acquiring information has the secret code that will be used to unlock the data. However, this method is not the best as information could easily fall to the wrong hands if the individual had those secret codes.

Asymmetric cryptography on the other hand uses smaller keys which were earlier split from another key. One key is made for public use and another one is only made for specific people. This method is used more as it offers more security compared to the shared secret encryption method. There have been a number of applications and protocols made that aids encryption. Protocols designed include the use of IPsec, the Secure Socket Layer (SSL), the Point-to-Point Tunneling Protocol (PPTP), and the Layer Two Tunneling Protocol (LTTP).

 Having learnt about encryption, I would use an encryption protocol commonly known as the Secure Sockets Layer (SSL) in the WigIT Corporation’s network. The SSL is one of the ways of encrypting data and occurs when there is data transfer to or from a website (Daemen& Rijmen, 2013). Many corporations use websites which are accessible to many people. Considering that not everyone has good intentions, it is therefore with no doubt that information that is private could fall into the hands of the wrong person and this could cause serious damages to the organization at large.

Organizations, especially the ones that are known to deal with technology often use websites and record most of their activities online. Some of them store very sensitive information online. For example, they record their expenses, file tax returns and even purchase goods and record them online. Most people could easily access this information and could even know personal details for individuals working in the organization.

For any organization to succeed in securing their data, different strategies should be used to facilitate this. It is unfortunate there are no defined strategies that can be used in cryptography due to strict laws that contradict each other. Any organization planning to use cryptography should clearly know the basics of encryption which involves the development of a secure code (Lindell& Katz, 2014).

The organization should then weigh the different methods of encryption and choose the one that suites them the most. They should then choose the type of data to encrypt and this would depend on the importance of the data at hand. The data appears in three states which are; data at rest, data in use and data at motion. They should clearly understand what this means in order to know how to encrypt.

Every organization should always strive to ensure that their data is secure at all times. This would prevent the damages that may be caused after the loss of data and would definitely have a negative impact to them. It is important for organizations to employ trustworthy employees and the employers should also offer a friendly and conducive environment that would help reduce insecurity of data which could be done by employees.

References

Chen, D., & Zhao, H. (2012, March). Data security and privacy protection issues in cloud computing. In Computer Science and Electronics Engineering (ICCSEE), 2012 International Conference on (Vol. 1, pp. 647-651). IEEE.

Daemen, J., & Rijmen, V. (2013). The design of Rijndael: AES-the advanced encryption standard. Springer Science & Business Media.

Lindell, Y., & Katz, J. (2014). Introduction to modern cryptography. Chapman and Hall/CRC.

Patel, M., & Wang, J. (2010). Applications, challenges, and prospective in emerging body area networking technologies. IEEE Wireless communications17(1).

Activate subscription for single

To view this post please login and activate subscription.

Pay $5.99

%d bloggers like this: