Where and when does network security comes in picture ?

Having said and written about Security and standards followed all across now it's the right time for me to start something real and interesting on this blog.

When does the Network Security or more precisely information security comes into picture. This seems to be a serious question.

Well lets say you are connected to internet and you want to visit any website may be google.com and you go on to IE or any browser and type google.com, now hereafter the moment you press enter and site lookup starts on internet, a complete information packet is formed ad this way we come to our first point of information making.

What is an IP Packet ?

Whenever an information is requested from web, it is broken into small blocks of packet to be sent across the web to the destination address and when all the blocks are received on the destination point all packets are reassembled and complete packet is formed.

These small blocks of information are called packets and hence all the packets are marked with source and destination ip address, hence the complete packet is known as IP PACKET.

How does an IP Packet Travels on Web ?

This is the most interesting aspect of web, where an IP Packet being originated from source are broken to pieces reaches the destination, reassembled again to complete the information.

Packet travel all across the globe follows the same standard sets of rules or are based on Basic OSI model which now in modern era are consolidated to 4 Layer standard now called TCP/IP Layer.

There is a very good movie on the net by the name of warriors of net which is free to download for non-commercial use.

Download movie from here http://www.warriorsofthe.net/

Why are these standards required ?

With the increasing use of information technology and our reliance on them has created a need to organise the flow and work of information.To be more precise the Cyber Security has now become the latest buzz in our day to day life.the more we communicate the more are the chances of threats.Communication by means of emails, chat, voice based data and other documentaries have seriously come under a threat and internet being widely used and commercialised, has now become more vulnerable to cyber threats.To strengthen the Organisations Policy.To perform startegy based innovation on IT.To optimise use of resourcesTo monitor the adverse affects of security threatsTo roll out policies and measures to effectively control threats and it's aftermaths.

Information Security Standards

Information all across the organisations has now been travelling based on some sorts of standards as we called in last post as BS7799 or ISO standards.I will not be discussing these details but a short note will justify this post.
BS7799
Orginated form British Standard Institute in 1995, it was thought to have integrated best practices in information security and a code of information security management.This got revised in 1999 with more revisions and latest be in June 2005 further renaming to ISO/IEC 17799 or ISO 27002

Outlines of BS 7799 are-----------------------
1. Policy
2. Organizational Information Protection
3. Control and sensitivity of assets
4. People Issues
5. Physical Protection
6. System and Infrastructure Management
7. System access control
8. Systems development and maintenance
9. Business continuity planning
10. Compliance

What is MSS.....ISM......

MSS (Managed Security Services) or ISM (Information Security Management) could be explained as a prcoess designed based on organisational principles and policies to manage their network infrastructure and valuable assets using security tools and standards or could be called as International Standards as (BS-7799) and other as ISO standards.

Looking at the process specific companies are becoming more and more specific on tools and infrastructure to be standardised to manage them properly and effectively.

Don't take me wrong Security and Management goes hand in hand for any organisation which is slowly now shaping into new science called or could be called later on as Information Science.

Information Security the key for any organisation

In modern contemporary world where change is very phenomenal and nail biting competition is all across the globe, information security has become a priority for all organsations be it small or big, information has turned out to be the most important and costliest asset to any organisation.

Organisations are ensuring to go to that extra miles in implementing all necessary measurements so as to prevent any loss or theft of informations.

A new breed of information security has come over as a new trend in the field of IT with companies prefering all sorts of actions and preventive proactive responses to any incidents.

Disaster Recovery Management has come into picture with Information becoming it's core value and business logic emerging out to a new field called MSS (Managed Security Services)

What is MSS and what all it counts in next post.....