DISCUSSION
BOARD SUMMARY ASSIGNMENT – UNDERGRADUATE COURSE
400
WORDS MINIMUM REQUIRED FOR EACH DB ASSIGNMENT
(Exclude title, introduction, references in word count)
1. Summarize
all DB posts by students and instructor for the week. Was
the topic well understood by the class?
2. a)
Select 2 DB posts.
b) Identify and document arguments
made in these 2 DB posts.
3.
Explain why you agree/disagree with the 2 DB posts selected in #2.
DB 5
Your manager has heard
the term network risk management. He is not sure what it entails. Before you
tell him what it is, you want to be certainly that you have all of the factors.
Research network management and answer the following questions for your
manager:
Explain to your
manager what it is.
Explain how network risk
can be mitigated.
Why do you think it is
important?
Student DL:
What is network management? It is a fundamental
practice of using applications, tools, and equipment that IT professionals
utilize to manage, maintain, and monitor IT networks. The idea to to keep
data stored, safe and available for departments to perform at optimal
performance (Zyrion, 2010-2011). The five areas of network management
include: Performance, configuration, accounting, fault, and security management
systems that must be maintained at a high level.
How can network risk management
be mitigated? A variety of tools can be used to monitor and measure
a wide range of the five areas of network management. The tools monitor
and measure networks for available, throughput, bandwidth
utilization, and delay (Zyrion, 2010-2011). Application and service
monitoring tools manage applications from servers that provide the
applications. Flow monitors analyze the traffic in and out of the network
by looking at connections, protocols, and security. Lets not forget
maintenance, keeping systems up to date, correcting problems and preventing
things from happening in the future.
This is important for many reasons, look at what
happened to Target stores. Sensitive information leaked out and cost the
company millions. It keeps the risk low, information safe, and flow of
data maximized. In the long run, it keeps the business running smooth,
which helps business running. For example: a poor network managment
practice will cause network failures, slow performance which means less time
for employees to do there duties, which costs more money and less
revenue.
Reference
Zyrion, 2010-2011. Network Management Fundamentals.
Retrieved from,
Student DK Post:
Network management is
really just a broad term that is used to describe the areas of network
security, network performance, and network reliability (webopedia,
nd). Since this is really just a broad definition, it can be broken
down a little bit more into specific areas. Network management
includes network administration which involves the tracking and inventorying of
all network resources including transmission lines, hubs, switches, routers and
servers. Administration also involves monitoring these devices’
performance as well as updating their associated software. The
second part of network management is network operation. Operation is
ensuring that the network is flowing smoothly and it is functioning as it was
designed and intended. Thirdly, we have network maintenance which is
the timely repair and upgrading of network resources. Another part
of maintenance is taking preventative and corrective
measures. Finally, we have network
provisioning. Provisioning is where the network is configured to
support the requirements of a particular service such as VoIP or increasing
bandwidth to accommodate more users (Janssen, nd).
Looking
at what network management is, we can begin to see where network risk
management would play a part. Risk management is defined as a
systematic process for identifying, analyzing, controlling and communicating
risks. Risk management isn’t something that is done once a year, or
quarterly, rather it is an ongoing process that includes the phases of
assessing risk, implementing controls, promoting awareness and monitoring
effectiveness (Paul, 2000). To make risk management more effective,
there are seven steps that an organization can take. 1) Implement a
framework for risk assessment and mapping. 2) Outline the
responsibilities of risk managers within their
departments. 3) Identify and define the risks to which
the business is exposed. 4) Determine threat levels and
find out which risks pose the most serious threat to affect
performance. 5) Establish levels of controls for
processes proportionate to the perceived threat. 6) Record
and retain risk incident information. 7) Conduct periodic
assessments to determine if changes are needed (Schurr, 2008).
Even
with the advanced technology we have today, having effective security systems
or well-planned preventative controls won’t protect us against every risk. Thankfully,
there are some ways that network risks can be mitigated. First and
foremost is security awareness training. Most security breaches
actually originate from within a company and many of them are due to employees
being negligent due to inadequate training. In addition to this,
many employees aren’t able to identify email phishing and spoofing attacks that
are detrimental to a network. Another method of mitigating risks is
to encrypt data to lessen the chance of it being stolen by hackers or
intruders. Mitigating risks can also be accomplished by access
controls where each employee has access to the network resources they need to
accomplish their job and no more than that. Finally, monitoring the
network will allow the administrator to keep an eye on how things are going so
that if an event pops up they will be able to combat it rather than play catch
up (Scheetz, 2012).
Looking
at what network management and risk management is, it should be obvious that
they are important factors in administering a network. No matter
what we do to prevent risks, they will still exist. With careful
planning and being aware that they are there will help to mitigate them
however. It is important for an organization to have a plan in place
that spells out what the risks are, what they will do in the event they occur
and how they will proceed if any of the events occur. By being
prepared in this manner, it will increase the organizations chances of
recovering quickly in the event of a disaster.
Reply to student
DK from student AR: You are definitely correct in stating that
network management is a broad term; it encompasses all aspects of a network.
Network management must include each aspect because without certain
tasks, such as monitoring performance, the network itself could be troubled.
From monitoring, to security, and maintenance, network management must
also look towards the future of the network, with provisioning in order to
update, add, or change the network down the road. Risk management is a
big part of the equation as it looks at the overall security of the network.
I agree with you in that risk management is an ongoing process and needs
to continually be followed in order to remain current and up to date with
current threats or changes in policies. The steps you listed for risk
management seem like great steps for an organization to take to mitigate and
limit risks. Along with ways to limit or mitigate risk, understanding how
the risk can affect the organization is an important factor, too. Often
times employees are the greatest threat to an organization, whether intentional
or not. With proper training, as you mentioned, employees should
understand the roles they play in keeping the network safe. Access
controls, in my mind, should be incorporated into every network. Also,
the least privilege rule should always be applied. This ensures proper
network protection at the logical level. Risk management is possibly one
of the most important aspects of network management as it is utilized to
protect the overall network. It can be viewed as money; you don't leave
money out in the open, you keep it hidden in a safe. The better
protection provided, the less likelihood for incidents to occur.
Reply from Instructor to
DK: You
might want to support your discussion with specific examples of network risk
problems.
References
Janssen, Cory
(nd). Network Management. Retrieved from http://www.techopedia.com/definition/20974/network-management
Paul, Brooke
(2000). Risk-Assessment Strategies. Retrieved from http://www.networkcomputing.com/1121/1121f3.html
Scheetz, Kris (2012). Mitigate
Your Business’s Security Risk – 10 Ways How. Retrieved from http://blogs.earthlink.net/mitigate-your-businesss-security-risk-10-ways-how/
Schurr, Amy
(2008). 7 Steps to Effective Risk Management. Retrieved
from http://www.networkworld.com/newsletters/2008/052608itlead1.html
Webopedia
(nd). Network Management. Retrieved from http://www.webopedia.com/TERM/N/network_management.html
Student AR:
Networks are
sophisticated means of information sharing that require a lot of
attention. From planning, to building, and even managing networks, there
are a lot of important aspects to take into consideration to ensure that they
operate appropriately. Network management is a key part of the equation
that involves the overall assessment of the network’s performance,
availability, and reliability ensuring that it is operating at optimum levels
and is free from threats. From physical securing, to logically securing,
the network must be kept safe at all times. Although a broad term,
network management defines the functions that include activities, methods,
procedures, and the use of tools to administrate, operate, and reliably
maintain computer network systems. (Network Management, n.d.).
Risk analysis is necessary in almost all aspects of network management, making
network risk management an important piece of network management. Since
network management involves virtually all aspects of a network, it is important
to utilize available tools as necessary in order to monitor, analyze, and
evaluate a network and its performance. Since it is such a broad term in
the information technology (IT) field, network management’s main parts include
inventorying network resources, monitoring their performance, ensuring they are
kept up to date, network operation which ensures everything is functioning as
intended, network maintenance which includes repairs are made as necessary, as
well as upgrades, and network provisioning which involves configuring network
resources to support the needs of the organization. (Network Management,
n.d.). All of these tasks must be accomplished to make sure that the
network overall is performing its main function. Network monitoring tools
can be implemented to assist an administrator with these tasks.
Network risk management involves the network as a whole, and the risks that can
influence network operation. These risks vary from network to network,
and must not only be understood by the administrator, but also addressed and
mitigated to prevent any unnecessary risks from occurring. Network risk
can be mitigated by following best practices, implementing network policies,
utilizing network monitoring tools, and enforcing network standards. The
network itself can be protected by necessary forms of Internet security which
consists of measures to deter, prevent, detect and correct security
violations. (Career Education Corporation [CEC], 2013). The 3
primary requirements for overall security and mitigating risks include regular
risk assessments, simplification and centralization of tasks, and policy
setting and enforcement. (Successfully Mitigating Corporate Risk,
n.d.). With tools in place, network monitoring can be done in order to
assist with these tasks in order to formulate a plan to safeguard the network
and implement necessary changes. Training employees on the risks must be
completed after assessing the risks, along with implementation of tools in order
to further mitigate risk. Security of a network is best done in layers,
with as much layers implemented as needed depending upon the severity or
classification of network systems. The higher classification of
information requires higher levels of security in place in order to limit and
restrict access.
When connecting to the Internet, it must be known that that device is
associated with risk factors by being connected to hundreds of millions of
people. Information of that device can be the target of malicious
attacks. How important a device or data on a device is necessitates the
need for heightened security. I think that network risk management is one
of the most important aspects of network management as it involves regular risk
assessments in order to mitigate risk. Network systems and data must be
protected to maintain their integrity. Not only is a computer or device
at risk by connecting to a network, but all data on that system is also at
risk. Organizations rely upon the safeguarding of information and
information systems through risk management in order to protect important
assets. Risk assessment, employee training, monitoring tools,
authentication and encryption, and further security practices in place all must
be monitored by an administrator in order to properly manage a network.
Network
Management. (n.d.). Retrieved from
http://www.techopedia.com/definition/20974/network-management
Successfully
Mitigating Corporate Risk. (n.d.). Retrieved from
http://www.business.att.com/content/whitepaper/successfully-mitigating-corporate-risk.pdf
Response to AR
from Instructor: >With tools in place, network monitoring can be done in order
to assist with these tasks in order to formulate a plan to safeguard the
network and implement necessary changes.
You might want to support your
discussion with some examples of network monitoring tools. Which tool would you
prefer to use? and why?
No comments:
Post a Comment