1

Organizational Network Security

Name

Institution

Course

Professor

Date
 2

Organizational Network Security

Organizational network security protects information technology systems and networks

used in an organization. That includes measures to secure physical access to the network and

protect against cybercrime attacks such as viruses, malware, and hacking attempts (Florackis et

al., 2022, p.354). Organizations commonly use security measures, including firewalls, antivirus

software, identity and access management systems, and patch management systems.

Additionally, organizations may also employ a combination of automated tools, security policies

and procedures, and user education to ensure the most effective protection of their network.

Every employee has a role to play in preventing any network breach. All one needs to know is a

basic understanding of how the attacks could happen and strictly follow the guidelines discussed.

Email Security

Network attacks via emails are common and can range from simple phishing attempts to

malicious code execution. Prevention is the best defense when it comes to avoiding them.

Regularly update and install security software to protect yourself from spam and malicious

emails (Li et al., 2021, p.225). Always use strong passwords and use two-factor authentication

whenever possible. Be suspicious of emails containing links or attachments, and never give out

sensitive information through emails, such as bank details, social security numbers, or

passwords. Additionally, always check the sender's address to make sure it looks valid and

legitimate. Lastly, it is vital to back up data regularly to lessen the damage of an attack. With

these protective measures in place, that can help to ensure your emails and data are safe from

malicious hackers.
 3

Personal Unauthorized Devices

Unsecured personal devices such as smartphones, tablets, and laptops can pose a severe

risk to organizational networks. Without proper security controls and protocols, unauthorized

personal devices can give cyber attackers access to the organizations' networks and confidential

data, resulting in data leaks, malware infections, or other attacks (Hughes-Lartey et al., 2021).

The organization uses Mobile Device Management (MDM) solutions to prevent attacks. MDM

solutions can monitor and manage APPs, USB ports, and web connections to securely connect

employee personal devices to corporate networks. Additionally, the organization requires all

employees to use up-to-date mobile device operating systems and applications and install and

actively use mobile security and firewall applications on personal devices.

Malicious Hyperlinks

Attackers can use malicious hyperlinks to gain access to an organization's network.

Attackers may embed malicious code within a link or link to a malicious website that can install

malware on the user's computer, allowing attackers to gain access and start executing commands

(Hughes-Lartey et al., 2021). To prevent a network attack from malicious hyperlinks, the

organization implements tight security protocols, such as educating employees about cyber

security so they can recognize malicious links, blocking and filtering malicious links, and

deploying antivirus software and email firewalls. Additionally, two-factor authentication and

secure passwords can be an additional layer of protection against attacks. Furthermore, regular

employee training is conducted on cyber security threats. Additionally, the organization regularly

monitors its network for suspicious activities or actions.

 4

User Password and Credentials

Strong passwords are essential for protecting the organization's network from attack.

Brute force and dictionary attacks can easily guess common passwords, allowing attackers

access to confidential data, emails, and other sensitive information (Li et al., 2021, p.226).

Additionally, passwords should be changed regularly to prevent attackers from using the stolen

credentials to gain access. Periodically changing passwords and enforcing strong password

requirements can significantly reduce chances of an attack. Complex passwords should contain a

combination of letters, numbers, and special characters, and password changes should be

something unique.

Company passwords and usernames must be kept secure and not shared among

employees. Shared credentials drastically decrease network security, increase the risk of attack,

and can severely damage an organization's network (Li et al., 2021, p.232). By having shared

credentials, anyone with access to them can enter the company system, allowing for potential

data loss or a malicious attack. As such, all employees must understand the severity of

information theft and the severe financial and reputational damage that an attack can cause –

which can be prevented entirely simply by not sharing passwords and usernames. Additionally,

the company invests in a password management system to ensure that all passwords are secure

and not shared.

Software Update

It is critical to keep your software up to date to prevent attacks. Outdated software is

often more susceptible to attack since known vulnerabilities may not be addressed (Zhu, 2021,

p.10). By staying up-to-date with the latest patches and versions, the organization can safeguard

their networks, protecting themselves against potential attackers. Additionally, patching and
 5

updating can prevent data loss and costly downtime and help close any security gaps that may

exist due to outdated software.

Antivirus and Firewall

Using an antivirus and firewall is essential to protect an organization's network from

attack. An antivirus provides real-time protection against various malicious software, including

viruses, Trojans, worms, and other malware (Zhu, 2021, p.11). It also scans for known malicious

websites and blocks them if detected. On the other hand, a firewall provides a first line of

defense against external attackers, blocking unauthorized incoming traffic while allowing

authorized outbound traffic to pass. Firewalls are also capable of filtering traffic for protocol

inconsistencies and malicious patterns (Zhu, 2021, p.13). Using both an antivirus and a firewall

can significantly improve the organization's network security, helping to mitigate the risk of

attack. Therefore, having both in place is essential to protect the organization from any malicious

activity.

Reporting and Recommendations In case of a Suspected Attack

Reporting suspected network attacks is a necessary protocol for any organization. Early

detection of network attacks can help prevent more damage to a company's data and systems and

allow corrective action to be taken before the attack fully manifests (Hughes-Lartey et al., 2021).

All employees are responsible for reporting suspicious activity on the network. That includes any

suspicious emails, files, network traffic, or other suspicious activities related to a possible attack.

Employees should report their suspicions immediately and clearly and accurately describe what

they saw or observed to enable IT officials to investigate the issue quickly.

Finally, practical recommendations in case of a suspected network attack would be for an

employee to;
 6

1. Determine the source of the attack - Use the IDS/IPS system logs, Firewall logs,

and antivirus logs to trace the attack's origin.

2. Take the systems offline - Disconnect the infected systems from the entire internal

and external network to prevent the attack from spreading further.

3. Notify relevant personnel - Immediately contact IT personnel involved in network

security, senior management, cyber security experts, law enforcement authorities,

etc.

4. Investigate the incident - Scan and analyze the infected system and move its

storage devices to a secure offline environment to find out the purpose and extent

of the attack.

5. Take preventative measures - Change passwords, update antivirus or anti-malware

software, patch vulnerable systems, and educate your employees on cyber security

best practices.

6. Monitor the situation - Regularly monitor the systems for abnormal activity and

malware infections. Make sure to review log files to identify all impacted systems

and users.
 7

References

Florackis, C., Louca, C., Michaely, R., & Weber, M. (2022). Cybersecurity risk. The Review of

Financial Studies, 36(1), pp. 351–407. https://doi.org/10.1093/rfs/hhac024

Hughes-Lartey, K., Li, M., Botchey, F. E., & Qin, Z. (2021). Human factor, a critical weak point

in the information security of an organization’s Internet of things. Heliyon, 7(3), e06522.

https://doi.org/10.1016/j.heliyon.2021.e06522

Li, H., Yoo, S., & Kettinger, W. J. (2021). The roles of IT strategies and security investments in

reducing organizational security breaches. Journal of Management Information Systems :

JMIS, 38(1), pp. 222–245. https://doi.org/10.1080/07421222.2021.1870390

Zhu, X. (2021). Self-organized network management and computing of intelligent solutions to

information security. Journal of organizational and end user computing: an official

publication of the Information Resources Management Association, 33(6), pp. 1–16.

https://doi.org/10.4018/joeuc.20211101.oa28