Home >> Computers and Technology >> Networking

The Importance of Encryption Over Public Networks


By: Aaron Guhl

Networking Public Wi-Fi networks are everywhere today. The nearest hot-spot in your city is probably only a block away. With so many employees on the road and working out of the office today, IT departments are finding the need to provide external access to network resources. The need to stay productive while out of the office is crucial.

Anytime an end-user is accessing corporate data on a public network, security is a big concern. You never know when your confidential data may be compromised. If your company provides access to data from outside of the corporate environment, you must make sure that you take the necessary steps to ensure that data is secure.

When on a public network, any data that is sent to and from an end-userís laptop is generally visible to anyone else that is on that same public Wi-Fi network. What this means is that those traffic streams are open to what is called a man-in-the-middle attack. A man-in-the-middle attack utilizes a natural security flaw in the Address Resolution Protocol (ARP). The flaw allows an attacker to secretly respond to an ARP request of a computer initiating a connection with another node. The attacker then makes private independent connections with the two nodes. Once this is done then all traffic is relayed through the attackerís computer and the end-user will be unaware that this has occurred. If this attack is done between a laptop and an internet gateway, then that attack is able to sniff every packet that the end-user sends out to the internet, including confidential corporate data.

So how do you protect your private data from attacks like these? Encryption is one of your biggest defenses. However you decide to provide access to network resources to employees on the road, whether it be via a VPN or a web portal, encryption is a must. If your company uses VPN software to provide access to the network from outside it, then once the VPN tunnel is negotiated all traffic that is passed between the laptop and the corporate network is encrypted. This means that even if the attacker were to sniff out those packets sent, they will be encrypted and the attacker will find it nearly impossible to gain access to that data without knowing the key used to encrypt it.

If your company uses a secure web portal to provide access to network resources, then there are a few things that should be known. First off, most web portals that are secured using the HTTPS protocol use certificates to authenticate the encryption process. If the attacker is using the right tools, he or she can send a spoof certificate to the end-user. If the end-user accepts this certificate, then they will be opening secure communications with the attacker. The attacker then sends the real certificate request on to the corporate web server and opens secure communication with the web server. Once this is done, then the attacker is able to see all traffic that the end-user sends before it is encrypted and sent on to the corporate web server. To prevent this, it is important that you use certificates that are generated from trusted sources such as Verisign or Geotrust. Then if the end-user receives a certificate that is from an untrusted source, the end-user will be alerted to this.

It goes without saying that any end-user that is going to be accessing corporate data from outside the internal network should be trained on basic security. With the proper security infrastructure in place and users trained, then the IT staff should be able to rest easy knowing that corporate data is safe.

Aaron Guhl is an IT professional that specializes in security. He frequently writes on his blog regarding security issues to help IT professionals get a better understanding of security in their networks. Visit his website at: Security Enabled Network
Article Source: http://www.ArticleBiz.com
Article link: http://good-article.com/articles/220741-The-Importance-of-Encryption-Over-Public-Networks.html

You can rate this article:

Similar Articles
Cisco CCNA, CCNP, And CCENT Practice Questions: RIP, VLANs, HSRP, And More!
Cisco CCNA, CCNP, And Security Practice Exam Questions: Debugs, Advanced EIGRP Commands, And More!
CCNA, CCENT, CCNP, And Cisco Security Exam Questions: EIGRP, Honeypots, Proxy ARP, And More!
Cisco CCNA, CCNP, And Security Practice Exam: OSPF Neighbors, Fail Closed, SDM, And More!
Cisco CCNA, CCENT, and CCNP Practice Exam: The Configuration Register, Loopback Addresses, And More
Cisco CCNA, CCNP, And Security Exam Questions: IP Spoofing, Frame Processing, And More!
Easy Way to Move Files
Cisco CCNA And CCENT Certification Training: 10 Frame Relay Practice Exam Questions

Featured links
Top football news
Web hosting with php - Compare the best web hosting plans with unlimited bandwidth, unlimited amount of web space and supported domains.




mobile phones