For example, company employees could attack network resources intentionally or through malware infection. Since malicious activity can occur between any network entities, all zones must be appropriately hardened. Threats should be monitored and prevented proactively. This can include enforcing good passwords and tracking activity. Īn authentication policy should provide identification for all user-related functions.This can include restricting access to business-related information and blocking access between specific nodes. Īll levels of communication require access control rules to be specified.It is recommended that this be at least 128-bit level encryption, but higher is generally better. To address this, a high-level form of encryption is needed to secure communication. By default, most network communication is unencrypted and could expose sensitive company data. The communication entering and exiting the company’s infrastructure must be secured.
What are the security challenges surrounding these needs?
