Managing security means understanding the risks and deciding how much risk is acceptable. Different levels of security are appropriate for different organizations. No network is 100 percent secure, so don’t aim for that level of protection. If you try to stay up-to-date on every new threat and every virus, you’ll soon be a quivering ball of anxiety and stress. Look for the major vulnerabilities that you can address with your existing resources.
We all know the numerous advantages of computer networks and the Internet. Connecting your network to the Internet provides access to an enormous amount of information and allows you to share information on an incredible scale. However, the communal nature of the Internet, which creates so many benefits, also offers malicious users easy access to numerous targets. The Internet is only as secure as the networks it connects, so we all have a responsibility to ensure the safety of our networks.
Why Is Network Security Important?
- The good neighbor policy. Your mistakes can be someone else’s headaches. If your network is insecure and someone takes control of one of your computers, they can use that machine to launch denial of service attacks on innocent third parties. They can also flood the Web with spam.
- Patron privacy. Obviously, patron records are of paramount importance. Trust between the library and its clients can be irreparably harmed if these records are compromised.
- Money and time. Tracking down a virus or a worm and eliminating it from your network is frustrating and time-consuming. You often have to rebuild your machines from the ground up, reinstalling the operating system and software and restoring data from backup tapes. Lax security can lead to weeks of wasted time spent patching your network and fixing the wreckage.
- Create a network diagram. One of the most useful exercises for understanding your library’s security situation is creating a network diagram. A network diagram consists of symbols representing your hardware (PCs, servers, switches, routers, printers, etc.) and the connections between them. The diagram should also include some information about the model and configuration of each piece of hardware (e.g., name, IP address, function, etc.). For network connections, list the speed and protocol of each link. For some examples, take a look at Rate My Network Diagram. While you can map a small network with pencil and paper, it’s hard to extend and update your diagram using this technique. Most network administrators employ software to help them map their networks. We’ve listed some free and low-cost options under Further Resources.
- Understand your situation. A network diagram goes hand-in-hand with an assessment and evaluation of everything that happens on your network. Who uses your network? What types of hardware and software do they use? What kind of Internet connection does your library have? Do you host your own Web site, your own email server, your own OPAC? Do you allow patrons to connect to your network with their own computers and peripheral devices? Is your staff network separated from the public network? What types of security policies, procedures and equipment do you already have in place?
- Review your technology plan. Review this document, if available, to determine the network services you’re currently providing and the plans for your network’s future.
- Train your IT staff or hire a consultant. You must make sure that either your IT staff receive appropriate training when it comes to network security or look for outside IT support that can offer the necessary knowledge to secure your network.
- Remember the 80/20 rule. Focus on protecting the high-impact, high-risk areas of your network. For more information, see Identifying Vulnerabilities and Risks on Your Network.
Network Concepts You Should Know
Even if you plan to get security advice from an outside consultant or volunteer, understanding some basic concepts will help you evaluate your advisors and cut down on the number of calls you have to make. Basic networking topics such as TCP/IP addressing, network hardware, cabling and connectivity troubleshooting are well covered elsewhere, so look at our Further Resources. We also have information on our site about Bandwidth Management, Internet Access and ISPs and Wide Area Networks.
We included a few additional resources, which can further clarify any questions you have regarding the fundamentals of network security.