BEST PRACTICES FOR EFFECTIVELY SECURING COMPUTER NETWORKS USING FORENSICS

BACKGROUND TO STUDY In this Information Technology era, computers are used in our homes, offices and governance for education, entertainment, banking, governance and trade just to mention a few. It is when computers are networked that the exciting platform for accessing and exchange resources vital to promote business advantage, social interactions, travel and transport, commerce, research and a host of life essentials is experienced. The internet as an interconnection of networks share the benefits of networks but at the same time it is bereft with issues such as identity theft, hacking, and industrial and governmental espionage. These issues exists as a result of a host of nefarious activities that is aimed at gaining accessing to networks using viruses, worms, Trojans, keystroke loggers amongst others. According to a study reported in Data Breach and Trend Statistics (Data Breach Strength and Statistics, 2013), Malicious attacks (defined as a combination of hacking and insider theft) accounted for nearly 40 per cent of the recorded breaches in 2011. Hacking attacks were responsible for more than one-quarter (25.8 per cent) of the data breaches recorded. (Center, 2011). On the same report, it noted that Worldwide, approximately 1.1 million identities were exposed per breach, mainly owing to the large number of identities breached through hacking attacks. More than 232.4 million identities were exposed overall during 2011. Deliberate breaches mainly targeted customer-related information, primarily because it can be used for fraud (Symantec, 2012). Again Incidents involving hacking and malware were both up considerably in 2011, with 81 per cent utilized some form of hacking and malware incorporated in 69 per cent of data breaches (Business, 2012). After gaining access alterations and excessive damage is afflicted by the perpetuators; this is the more reason why networks should be secured. In addition, the destructive activities of the perpetuators changes constantly and are sometimes hidden, leaving no obvious traces. The technology used keeps improving; the more reason why new technology in the form of forensics should be adopted as opposed to the regular practice of securing computer networks. AIMS AND OBJECTIVES In order to achieve the ultimate aim of securing computer networks using forensics best practices, the following objectives in the form of research questions would receive the researchers attention:

1. Will the regular practice of securing networks without forensics effectively secure computer networks? 2. Will the use of forensics effectively secure computer networks? 3. Will a combination of the regular practices for securing computer networks and forensics effectively secure computer networks? 4. Will the use of the best practices for securing computer networks using forensics effectively secure computer networks? METHODOLOGY OF STUDY I intend studying computer networks in order to identify vulnerable ones and regular practices that do not involve forensics with the aim of collating the best practices and applying them. I would again study practices of forensics and identify the best practices that could be applied to computer networks with the aim of securing them. The best practices that do not involve forensics and one that involve forensics would be would be applied to sampled vulnerable computer networks. Data would be collected and the results analysed using WireShark, Nmap and Helix. Essential to the study is problem solving skills, extraction of information related to a topic from raw data and identifying the trends and patterns; these skills I possess. CONTRIBUTION TO KNOWLEDGE The study would be adding the best practice for securing computer networks using forensics. It is the ultimate aim of the study to improve the body knowledge of effectively securing computer networks.

Bibliography
Data Breach Strength and Statistics. (2013). Retrieved May 6, 2013, from In Defense of Data, Views from the Front Lines of Data Protection: http://www.indefenseofdata.com/data-breach-trends-stats/ Business, V. (2012). 2012 Data Breach Investigations Report (DBIR). Center, I. T. (2011). 2011 Breach Report. Symantec. (2012). Internet Security Threat Report Volume 17.