[In the ensuing series of articles I will begin to delve into network security and why it needs to be a priority.]

The truth of the matter is that the notion of security is a myth. The reality is there are only varying levels of insecurity. If something truly is secure there is no means of ever recovering it.

Let’s say you have a $100 bill and want it to be secure. However, you leave it posted on your front door. Is it secure? Of course not! Someone can simply walk past and take it. Instead, you put it in a safe. Is it secure? No. Someone could sneak in and pick your lock or simply take the entire safe. To try and prevent this you buy a more complex safe and have it cemented into the foundation of the house. Surely, it is secure now?! Nope! There is always someone able to apply the right leverage to bypass even this. So now we take the $100 and encase it in a 100x100x100 cubic foot block of cement. It must be secure now! While, at this point, it has a very low amount of insecurity. However, it is still technically possible to recover it. Okay, I give up! I’m going to take the money and blast it into the sun! I’ll concede; it’s pretty secure now! As you can see the escalation is ludicrous, but you get the point. The trick is finding the appropriate level of insecurity to deter malicious attackers, but maintain access to the data.

It’s not that people don’t care about network security. The real issue here is that the majority of people simply don’t know any better. The way I see it, there is so much misinformation out there spurred on by misrepresentation in the media that many users simply give up and take a “why bother” attitude towards security. After all, if Hugh Jackman can break into a government institution in less than a minute while receiving womanly services what hope does your average consumer have? (If you don’t know what I’m talking about, I suggest you re-watch Swordfish.)

Here’s the good news for all you paranoid people… It’s not that simple or fast! In most cases, it can be a long waiting game for the attacker as there are a number of steps involved. The attacker would have to first crack the wireless key (assuming you even have one) to get on your network. Then to get your data the most common method one could use is a tool known as a packet sniffer. (I’ll get into more details on this at another time.) The fact is, at this point the attacker can intercept most of the data being transmitted including logins, passwords, security questions, social security numbers, etc.

The point is that anyone with an iota of technological know-how and access to Google can acquire these skill sets and information. You should be scared and paranoid, because it truly is that easy. I know I’m giving mixed signals here. On one hand, I say you should be paranoid, but on the other I say you shouldn’t. What gives?! The truth is that both are correct. It goes back to the whole $100 scenario earlier. “The trick is finding the appropriate level of insecurity to deter malicious attackers, but maintain access to the data.” You don’t have to have everything fully encrypted and locked down like some sort of NSA mainframe. The key is to have enough to deter a potential attacker away from targeting you and convince him to move on to easier prey.

I’m not saying all of this simply because Network Security is one of the many wonderful services my company Runlevel5 provides. I say all of this because I truly care about security and educating people on the potential pitfalls from a lack of it. In coming articles I’ll explain more about this and some simple basic measures you can take to help avoid becoming a victim.