When network administrators use ‘security’ to justify their use of ‘security measures’
Posted On August 6, 2021
Security researchers have found that network administrators often rely on their security credentials to justify the use of “security measures” such as network encryption.
The researchers believe this practice undermines the use and trust of network administrators, as they use it to justify using encryption to protect their own personal networks.
The findings come from a new survey by security researcher Paul Hernández and colleagues.
Their research is published in the Journal of Computer Security.
The team’s findings are based on a survey of 6,000 network administrators across nine countries.
They asked about how often they use security credentials when choosing their network security measures.
Of the respondents, 45% said they would use the same security credentials for every network connection they make.
They also used the same credentials to decide how to encrypt their networks, even when using a different encryption algorithm.
The study found that, in general, the network administrator used a “security certificate” when encrypting network connections.
The certificate was used to prove that the network network was secure.
This certificate was usually issued by a trusted third party, such as the network admin or a third party service provider.
For example, when an administrator used the default password for an online account, they might use a “standard” security certificate, or a certificate issued by an independent company.
This would show that the account was not a botnet.
Another way network administrators might use security certificates was when they wanted to ensure that all their users had the same access to their network.
For this purpose, network administrators would use a certificate that was issued by the “certificate authority”, a trusted certificate authority.
However, these “certificates” would only allow the use by a particular user.
For instance, when using Windows to run a virtual machine, network administrator could use a Windows certificate, but not a certificate from the certificate authority or any third party certificate provider.
However if the user wanted to connect to the network from an external computer, they would need a “certify” certificate.
This could be issued by Microsoft, or another third party provider.
In most cases, the “security certificates” would have a “recommended” level of security.
This is the highest level of the security that a network administrator should be able to use to ensure their users are protected from remote attackers.
The next most common type of network security credentials used by network administrators were certificates issued by “certifiers”.
This type of certificate is issued by companies like Microsoft, and the same certificates were also used by third-party certificate providers.
However in the survey, network admins often chose a certificate with a “minimum” level, which was used for “certification” or “certifications”.
This is a lower level of level that should be used to verify that a certificate is valid.
In other words, network admines often would use “certifier” certificates to verify a network connection is secure.
Hernánxes and colleagues argue that this practice is harmful to network administrators and has the potential to compromise their users trust.
They suggest that network admins should use “security credentials” only for the purpose of ensuring the integrity of their network connections and should not rely on “security certifications”.
They also say that network admin needs to think about the use, and trustworthiness, of the network connections they make and how to protect them.
Heterogeneity of network credentials and trust When asked how often network admins used security credentials, almost two-thirds (65%) said they did so every day.
The survey found that the majority (57%) of network admins also used a security certificate to prove their network connection was secure, even if it was not.
However when network admins chose the “secure” option, they often used the “recommendation” or the “minimum level” of security that they thought was needed.
This “minimum security level” is used when a network admin should be using the “highest security” security credentials.
For network administrators to be sure that the “standard”, “recommened” or even “minimum levels” of the credentials are sufficient to protect the network connection, network administration should also be careful about the type of credentials used, and how they are used.
This should include the type, and type of security certificates that they use, as well as the “best” encryption algorithm used for the network.
In addition, network managers should be aware that their users might have different needs when using the same network connection.
For a particular person, they may need a certificate which is different from the one issued by their network admin.
They may also want to use a different security certificate for a particular connection.
This may require a different type of encryption algorithm for each connection.
Finally, network security certificates should only be used by a specific network administrator.
Hernandes and others also note that network administrator need to be aware of the fact that “security protocols” and “security practices” are different, and should also have different standards.
This can be especially important when a user is connecting