Lesson video

Hello, my name is Mrs. Holborow, and welcome to computing.

I'm so pleased you've decided to join me for the lesson today.

In today's lesson, we're going to be exploring why networks need to be protected and some methods that can be used to protect networks.

Welcome to today's lesson from the unit, "The Internet and Web Technologies." This lesson is called "Network Security," and by the end of today's lesson, you'll be able to explain why network security is important and describe methods used to protect networks.

Shall we make a start? We will be exploring these keywords in today's lesson: Firewall.

Firewall: a system that filters network traffic to protect against unauthorised flows of data in or out of the network.

User privileges.

User privileges: settings that control what actions a user is allowed to perform on a network.

Look out for these keywords throughout today's lesson.

Today's lesson is broken down into two sections.

We'll start by describing the need for network security, and then we'll move on to explain methods of protecting networks.

Let's make a start by describing the need for network security.

Networks carry sensitive data such as personal details, payment information, and school records.

If this data is not protected, it could be stolen, lost, or misused.

In 2025, a big UK retailer experienced a cyberattack that caused problems with their online shopping and payment systems. The attackers tricked an employee at a company that worked with the retailer, called a third-party vendor, into giving away their login details.

This is called social engineering, where hackers use tricks to get people to share secrets like their passwords.

Using those details, the hackers locked the retailer's important computer systems and demanded money to unlock them.

This type of attack is called ransomware.

Customers couldn't place online orders, and payment systems didn't work properly.

The retailer lost a lot of money while they fixed the problems. This shows how important it is to be careful with passwords and have strong protections to stop hackers.

Good security protects people from fraud and identity theft, organisations from reputational damage and legal consequences.

That retailer we've just talked about may have lost the trust of a lot of customers during the attack.

Good security also protects devices from being hacked or damaged.

Common risks may include: Fraud: so, stealing data to get money illegally.

Phishing: tricking users into revealing passwords or card details.

Identity theft: pretending to be someone else using stolen information.

And data leaks: so, exposing confidential information.

Time to check your understanding.

I have a true or false statement for you: Good network security helps protect organisations from reputational damage and legal consequences.

Is this statement true or false? Pause the video whilst you have a think.

Did you say true? Well done.

Why is it true? Well, good security safeguards both individuals and organisations from various negative outcomes.

In the UK, organisations must follow the Data Protection Act of 2018.

They must keep personal data safe, use data only for intended purposes, and protect data from unauthorised access.

A security breach could lead to legal action, fines, and also maybe a loss of trust.

Networks are extremely vulnerable to attack.

This is because they can cover a wide area, such as a school or company network, connecting many locations.

They can have many users, increasing the chances of mistake or weak passwords.

They can include a variety of devices like phones, laptops, printers, and tablets; some of these may be less secure than others.

And they can be online all the time, making them constant targets for criminals.

Even one weak device can be the entry point for an attacker.

For example: if we have an employee's laptop with no password, if we have an unprotected USB stick, or a student accidentally clicks a phishing link.

All devices must follow security rules and policies to keep a network secure.

In late 2023, a ransomware attack disrupted services in multiple NHS trusts.

Attackers gained access by exploiting weak security on staff devices, such as poor password use and unpatched systems. A patch is a software upgrade which needs to be routinely installed to make sure that the software is up to date and doesn't have any bugs.

This forced hospitals to postpone appointments and rely on manual record-keeping.

This highlights how even one weak device can let attackers into a network holding sensitive data, like patient medical records, emphasising the need for strong security policies and device protection.

A network policy refers to the particular network settings that a network administrator activates on a network, for example, who is allowed to connect to the network and the circumstances under which they can or cannot connect.

Network policies are written rules and procedures for people to follow.

For example: acceptable use policies, which are sometimes abbreviated to AUP; archiving policies; backup policies; and disaster recovery policies.

So what happens, for example, if the room containing the network equipment is flooded or suffers a power loss? An acceptable use policy, or AUP, is a set of rules that users must agree to.

The rules set out what is and is not an appropriate or acceptable use of the network, as well as outlining the consequences of not following the policy.

The following are likely to be in an acceptable use policy: format of passwords, for example, the length and use of special characters; a ban on online gambling; a ban on social media; restrictions on downloading files or software; a rule to prevent individuals from bypassing existing filtering systems. You may well have signed an acceptable use policy as part of your school or college agreement.

Archiving policies may determine how long to keep data, how file space is preserved, and take into account guidelines such as GDPR, which stands for the General Data Protection Regulation, that specify how to treat personal data.

The following are likely to be in a backup policy: the frequency of backups and who is responsible for them; the type and location of the backup, for example, is it a cloud-based backup, or is it backed up on discs or tapes; service-level agreements for reinstalling from backups; and protocols for naming and dating backups.

A disaster recovery policy allows an organisation to resume business quickly after or during a disaster, which could include: a natural disaster, for example, an earthquake; a cyberattack; a fire or flood; terrorism or war; loss of electricity or an electrical surge.

Time to check your understanding.

I have a question for you: Which of the following rules would most likely be found in an acceptable use policy for a network? Is it A, instructions on how often to back up important data? B, a ban on online gambling or social media? Or C, instructions for how to reinstall software from a backup disc? Pause the video whilst you have a think about your answer.

Did you select B? Well done.

A ban on online gambling or social media is likely to be a rule that's listed in an acceptable use policy.

Okay, we are moving on to our first task of today's lesson, task A.

For part one, I'd like you to explain why protecting data on networks is so important.

And then for part two, I'd like you to describe two different types of harm that can happen if network data is not protected.

Pause the video whilst you complete the task.

How did you get on with the task? Did you manage to answer the questions? Well done.

Let's have a look at some sample answers together.

So, for part one, you were asked to explain why protecting data on a network is so important.

Protecting data on networks is very important because networks carry sensitive information like personal details, payment information, and school records.

If this data isn't protected, it can be stolen, lost, or misused.

For part two, you were asked to describe two different types of harm that can happen if network data is not protected.

Here are some example answers.

People suffering from fraud and identity theft: criminals can steal data to get money illegally or pretend to be someone else.

Organisations facing reputational damage and legal consequences: if a school or company loses data, people might stop trusting them, and they could even face legal problems. Okay, we are now moving onto the second part of today's lesson: Explain methods of protecting networks.

Network administrators can give users different levels of access to the network.

Users should only have the level of access that they need to perform their role.

Having different levels of user privileges on a network means that: if individual accounts are hacked, the potential damage is limited.

Users have less chance of introducing malware to the network if they can't instal software.

There is less chance that users will accidentally or deliberately tamper with or steal data if their access to data is limited.

Time to check your understanding.

I have a question for you.

Why is it good for network administrators to give users only the level of access they need for their role? Is it A, to make the network run faster? B, to ensure all users can instal any software they want? Or C, to limit potential damage if an account is hacked and reduce data tampering? Pause the video whilst you think carefully about your answer.

Did you select C? Well done.

I knew you'd get this one right.

Let's have a look at some examples here.

So here we've got the example of a school, and we have teachers and teaching assistants.

Their network privileges are listed here, so they're allowed read access to the shared area.

They're allowed write access to the shared area so they can add and create new files.

They're allowed read and write access to the personal area.

They're allowed access to student information.

They're not allowed access to financial information.

They can't instal software and they can't set up new users, but they are allowed personal email and internet access, and they can print.

Let's now compare this to a network administrator.

So the network administrator can do everything.

They can have access to the financial information, they can instal software, and they can set up new users.

Let's now compare this to students.

So students are allowed read access to the shared area, but they're not allowed to write to the shared area.

They are allowed read/write access to their own personal areas, but they have blocked access to student information, financial information, they can't instal software, and they can't set up new users.

They can, however, access their own personal email and internet access, and they can print.

Support staff and school governors have the same level of access as students.

So by setting different access levels of control in the school, we can limit the risk to the network.

Anti-malware software is used to detect and remove malicious software such as viruses, worms, and Trojans.

For example, Microsoft Defender or Malwarebytes scans files and warns you before threats can do damage.

A firewall is a barrier between a network and the internet.

It filters incoming and outgoing traffic based on security rules.

For example, a firewall might block access to a suspicious website or stop unauthorised apps from sending data.

Penetration testing, which is also known as ethical hacking, is when security experts try to break into a system on purpose to find weaknesses before criminals do.

For example, a company might hire a tester to see if weak passwords can give them access to sensitive files.

Physical security protects the hardware of a network, like computers, servers, and routers, from theft or damage.

Examples of physical security include: locked doors, CCTV, security guards, and swipe card access.

Backing up means making a copy of important data in case it is lost or corrupted.

For example, a school may back up all student data daily to a secure cloud server.

Recovery is restoring the data from a backup.

Training can help employees to recognise security risks and act safely online.

Examples include: how to spot phishing emails, using strong passwords, and teaching users to lock screens when they're away from their desks.

A device's media access control, or MAC address, is unique.

A network manager can make a network more secure by using this address to limit the devices allowed on the network.

Devices on a safe list are allowed onto the network.

Devices on a block list are banned from the network.

In 2024, the UK Parliament enhanced its cybersecurity after detecting multiple attempts to breach its network, including phishing and brute-force attacks.

Here are some of the methods that they've used to protect the network: Multi-factor authentication, or MFA: staff must verify their identity using a second method, like a code sent to their phone in addition to their passwords.

Strong password policies: regular forced password changes, and requirements for complex passwords reduce the risks of guessing or brute-force attacks.

Network monitoring and firewalls: continuous monitoring tools to detect unusual activity, while firewalls block unauthorised access attempts.

Staff training: regular cybersecurity training that helps staff recognise phishing emails and social engineering tactics.

Time to check your understanding.

I have a question for you.

What security measure acts like a barrier, filtering incoming and outgoing network traffic based on security rules? Is it A, anti-malware software? B, penetration testing? Or C, a firewall? Pause the video whilst you have a think.

Did you select a firewall? Well done.

A firewall acts like a barrier, filtering incoming and outgoing network traffic based on security rules.

Okay, we are moving on to our next task of today's lesson, task B.

For part one, I'd like you to explain how user privileges, which are different levels of access, help protect a network.

And then for part two, I'd like you to describe three different methods used to protect computer networks.

Pause the video whilst you complete the task.

How did you get on with the task? I'm sure you've done a great job.

Let's have a look at some sample answers together.

So, for part one, you were asked to explain how user privileges, which are different levels of access, help protect a network.

User privileges help protect a network by ensuring that users only have the access they need for their job.

This means that the damage is limited if an account is hacked.

There is less chance that users will accidentally or deliberately tamper with or steal data if their access to data is limited, and they have less chance of introducing malware if they can't instal software.

For part two, you were asked to describe three methods used to protect computer networks.

Anti-malware software is used to detect and remove harmful programmes like viruses, worms, and Trojans.

It scans files and warns users before these threats can cause damage.

A firewall acts as a barrier between a network and the internet.

It protects the network by filtering incoming and outgoing traffic based on security rules.

Backing up data, or making copies of important information, is crucial because if the original data is lost, stolen, or corrupted, it can be restored from the backup, preventing permanent loss of vital files.

Remember, if you need to, pause the video here and add any detail or amendments to your answers; you can do that now.

Okay, we've come to the end of today's lesson, "Network Security." And you've done a fantastic job, so well done.

Let's summarise what we've learned together in this lesson.

Networks need security to protect data, devices, and users from threats such as malware and unauthorised access.

Methods like firewalls and user privileges help reduce the risk of attacks and keep the network secure.

I hope you've enjoyed today's lesson, and I hope you'll join me again soon.

Bye.