UNIT 3

ELECTRONIC DATA INTERCHANGE

Electronic Data Interchange (EDI) is the computer-to-computer exchange of

business documents in a standard electronic format between business partners.

Computer-to-Computer

Computer-to-computer EDI replaces postal mail, fax and email. While email is also an electronic
approach, the documents exchanged via email must still be handled by people rather than
computers. Having people involved slows down the processing of the documents and also
introduces errors. Instead, EDI documents can flow straight through to the appropriate
application on the receiver’s computer (e.g., the Order Management System) and processing can
begin immediately. A typical manual process looks like this, with lots of paper and people
involvement:

The EDI process looks like this — no paper, no people involved:

BENEFITS OF EDI:

 Improved operational efficiency: Automating the flow of messages with integrated EDI
improves the speed and efficiency of your operations by eliminating the need to manually rekey
data in multiple systems.
 Fewer errors: By removing manual, paper based processes the occurrence of human errors
is dramatically reduced or even eliminated.
 Increased accuracy: Automated message validation ensures that errors are flagged and
rectified before they impact your trading partners and data integrity in your internal systems is
maintained.
  Increased return on investment (ROI): Automation through integrated EDI enables you to
maximise the benefits of EDI and move beyond simply complying with your customers' EDI
requirements.
 Enhanced visibility: EDI provides full transparency of the ordering and invoicing process
for you and your trading partners. This end-to-end visibility enables more informed decisions to
be made and ultimately improves the service delivered to consumers.
 Reduced inventory cost: Increased visibility within the supply chain eliminates unknowns
and can therefore enable you to reduce the levels of inventory you need to hold.

EDI STANDARDS:
EDI standards define the location and order of information in a document format. With this automated capability,
data can be shared rapidly instead of over the hours, days or weeks required when using paper documents or other
methods.

Electronic Data Interchange (EDI) is the electronic interchange of business information using a standardized
format; a process which allows one company to send information to another company electronically rather than with
paper. Business entities conducting business electronically are called trading partners.

 UN/EDIFACT
 ANSI X12
 VDA
 Integration of EDI Standards with SAP
UN/EDIFACT

United Nations / Electronic Data Interchange for administration is the international standard
developed by the United Nations for trade and transport.

The maintenance and further development of this standard is done through Facilitating United
Nations Trade and Electronic Trade Center affiliated United Nations (UN / CEFACT).

United Nations Center for Trade Facilitation and Electronic Commerce, affiliated with the UN
Economic Commission for Europe (UN / CEFACT). The EDIFACT standard provides a set of
syntax rules for configuration, an interactive exchange protocol, and a set of standard messages
that allow the exchange of multi-country and multi-sectoral electronic business documents.

ANSI X12

The goal of ANSI X12 is to uniform standards for inter-industry electronic exchange of business documents,
namely EDI. ANSI X12 is a global set of rules for the intercompany electronic data exchange between two EDI
Trading Partners.

In 1979, the American National Standards Institute (ANSI) hired the Accredited Standards
Committee (ASC) X12 to develop uniform standards for inter-industry electronic business
transactional exchange, that is, electronic data exchange. ANSI X12 was originally designed to
support companies in different industry sectors in North America, but today there are more than
300,000 companies worldwide using ANSI X12 EDI standards in their day-to-day business
transactions. ANSI X12 also contributes to UN/EDIFACT messages commonly used outside the
United States.

VDA

VDA, one of the regional EDI standards, stands for Verband der Automobil industrie
Automotive Industry Association of Germany. It develops standards and best practices to serve
the needs of companies in the German automotive industry. The VDA maintains a set of fixed
format messages describing the business documents exchanged between automotive
manufacturers and suppliers. Unlike other EDI standards, the VDA specifications do not have
any naming conventions for each item.

EDI COMMUNICATIONS:

FAST & FUTURE-PROOFED

EDI Communications can plan, design and install a structured cabling system that will allow
your business to communicate efficiently with the cable and fibre infrastructures required by
today's networks.
COST-EFFECTIVE & SCALABLE
Our Hosted IP Telephony solutions allow your business to make great savings on calls as well as
the ability to easily add new phone numbers and extensions as and when you need to.
COMPREHENSIVE SUPPORT
In addition to responding to equipment failure, we liaise with third party network providers,
logging and expediting network associated problems on your behalf.
ALWAYS ONLINE
We understand that keeping in contact with customers, suppliers and colleagues is crucial - Our
internet connectivity services provide a stable, fast and cost-effective solution.
INCREASE RESPONSIVENESS
Working flexibly and responding quickly to customers is key in today's business environments.
edi Communications offer mobile solutions which allow you to work effectively, wherever you
are.
RELIABILITY
Whether your business is large or small, edi Communications can provide a reliable, fast and
secure broadband connection which meets all your requirements.

EDI Implementation:
Implementing EDI across your organisation and network of trading partners can be complex. Taking a
systematic approach will help you deliver an effective EDI programme. Below is a structured 10- step
implementation process for successful EDI implementation:

Step 1: Develop the organisational structure

Your first action is to ensure that you have access to the correct skills. Develop EDI coordinators and teams that will drive the
programme through your organisation.

Step 2: Undertake a strategic review

The business areas that benefit most from EDI deployment vary by organisation. A strategic review identifies where EDI has
greatest potential in your business.

Step 3: Conduct in-depth analysis

An accurate analysis of costs and projected payback when implementing EDI is essential.

Step 4: Develop a business-focused EDI solution

Selecting the correct EDI solution for your business requires an in-depth understanding of both the technical and business issues
– for you and your trading partners.

Step 5: Select the correct EDI network provider (VAN)

Most organisations find using an EDI provider makes the best business and financial sense. Selecting the correct provider for your
business is imperative.

Step 6: Integrate EDI with the business

How an EDI system is designed and developed depends on the amount of custom work required and the amount of internal
systems with which it needs to share data.

Step 7: Integrate data across the business

Most applications impose their own data structures. The data from internal and external systems need to be analysed in order to
ensure they translate into your EDI system.

Step 8: Undertake data mapping

To ensure the smooth flow of information between internal applications and trading partners, documents need to be mapped to
allow effective data transmission
 Step 9: Establish a pilot project
Before your EDI system goes live within your entire trading community, it is important to select a small number of partners to test the
system in ‘near live’ conditions.

Step 10: Roll out EDI to trading partners

The last action is to implement EDI across your trading partners. This should be achieved in a staged manner that reflects your
current business priorities.

EDI Interchange Agreement:

It is a legal agreement formed between your firm and its trading partner. It regulates the exchange of key business
documents and will be formed as per ANSI X12 standards. All the terms conditions for business documents’ exchange
among trading partners have been mentioned in it.

Let’s have a quick view on the details that are part of a typical EDI Agreement:

Article 1: Objective and Scope

 The main purpose of the entire EDI process will be described in this section. All the specific terms as well as conditions will
be mentioned clearly.

 The provisions of the agreement along with Technical Annexe will be mentioned in this section.

Article 2: Definitions
The related description of all the important terms involved in the EDI transaction will be defined in this section.
 Electronic Data Interchange (EDI): Exchange of key business documents between many trade partners.

 Electronic Data Interchange Message (EDI Message): Set of data elements organized in a standard format. It should be
easily readable/processable by any trading partner’s system.

 Electronic Data Interchange Agreement (EDI Agreement): Approved set of standard formats and norms for the exchange
process.
Acknowledgement of receipt: A letter sent by the receiver after accepting the receipt of an EDI message. It usually
includes:
o Network Acknowledgement

o Protocol Acknowledgement

o Functional Acknowledgement

o Technical Acknowledgement
 Functional Domain: A particular business area for which this specific EDI exchange process is intended.

 Issuer or sender: The firm that issues the EDI message.

 Provider of network services: Describes the third-party that facilitates data transfer.

 Integrity: A feature that ensures the quality and reliability of the data. The data should be sent without any modification in an
unauthorized way.

 Data Log: Describes the format in which all the transactions are required to be mentioned. It should be done according to
their processing date and time.

 Standards: Defines the standards used for the exchanging process.

 Message Implementation Guideline: Define norms for creating and sending a specific EDI message.

 Receiver: The firm to whom the EDI message is being sent.

 Re-send: A request sent by the receiver to the issuer or the network service provider for resending an EDI message.

Article 3: Validity and Formation of Contract

All the details related to the contents of the contract and its validity will be mentioned in this section. Furthermore, all the
possible consequences linked with the contract breach will be also stated in this section.

Article 4: Admissibility in evidence of EDI messages

Describe all the frameworks under which, this agreement may be produced in front of the respective Courts.

Article 5: EDI message’s processing and acknowledgement of receipt

The information related to the deadline for processing and acknowledging different EDI messages. It also includes
provisions related to these time-limits. Apart from that, this section also contains info on notice issuing in case of deadline
failure.

Article 6: Security of EDI messages

This particular section contains all the information related to security procedures. It focuses on all the steps taken out for
ensuring complete protection for EDI messages against legal activities. For instance, unauthorized access, modification,
destruction, delay, or loss. Besides, this section also provides info on data verification and error handling.

Article 7: Confidentiality of personal data and protection policy

All the norms related to confidentiality and the protection policy will be mentioned in this section. It becomes highly important
since every country’s privacy laws will be different.

Article 8: Recording and storage of EDI messages

 All the details related to recording and storing of different EDI messages can be found in this section. It also consists of
information on the accessibility of the saved data in a human-readable format. Moreover, a list of all operational equipment
that are used in this setup will be included in this section.

Article 9: Operational requirements for EDI

This section focuses on all the equipment and procedures that are important for maintaining a perfect operational
environment. It includes:
 Operational Equipment:
Details on installation and maintenance of the entire setup will be available in this section. Also, all the concerned software
and support services will be mentioned here.

 Communication Modes:
Information on the method of communication and related protocols are available. Also, a description of the third-party
service providers will be provided.

 EDI message agreements:

All the approved file formats and processing methods will be mentioned in this section.

 Codes:
The list of EDI standards along with transaction codes that are going to be used in the exchange process will be stated in
this section.

 System Availability:
All the systems involved in the exchange process will be noted in this section. For instance, among many trading partners,
any partner might wish to replace his entire system or some specific parts. The guidelines related to providing information to
other trading partners about this change in the system(s) will also be available.

Article 10: Technical specifications and requirements

In this section, all the technical requirements and specifications related to each part of the entire set-up will be available.

Article 11: Liability

All the responsibilities related to damages caused by the firm or any of the trading partners will be noted in this section.

Article 12: Modification, Schedule, and Termination

 Modification:
Info on provisions related to the modification of this agreement will be available in this section.

 Schedule:
The effective date of the agreement will be
noted in this section.
 Termination:
The norms related to the termination of the agreement will be noted in this section. It also includes information on the rights
as well as obligations related to each part involved in this agreement.

What is an e-payment system?

An e-payment or Electronic Payment system allows customers to pay for the services via
electronic methods.

They are also known as online payment systems. Normally e-payment is done via debit, credit
cards, direct bank deposits, and e-checks, other alternative e-payment methods like e-wallets,
bitcoin, cryptocurrencies, bank transfers are also gaining popularity.

Types of e-payment system

E-payments can be done in the following ways,

Internet banking – In this case, the payment is done by digitally transferring the funds over the
internet from one bank account to another.

Some popular modes of net banking are, NEFT, RTGS, IMPS.

Card payments – Card payments are done via cards e.g. credit cards, debit cards, smart cards,
stored valued cards, etc. In this mode, an electronic payment accepting device initiates the
online payment transfer via card
Credit/ Debit card – An e payment method where the card is required for making payments
through an electronic device.

Smart card – Also known as a chip card, a smart card, a card with a microprocessor chip is
needed to transfer payments.

Direct debit – Direct debit transfers funds from a customer’s account with the help of a third
party

E-cash – It is a form where the money is stored in the customer’s device which is used for
making transfers.

E-check – This is a digital version of a paper check used to transfer funds within accounts.

E-wallet – Very popular among customers, an E-wallet is a form of prepaid account, where
customer’s account information like credit/ debit card information is stored allowing quick,
seamless, and smooth flow of the transaction.

Mobile wallet – An evolved form of e-wallet, mobile wallet is extensively used by lots of
customers.

It is a virtual wallet, in the form of an app that sits on a mobile device. Mobile wallet stores card
information on a mobile device.
The user-friendly nature of mobile wallets makes them easier to use. It offers a seamless
payment experience making customers less dependent on cash.

QR payments – QR code-enabled payments have become immensely popular. QR code

stands for ‘Quick Response’ code, a code that contains a pixel pattern of barcodes or squares
arranged in a square grid.

Each part of the code contains information. This information can be merchant’s details,
transaction details, etc. To make payments, one has to scan the QR code with a mobile device.

UPI payments – NPCI (National Payment Corporation of India) has developed an instant real-
time payment system to facilitate interbank transactions.

This payment system is titled UPI(Unified Payment Interface). Payments via UPI can be made
via an app on a mobile device.

Biometric payments – Biometric payments are done via using/scanning various parts of the
body, e.g. fingerprint scanning, eye scanning, facial recognition, etc.

These payments are replacing the need to enter the PIN for making transactions making these
payments more accessible and easy to use.

Characteristics of electronic payment system:

Following are the essential characteristics of electronic payment system:

1. Acceptability:-

The payment infrastructure should not only be robust but also available and accessible to a

wide range of consumers and sellers of goods and services. The value stored in the electronic

cash should be honored and accepted by other banks and financial institutions for reconciliation.

2. Reliability:-

Users and businesses want a payment system that is reliable because the availability of

services and smooth running of an enterprise will depend on the availability and successful

operation of the payment infrastructure.

The users should be completely shielded infrastructures. The user should be completely

shielded from a system or single point failure.

3. Security:-

Digital currency should be stored in a form that is resistant to replication, double-spending, and

tampering. At the same time, it should offer protection from the intruders trying to tap it to

unauthorized use, when transmitted over the internet.

4. Usability:-

The user of the payment mechanism should be able to use it as easily as real currency. This

requires that the payment system should be well integrated with the existing applications and

processes that acquire the role of transacting parties in e-commerce.

5. Scalability:-

The payment system infrastructure should be scalable, to be able to handle the addition of new

users and merchants, so that systems will perform normally without performance degradation

and maintain the quality of service.

It should be able to offer the same performance and cost per transaction overheads with a

growing number of customers and transactions.

6. Anonymity, privacy:-

This characteristic refers to the desire of users to protect their privacy, identity and personal

information. In some transactions, the identities of the parties could be protected by anonym it.
Anonymity means that it is not possible to discover someone’s identity or to monitor an

individual’s spending patterns.

7. Applicability:-

Applicability of a payment system is defined as the extent to which it is accepted for payments

at points of sale, or at online e-commerce sites.

Debit cards and credit cards have high applicability, as one can pay with them in a variety of

places. The applicability of a payment system may vary from country to country.

8. Authorization type:-

Authorization type is defined as the form of control over the validity of transactions. The

authorization type can be offline. Offline authorization means that users of the system can

exchange money while not connected to a network, without a third party mediating the

transaction. Paper cheques are the example of offline authorization.

9. Convertibility:-

Funds represented by one payment system should be easily convertible into funds represented

by other payment systems. Users should be able to transfer money from electronic payment

systems.

Users should be able to transfer money from electronic payment systems to another accepted

money from i.e. receive it in cash, or transfer to a bank account.

The electronic currency should be interoperable and exchangeable with other forms electronic

cash, paper currencies, and deposits in the bank accounts, bank notes or any other financial

instrument.

10.Interoperability:-

A payment system in interoperable if it is not dependent on one company, but it is open and

allows other interested parties to join. This can be achieved by means of open standards for

data transmission protocols and infrastructure.

An interoperable system can faster gain the necessary customer base for future development

and will have a higher level of applicability.

11.Multi-currency:-

Effective and efficient payment systems between countries are possible when a system allows

processing multiple currencies, as it is currently done with credit cards.

This feature is not implemented in the payment systems of many countries, binding them to a

particular region. Multi-currency payments are required for payments in cross-border e-

commerce.

12.Traceability:-

Traceability indicates how easy it is to trace money flows and sources of funds that are going

through a payment system and used for purchases. In electronic payment systems, money can

be traced by records that are kept of payment activity.

13. Linkability:-
Linkability of an electronic payment system implies that payments can be associated with a

particular user, or that it is possible to recognize several payments originating from some user.

Users can be linked to their spending even if the system they use is anonymous. A relation

between the user and his payments can be established.

14.Trust:-

Trust refers to the degree of customers confidence that their money and personal information

will be safe, and that all parties involved will not act against users’ interests. Users need to trust

that payments will be bot be stolen or misused.

15.Flexibility:-

Payment systems should be in a position to accept several forms of payment rather than limiting

the users to a single form of currency.

16.Efficiency:-

Efficiency here refers mainly to the cost overheads involved in the operation of digital payments.

The cost of payment per transaction should be negligible.

EDI SECURITY

An important aspect of EDI is the security of messages during the exchange. It should be ensured that the
interchange of messages is reliable.

Further aspects of security are:

  Controls in the EDI standards:-

EDI standards include controls designed to protect against errors in the message and the corruption of
message during the interchange.

 Controls in the transmission protocol:-

Transmission protocols include protection such as longitudinal control totals in order to detect
any corruption that occurs during transmission. When the corruption of the message is detected, the
network system starts retransmission without the need for outside intervention.

 Protection against tampering:-

When there is a concern that the transmission might be intercepted and modified, it can be protected by a
digital signature. The digital signature is designed to ensure that the message received is exactly the same
as the message sent. It also ensures that the source of a message is an authorized trading partner and the
message was not altered during the transmission.

 Privacy of message:-

In case, when the contents of the message are considered sensitive, the privacy of the message can be
protected during transmission by encrypting the data. Encryption is the process of encoding messages or
information in such a way that only authorized party i.e. the trading partner can read it.

 Non-repudiation:-

It is a way to guarantee that the sender of a message cannot later deny having sent the message and that
the recipient cannot deny having received the message. Non-repudiation can be obtained through the use
of digital signatures, confirmation services, and timestamps.

The figure shows the overall facilities for EDI security and privacy:
 INTERNET SECURITY:

Cryptography

Cryptography is the study of secure communications techniques that allow only the sender and intended
recipient of a message to view its contents. The term is derived from the Greek word kryptos, which means
hidden.

Cryptography is technique of securing information and communications through use of codes so that
only those person for whom the information is intended can understand it and process it. Thus
preventing unauthorized access to information. The prefix “crypt” means “hidden” and suffix graphy
means “writing”. In Cryptography the techniques which are use to protect information are obtained from
mathematical concepts and a set of rule based calculations known as algorithms to convert messages
in ways that make it hard to decode it. These algorithms are used for cryptographic key generation,
digital signing, verification to protect data privacy, web browsing on internet and to protect confidential
transactions such as credit card and debit card transactions.
Techniques used For Cryptography: In today’s age of computers cryptography is often associated
with the process where an ordinary plain text is converted to cipher text which is the text made such
that intended receiver of the text can only decode it and hence this process is known as encryption.
The process of conversion of cipher text to plain text this is known as decryption.
Features Of Cryptography are as follows:
1. Confidentiality: Information can only be accessed by the person for whom it is intended and no
other person except him can access it.
2. Integrity: Information cannot be modified in storage or transition between sender and intended
receiver without any addition to information being detected.
3. Non-repudiation: The creator/sender of information cannot deny his intention to send information at
later stage.
4. Authentication: The identities of sender and receiver are confirmed. As well as destination/origin of
information is confirmed.
Types Of Cryptography: In general there are three types Of cryptography:
1. Symmetric Key Cryptography: It is an encryption system where the sender and receiver of
message use a single common key to encrypt and decrypt messages. Symmetric Key Systems are
faster and simpler but the problem is that sender and receiver have to somehow exchange key in a
secure manner. The most popular symmetric key cryptography system is Data Encryption
System(DES).
2. Hash Functions: There is no usage of any key in this algorithm. A hash value with fixed length is
calculated as per the plain text which makes it impossible for contents of plain text to be recovered.
Many operating systems use hash functions to encrypt passwords.
3. Asymmetric Key Cryptography: Under this system a pair of keys is used to encrypt and decrypt
information. A public key is used for encryption and a private key is used for decryption. Public key
and Private Key are different. Even if the public key is known by everyone the intended receiver can
only decode it because he alone knows the private key.

SECURITY PROTOCOLS:

In today’s world, we transfer the data in bulk, and the security of this data is very important, so Internet
security provides that feature i.e., protection of data. There are different types of protocol exist like
routing, mail transfer, and remote communication protocol. But the Internet security protocol helps in
the security and integrity of data over the internet. There are many protocols that exist that help in the
security of data over the internet such as Secure Socket Layer (SSL) , Transport Layer Security
(TLS).
Now, let us look at the various types of Internet Security Protocols :
1. SSL Protocol :
 SSL Protocol stands for Secure Sockets Layer protocol, which is an encryption-based Internet
security protocol that protects confidentiality and integrity of data.
 SSL is used to ensure the privacy and authenticity of data over the internet.
 SSL is located between the application and transport layers.
 At first, SSL contained security flaws and was quickly replaced by the first version of TLS that’s
why SSL is the predecessor of the modern TLS encryption.
 TLS/SSL website has “HTTPS” in its URL rather than “HTTP”.
 SSL is divided into three sub-protocols: the Handshake Protocol, the Record Protocol, and the
Alert Protocol.
2. TLS Protocol :
 Same as SSL, TLS which stands for Transport Layer Security is widely used for the privacy and
security of data over the internet.
 TLS uses a pseudo-random algorithm to generate the master secret which is a key used
for the encryption between the protocol client and protocol server.
 TLS is basically used for encrypting communication between online servers like a web browser
loading a web page in the online server.
 TLS also has three sub-protocols the same as SSL protocol – Handshake Protocol, Record
Protocol, and Alert Protocol.
3. SHTTP :
 SHTTP stands for Secure HyperText Transfer Protocol, which is a collection of security
measures like Establishing strong passwords, setting up a firewall, thinking of antivirus
protection, and so on designed to secure internet communication.
 SHTTP includes data entry forms that are used to input data, which has previously been
collected into a database. As well as internet-based transactions.
 SHTTP’s services are quite comparable to those of the SSL protocol.
 Secure HyperText Transfer Protocol works at the application layer (that defines the shared
communications protocols and interface methods used by hosts in a network) and is thus closely
linked with HTTP.
 SHTTP can authenticate and encrypt HTTP traffic between the client and the server.
 SHTTP operates on a message-by-message basis. It can encrypt and sign individual
messages.
4. Set Protocol :
 Secure Electronic Transaction (SET) is a method that assures the security and integrity of
electronic transactions made using credit cards.
 SET is not a payment system; rather, it is a secure transaction protocol that is used via the
internet.
 The SET protocol provides the following services:
 It establishes a safe channel of communication between all parties engaged in an e-
commerce transaction.
  It provides confidentiality since the information is only available to the parties engaged
in a transaction when and when it is needed.
 The SET protocol includes the following participants:
 Cardholder
 Merchant
 Issuer
 Acquire
 Payment Gateway
 Certification Authority
5. PEM Protocol :
 PEM Protocol stands for privacy-enhanced mail and is used for email security over the internet.
 RFC 1421, RFC 1422, RFC 1423, and RFC 1424 are the four particular papers that explain the
Privacy Enhanced Mail protocol.
 It is capable of performing cryptographic operations such as encryption, nonrepudiation, and
message integrity.
6. PGP Protocol :
 PGP Protocol stands for Pretty Good Privacy, and it is simple to use and free, including its source
code documentation.
 It also meets the fundamental criteria of cryptography.
 When compared to the PEM protocol, the PGP protocol has grown in popularity and use.
 The PGP protocol includes cryptographic features such as encryption, non-repudiation, and
message integrity.

Network Security
Network Security refers to the measures taken by any enterprise or organization to secure its
computer network and data using both hardware and software systems. This aims at securing the
confidentiality and accessibility of the data and network. Every company or organization that handles a
large amount of data, has a degree of solutions against many cyber threats.
The most basic example of Network Security is password protection which the user of the network
oneself chooses. In recent times, Network Security has become the central topic of cyber security with
many organizations inviting applications from people who have skills in this area. The network security
solutions protect various vulnerabilities of the computer systems such as:

1. Users
2. Locations
3. Data
4. Devices
5. Applications
Network Security: Working
The basic principle of network security is protecting huge stored data and networks in layers that
ensure the bedding of rules and regulations that have to be acknowledged before performing any
activity on the data.
These levels are:
1. Physical
2. Technical
3. Administrative
These are explained as following below.
1. Physical Network Security:
This is the most basic level that includes protecting the data and network through unauthorized
personnel from acquiring control over the confidentiality of the network. These include external
peripherals and routers that might be used for cable connections. The same can be achieved by
 using devices like biometric systems.

2. Technical Network Security:

It primarily focuses on protecting the data stored in the network or data involved in transitions
through the network. This type serves two purposes. One is protected from unauthorized users, and
the other is protection from malicious activities.

3. Administrative Network Security:

This level of network security protects user behavior like how the permission has been granted and
how the authorization process takes place. This also ensures the level of sophistication the network
might need for protecting it through all the attacks. This level also suggests necessary amendments
that have to be done to the infrastructure.
Types of Network Security:
The few types of network securities are discussed below :
1. Access Control:
Not every person should have a complete allowance for the accessibility to the network or its data.
One way to examine this is by going through each personnel’s details. This is done through Network
Access Control which ensures that only a handful of authorized personnel must be able to work with
the allowed amount of resources.

2. Antivirus and Anti-malware Software:

This type of network security ensures that any malicious software does not enter the network and
jeopardize the security of the data. The malicious software like Viruses, Trojans, and Worms is
handled by the same. This ensures that not only the entry of the malware is protected but also that
the system is well equipped to fight once it has entered.

3. Cloud Security:
Now a day, a lot many organizations are joining hands with cloud technology where a large amount
of important data is stored over the internet. This is very vulnerable to the malpractices that few
unauthorized dealers might pertain. This data must be protected and it should be ensured that this
protection is not jeopardized by anything. Many businesses embrace SaaS applications for providing
some of their employees the allowance of accessing the data stored over the cloud. This type of
security ensures creating gaps in the visibility of the data.