Information security methods

Apply for SearchInform DLP TRY NOW

And the common methods of information security that are known today consist of organizational, technical, economic and legal.

Organizational and technical methods of information security (IS) include:

  • information security system (by which we mean a set of measures (internal rules for working with data, regulations for the transfer of information, access to them, etc.) and technical means (use of programs and devices to maintain data confidentiality));
  • development (creation of new), operation and improvement of existing information security means;
  • permanent control over the effectiveness of measures taken in the field of information security.

The last point is especially important. It is very difficult to determine the effectiveness of information security without an assessment methodology. If efficiency falls, it is necessary to urgently make adjustments (for this, permanent control is needed).

They are closely interconnected with the legal methods of information security of the Russian Federation.

The legal security factor of the Russian Federation consists of:

  • licensing of activities in terms of ensuring information security;
  • certification of technical means of information protection;
  • certification of objects of informatization according to compliance with the standards of information security of the Russian Federation.

The third component, economic, includes:

  • drawing up programs to ensure information security of the Russian Federation;
  • determination of the sources of their financial support;
  • development of a financing procedure;
  • creation of an information risk insurance mechanism.

Information security is always a complex system, all components of which are designed to prevent leakage of confidential information through technical channels, as well as to prevent third-party access to information carriers. All this, accordingly, guarantees the integrity of data when working with them: processing, transfer and storage, which must be carried out in the legal field. Competently organized technical measures make it possible to determine the use of special electronic devices for unauthorized removal of information, located both in the room and in communication facilities.

In the Russian Federation, there are several normative legal documents regulating work in the information sphere: "On the approval of the Doctrine of information security of the Russian Federation", "On information, information technologies and information protection", etc. One of the fundamental is the Federal Law of the Russian Federation "On commercial secrets. ". To this list, it is worth adding the Decree of the Government of the Russian Federation "On certification of information security means", "On licensing activities for the technical protection of confidential information", as well as the Order of the FSB "On approval of the Regulation on the development, production, sale and operation of encryption (cryptographic) information security tools ".

As for the economic component of information security, its basic rule is that the cost of an information security system should not be higher than the cost of protected information. In addition, it is necessary to protect predetermined information, and not all in a row (the latter is impractical from an economic point of view).

Organizational and technical component of information security

First, let's define the objects of protection. They are:

  • speech information;
  • data transmitted by technical means.

Both the main technical means and systems (OTSS), involved in the work with the protected data, and auxiliary technical means and systems (VTSS), as well as predefined premises, need protection.

Organizational protection of information consists in a set of rules drawn up on the basis of legal acts of the Russian Federation, designed to prevent unlawful seizure of confidential data.

The organizational method for ensuring information security has the following components:

  • creation of an information protection regime;
  • development of rules for the relationship between employees;
  • regulation of work with documents;
  • rules for the use of technical means within the existing legal framework of the Russian Federation;
  • analytical work to assess information security threats.

Protection of information infrastructure from unauthorized access is ensured by regulating the access of subjects (employees) to objects (data carriers and channels for their transmission). The organizational method of ensuring information security does not imply the use of technical tools. Such information security often consists, for example, in removing the OTSS beyond the perimeter of the protected area as far as possible.

The use of technical equipment and various programs to ensure information security, including database management systems, application software, various encryptors, DLP systems and SIEM systems that exclude data leaks through a computer network, refers to the technical method of ensuring information security.

SearchInform DLP is combined with SIEM solutions. The combination of products enhances the company's data protection.

Both methods are complementary and are called organizational and technical (for example, conducting special checks of technical equipment and premises for the detection of third-party devices designed to record and transmit information). Organizational and technical measures must necessarily comply with the legal methods of ensuring information security, prescribed by the regulatory documents of the Russian Federation.

Information security policy is developed taking into account the existence of many subsystems, including:

  • access granting subsystem;
  • registration and accounting subsystem;
  • a subsystem for ensuring security through the use of ciphers.

The main rules for a successful information security system:

  • the permanence of the established rules;
  • completeness of measures taken;
  • complexity;
  • consistency;
  • effectiveness.

Methods for protecting speech information

To ensure information protection of acoustic information, it is recommended to compactly arrange the protected premises, clearly establish the perimeter of the protected area, and regulate the admission of workers to the area covered by information protection.

Information security also consists in regularly examining the premises and the technical means installed in them for the presence of devices for unauthorized information retrieval. To enhance information security, you can use vibration and sound insulation, shielding, autonomy of the OTSS within the boundaries of the protected area, as well as the temporary shutdown of the OTSS.

Active and passive mechanisms for ensuring speech safety are also used. The first include generators that generate various kinds of noise (vibroacoustic and electromagnetic, both low and high frequency). The second: vibration and sound insulation; shielding devices; sound absorbing filters in air ducts.

Methods of protecting speech information transmitted by technical means

To ensure information protection of data stored and transmitted by technical means, in the Russian Federation they use:

  • authentication;
  • regulation of access to objects;
  • file encryption system;
  • keys;
  • secure connections;
  • IPsec.

Let's dwell on each of these forms of information protection in more detail.

All users of operating systems encountered such an element of information security as login and password. This is authentication . It is the most common way to ensure data security, including information messages stored on a server or PC.

Regulation of access to objects (folders, files stored in the system) can also be based on authentication, but other algorithms are often used (system participants are assigned rights and privileges by the administrator, according to which they can either get acquainted with some objects, or, in addition to acquaintance , make changes to them, or even delete).

Control access to documents and activities with them with the help of Device Controller - SearchInform SIEM connector.

File encryption (another component of information security) is carried out by the EFS system using a key.

If we talk about ensuring a secure connection , then information channels of the "client-client" or "client-server" type are used for this. In the Russian Federation, this information security method is widely used in the banking sector.

And finally, about IPsec . This is a set of protocols to ensure information security of data transmitted over IP.

All of these methods are used to build information security at the most progressive enterprises in Russia.