Information security systems
And the use of information technology allows you to automate all processes. Not a single field of human activity can do without them: from calls to spacecraft control.
Advances in IT have created the problem of protecting databases. The number of cyberattacks that can disable the work of both private computers and large corporations and cause great financial damage is growing every year. The well-being of a company directly depends on the level of security of the information technologies it uses.
Most often, the target of cybercriminals is the information contained in the financial documents of organizations, passwords and logins for taking over the personal data of clients. In the United States in 2017, cyber attacks resulted in the leakage of personal data of 143 million users and their credit card numbers in one of the Equifax credit bureaus. This led to a 13% drop in the bureau's shares.
There are situations when the negative consequences of a data leak appear after a month or even a year. In this case, the information falls into the hands of ill-wishers and is used at the right time.
Data can get to attackers at any stage of processing. In this regard, experts recommend companies comprehensive protection without dividing information into more or less important.
The meaning of the concept
Information security system is a complex of technologies and resources aimed at preventing illegal access to information, its modification, deletion, use for personal purposes, etc. The system includes ensuring the confidentiality and integrity of information in various situations: man-made and social disasters, natural disasters etc.
Increasingly, businesses are looking to digitize data. In this regard, information security specialists are involved in the work.
Sources of information security threats
The possibility of information leakage occurs at different levels of the organization's structure:
- Legislation. Sometimes there are cases when law enforcement agencies are involved to find out the reasons for the leak. They may legally confiscate equipment while the investigation is ongoing. Due to the fact that information is usually stored on a personal computer or server, the work of the company may stop for an indefinite period. This entails financial losses that the state does not compensate.
- Business co-owners. Most cybercriminals have legal access to data.
There is a classification of insiders:
- employees who steal information on an order for material reward. Experts call them "moles";
- former employees who steal data for use at a new place of work;
- high-ranking managers; most often act as insiders and, having access to data, use confidential information for personal purposes or send it to third parties;
- mid-level workers who use a computer for personal purposes (“offenders”); When they shop online or play online games, employees increase the risk of cyberattacks.
Viruses. One of the most dangerous threats. Viruses can penetrate not only messaging services, but even mobile devices, switches, routers and others. Losses from such attacks, which can provoke a suspicious letter, sometimes reach multi-million dollar sums.
DDoS attacks. The acronym stands for Distributed Denial of Service. A cyber attack is directed at a communication channel or directly at a resource server. The user cannot enter the site, as this is hindered by many false requests. The site is suspended or operations are taking a very long time. Often, such methods are used by the company's competitors or hackers who want to distract the attention of site administrators. Banks often fall victim to such attacks.
Counterfeit software. Often, managers install it in order to save money on the purchase of a license. Pirated versions do not receive full technical support and are more susceptible to viruses. Some versions of pirated software have special programs for stealing logins and passwords.
Negligent attitude of employees. Employees often copy data to personal media, log into the company's server from their home computer, open suspicious letters, or mistakenly send messages to the wrong recipient. At the same time, no one thinks about stealing information.
Information security tools
With the constant growth in the number of attacks, new technologies are being introduced to counter cybercriminals. Protection methods include:
- Encryption when transmitting information in electronic form. Experts have developed different types of encryption that make it safe to store data on open media.
- Data recovery in case of emergency. The methods are developed by each company without fail. A pre-prepared plan avoids downtime and financial losses in a critical situation. It details the steps to initiate emergency operation and restore data.
- Backup. The bottom line is the additional storage of information on another medium or server. Placement in cloud storages of data centers is becoming relevant. In the event of an emergency or when equipment is removed, the company gains access to the data and continues its activities.
- Anti-DDoS service. This opportunity is provided by software developers. When an attack occurs, the protection system is activated and is not disabled until the threat is completely eliminated. In this case, the work of the server or resource does not change. One of the successful projects designed to solve the problem of limited access to scientific publications is the CyberLeninka resource. Users of the Russian electronic library can read scientific articles that are presented in an open license, depending on the agreements with the copyright holders.
- Standard protection methods. Use of anti-virus programs and filters that cut off suspicious messages. To protect corporate resources, you must constantly change access passwords.
- Physical methods of protection. Restriction of physical access of unauthorized persons to data carriers. In most cases, only certain employees are allowed to access server or other important objects. Increasingly, these employees are issued special HID cards.
Integrated information security systems
The most effective is a system that includes the entire arsenal of possible means that make up an integrated information security system. It is implemented in two directions:
- Application of technical means of protection.
- Development of appropriate documentation and security policy.
Legal protection. These are laws, other documents, measures, procedures that ensure the protection of information at the legal level.
This direction is based on the following main documents:
- The Constitution;
- The Civil Code;
- The Criminal Code.
The main hardware and software methods are as follows:
- Access control and data protection within the network. The company is creating a main management console. Employees gain access to certain data in accordance with their position.
- Intrusion detection system. Special programs block malicious attacks and analyze system security. The administrator gets the opportunity to act only in a situation where the attack can actually cause damage.
- Using antivirus software. Experts recommend installing several programs that have different mechanisms for detecting malicious attacks.
- Firewalls. They separate networks and prevent users from violating security rules. Modern firewalls successfully combine work with anti-virus programs and other means of protection.
Comprehensive information security methods are constantly changing depending on the economic situation and the emergence of new opportunities for cyber attacks. There is a tendency for companies to develop their own IT security system, since the owners are interested not only in meeting the requirements of regulatory services, but also in preserving the business.
conclusions
Today the situation is such that the administration of systems by one or several employees is rather a disadvantage, since they have access to confidential information. The domestic and foreign information technology market provides different programs for data protection. The costs of implementing and developing a protection system are only a small part of the losses that a company can incur in the event of a cyber attack or insider actions.
