Methods of information protection
Data in computer systems is at risk of loss due to malfunctioning or destruction of equipment, as well as the risk of theft. Information security methods include the use of hardware and devices, as well as the introduction of specialized hardware and software.
Ways of illegal access to information
The key to successfully combating unauthorized access to information and data interception is a clear understanding of the channels of information leakage.
Integrated circuits that power computers create high-frequency changes in voltage and current levels. Oscillations propagate along the wires and can not only be transformed into an understandable form, but also be intercepted by special devices. Devices can be installed in a computer or monitor to intercept information that is displayed on the monitor or entered from the keyboard. Interception is also possible when transmitting information through external communication channels, for example, over a telephone line.
In practice, several groups of protection methods are used, including:
- an obstacle in the way of the alleged kidnapper, which is created by physical and software means;
- control or influencing the elements of the protected system;
- masking, or data transformation, usually in cryptographic ways;
- regulation, or the development of regulations and a set of measures aimed at encouraging users interacting with databases to behave appropriately;
- coercion, or the creation of such conditions under which the user will be forced to comply with the rules for handling data;
- inducing, or creating conditions that motivate users to behave appropriately.
Each of the information protection methods is implemented using different categories of means. Fixed assets - organizational and technical.
Organizational information security
The development of a complex of organizational means of protecting information should be within the competence of the security service.
Most often, security specialists:
- develop internal documentation that establishes the rules for working with computer equipment and confidential information;
- conduct briefings and periodic checks of personnel; initiate the signing of additional agreements to labor contracts, which indicates responsibility for the disclosure or misuse of information that has become known from work;
- delimit areas of responsibility in order to exclude situations when the most important data sets are at the disposal of one of the employees; organize work in common workflow programs and make sure that critical files are not stored outside network drives;
- implement software products that protect data from copying or destruction by any user, including the top management of the organization;
- make plans for system recovery in case of failure for any reason.
If the company does not have a dedicated information security service, the solution is to invite a security specialist for outsourcing. A remote employee will be able to audit the company's IT infrastructure and give recommendations on how to protect it from external and internal threats. Also, outsourcing in information security involves the use of special programs to protect corporate information.
Information security technical means
The group of technical means of information protection combines hardware and software. Basic:
- backup and remote storage of the most important data sets in a computer system - on a regular basis;
- duplication and backup of all network subsystems that are important for the safety of data;
- creating the ability to redistribute network resources in cases of malfunction of individual elements;
- ensuring the ability to use backup power systems;
- ensuring safety from fire or water damage to equipment;
- installation of software that protects databases and other information from unauthorized access.
The set of technical measures also includes measures to ensure the physical inaccessibility of objects of computer networks, for example, such practical methods as equipping a room with cameras and alarms.
Authentication and identification
To exclude illegal access to information, methods such as identification and authentication are used.
These funds are aimed at providing or, conversely, denying access to data. Authenticity, as a rule, is determined in three ways: by the program, by the apparatus, by the person. In this case, the object of authentication can be not only a person, but also a technical device (computer, monitor, media) or data. The easiest way to protect yourself is with a password.