The information security is a comprehensive security of information and the infrastructure supporting her from any accidental or malicious influences of which causing damage of information, to its owners or the supporting infrastructure can be result. Problems of information security come down to minimization of damage and also to forecasting and prevention of such influences.
Since 2000th years of cyberthreat became relevant for all, beginning from the largest state information systems to computers of ordinary citizens. The cyberthreat is an illegal penetration or threat of harmful penetration into virtual space for achievement political, social or others, is more whole.
Cyber wars between the countries
The largest cyber conflicts are developed between the states having the greatest computing and intellectual resources for conducting cyber wars. Information on agreements on electronic non-aggression and also on confrontation in virtual space between the countries, is selected in the separate article:
Cyber crime and losses of the organizations
Cyber crime became the world's largest direction in the criminal world. Chronicle of events in article:
Cyberswindlers annually cause huge economic damage to the separate organizations and the whole countries:
Banks are the largest purposes of cybercriminals. Information on losses of financial institutions is taken out in the separate article:
Often financial damage to the organizations is caused not by criminals, but own employees who steal, delete data or lose information media outside a circuit of the organization:
Market of solutions and services in data protection
For prevention of the losses connected with cyber crime, the states and the companies buy the equipment, software and services for data protection.
- Software for data protection (world market)
- Software for data protection (the market of Russia)
- Software for data protection (the market of Japan)
- Information security tools from unauthorized access (the information security facility from NSD)
- The systems of identification and access control to information resources of the enterprise - IDM (world market)
Threats of information security
The analysis of potential cyberthreats for the organization is service which can be purchased in the market:
The actions posing threat for information systems can be separated into two main categories: internal (deliberate and unintentional actions of employees) and external (network cyber attacks, theft of information media).
Internal threats are connected first of all with date leaks:
Most often lead the following actions performed by authorized users (employees, insiders) to leaks:
- purposeful theft, replacement on obviously false or destruction of data at the workstation or the server;
- the damage of data by the user caused by reckless or negligent acts;
- loss of information media behind perimeter of the organization.
The electronic methods of influence performed by hackers:
- unauthorized penetration into computer networks;
- DoS-and DDoS attacks;
Natural threats: various external factors can affect information security of the company: the wrong storage, theft of computers and carriers, force majeur and other circumstances can become the reason of data loss.
The main problems of data protection in information systems
Ultimate goal of implementation of measures of security
Increase in consumer properties of the protected service, namely:
- Convenience of using of service
- Security when using service
- In relation to the RBS systems it means safety of money
- In relation to the systems of electronic interaction it means control over the rights to an object and safety of resources
- Loss of any property of security means loss of trust to service of security
What undermines confidence to services of security?
At the household level
- Information on plunders of money and property often stated hypertrophied
- Intimidation of people unclear for them, so, uncontrollable threats (cyber attacks, hackers, viruses, etc.)
- Low-quality work of the provided service, (failures, errors, inexact information, loss of information)
- Insufficiently reliable authentication of the personality
- The fraud facts which people face or were heard about them
At the legal level
- Loss of authenticity of data
- Loss of legitimacy of service of security on formal sign (the termination of validity period of the certificate, certificate on an object, licenses for a type of activity, the end of support)
- Failures in work of SKD – SUD, confidentiality violation
- The weak trust level to service of authentication
- The failures and shortcomings of work of the systems of protection giving the chance to dispute legitimacy of the made transactions
Creation of any computer network begins with installation of workstations, therefore the subsystem of information security begins with protection of these objects.
Here are possible:
- means of protecting of the operating system;
- anti-virus packet;
- additional devices of user authentication;
- means of protecting of workstations from unauthorized access;
- means of enciphering of the application layer.
Based on the listed information security tools the first level of subsystems of information security in automated systems is under construction. At the second stage of development of a system separate workstations integrate in local networks, install dedicated servers and will organize an exit from a local network in the Internet.
At this stage information security tools of the second level — the level of protection of a local network are used:
- security aids of network operating systems;
- means of access isolation to shared resources;
- means of protecting of the domain of a local network;
- servers of authentication of users;
- internetwork screen proxy servers;
- sensors of the attacks and vulnerabilities of protection of a local network.
At consolidation of local networks in the general intranet with use as the communication environment of public networks (including, the Internet) safety of information exchange is ensured by use of VPN technology which forms a basis of the third level of information security.
Read article "to cybersecurity: means of protecting" '''
Physical methods of information security support
Physical measures of protection are the any mechanical, electro-and electronic and mechanical devices and constructions which are specially intended for creation of physical obstacles in possible ways of penetration and access for potential violators to components of an information system and the protected information. Enter the list of physical methods of data protection:
- organization of access control;
- the organization of accounting, storage, use and destruction of documents and carriers with confidential information;
- distribution of details of access isolation;
- organization of the hidden control of activity of users and service staff of an information system;
- the actions performed at design, development, repair and modifications hardware and the software.
When physical and technical methods are unavailable, administrative measures an obespechniya of information security are applied. Experience of functioning of the organizations with the complex organization of an information system showed that the best results in achievement of information security are achieved when using system approach.
Why in SMB risks in the field of cybersecurity are high
Many heads of small business underestimate importance of information security, believing that the small companies are not so interesting to hackers as large. This delusion. Small business is just very attractive to Internet swindlers. First of all what is not too anxious with information security.
Not at any small enterprise in the state there is an information technology specialist, but the illegal software, the "left" antivirus often meet. Data can be stored in public folders, keys from the system of the remote banking (RB) – in a box of a table of the head. Increases risk of leak of corporate information and use in operation of smartphones and tablets.
As shows the analysis of the arising incidents, malefactors, as a rule, do not hunt any specific company, "setting" viruses on all who will come to hand.
"And those who are protected less or are not protected absolutely become first "victims" of hackers who, getting into an information network of the company, abduct secret keys, data on transactions or clients", – Oleg Ilyukhin, the director of the department of information technologies of "SDM-bank" notes.
There are several obligatory rules of information security which it is just necessary to observe (2014).
Barrier from viruses and spam
Barrier for viruses and spam. The biggest security risk of the company, according to experts, is represented by the malware. For August, 2014 about 200 thousand its new samples daily appear. According to participants of the cybersecurity market, in 2013 95% of the Russian companies at least once underwent the hacker attack. Not less serious threat is leak as a result of the unprotected exchange of corporate information via mobile devices of employees.
To use the computer for RBS only for RBS
Not use social networks and open Wi-Fi from working computers
To keep keys and passwords under the lock
"Moreover, some careless staff of the company does not take out an usb-flash card with a key from RBS from the computer at all. If the hacker will receive control over the computer, it will lead to theft of all secret keys and use of the RBS system by the swindler on behalf of the organization", – Oleg Ilyukhin, the director of the department of information technologies of "SDM-bank" warns.
These data need to be stored in the safe or other reliable place, access for strangers to them should be prohibited.
Corporate data should be stored on a remote server
It is the best of all to entrust commercial and personal data to cloud services. It is safer, than in the folder on a table or the computer, on the USB stick or a removable disk. Data in data centers are stored in encrypted form, and it is possible to reach them only using electronic keys and the digital signature.
Differentiate data access between employees
It is also important to prevent and internal threats – deliberate or accidental violations of information security policy by the staff of the company. These risks can be minimized, having set access to corporate information depending on the privilege level of employees. For example, the sales manager locates the information only about the clients, and the complete base and all sales history will be available only to the head of the sales department. The chief accountant should have access only to accounting records, and the management reporting will be available only to the CEO. Of course, in the small company it is difficult to achieve complete isolation of functions, but to try to differentiate information streams between employees after all it is necessary. All this will also reduce date leak probability.
- Censorship on the Internet. World experience
- Censorship (control) on the Internet. Experience of China
- Censorship (control) on the Internet. Experience of Russia, Roskomnadzor
- Law on regulation of Runet
- VPN and privacy (anonymity, anonymizers)
- Protection of critical information infrastructure of Russia
- Law On security of critical information infrastructure of the Russian Federation
- National Biometric Platform (NBP)
- Single Biometric System (SBS) of these clients of banks
- Biometric identification (market of Russia)
- Directory of solutions and projects of biometrics
- Digital economy of Russia
- Information security of digital economy of Russia
- SORM (System for Operative Investigative Activities)
- State detection system, warnings and mitigations of consequences of the computer attacks (State system of detection, prevention and elimination of consequences of computer attacks)
- National filtering system of Internet traffic (NASFIT)
- Yastreb-M Statistics of telephone conversations
- How to bypass Internet censorship of the house and at office: 5 easy ways
- The auditor - a control system of blocking of the websites in Russia
- The Single Network of Data Transmission (SNDT) for state agencies (Russian State Network, RSNet)
- Data network of public authorities (SPDOV)
- Single network of telecommunication of the Russian Federation
- Electronic Government of the Russian Federation
- Digital economy of Russia
- Cyber crime in the world
- Requirements of a NIST
- Global index of cyber security
- Cyber wars, Cyber war of Russia and USA
- Cyber crime and cyber conflicts: Russia, FSB, National coordination center for computer incidents (NKTsKI), Information Security Center (ISC) of FSB, Management of K BSTM of the Ministry of Internal Affairs of the Russian Federation, Ministry of Internal Affairs of the Russian Federation, Ministry of Defence of the Russian Federation, National Guard of the Russian Federation
- Cyber crime and cyber conflicts: Ukraine
- Cyber crime and cyber conflicts: USA, CIA, NSA, FBI, US Cybercom, U.S. Department of Defense, NATO, Department of Homeland Security, Cybersecurity and Infrastructure Security Agency (CISA)
- Cyber crime and cyber conflicts: Europe, ENISA
- Cyber crime and cyber conflicts: Israel
- Cyber crime and cyber conflicts: Iran
- Cyber crime and cyber conflicts: China
- As the USA spied on production of chips in the USSR
- Security risks of communication in a mobile network
- Information security in banks
- Digital transformation of the Russian banks
- Overview: IT in banks 2016
- The policy of the Central Bank in the field of data protection (cyber security)
- Losses of the organizations from cyber crime
- Losses of banks from cyber crime
- Trends of development of IT in insurance (cyberinsurance)
- Cyber attacks
- Overview: Security of information systems
- Information security
- Information security (world market)
- Information security (market of Russia)
- The main trends in data protection
- Software for data protection (world market)
- Software for data protection (the market of Russia)
- Pentesting (pentesting)
- Cybersecurity - Means of enciphering
- VPN - Virtual private networks
- Security incident management: problems and their solutions
- Authentication systems
- Law on personal data No. 152-FZ
- Personal data protection in the European Union and the USA
- Quotations of user data in the market of cybercriminals
- Virus racketeer (encoder)
- WannaCry (virus racketeer)
- Petya/ExPetr/GoldenEye (virus racketeer)
- Malware (malware)
- APT - Targeted or target attacks
- DDoS and DeOS
- Attacks on DNS servers
- DoS-attacks on content delivery networks, CDN Content Delivery Network
- How to be protected from DDoS attack. TADetails
- Fraud Detection System (fraud, fraud, fraud detection system)
- Solutions Antifraud directory and projects
- How to select an antifraud system for bank? TADetails
- Security Information and Event Management (SIEM)
- Directory of SIEM solutions and projects
- Than a SIEM system is useful and how to implement it?
- For what the SIEM system is necessary and as it to implement TADetails
- Intrusion detection and prevention systems
- Reflections of local threats (HIPS)
- Confidential information protection from internal threats (IPC)
- Phishing, DMARC, SMTP
- Botha's botnet
- Worms Stuxnet Regin
- Information loss preventions (DLP)
- Skimming (shimming)
- Sound attacks
- Antispam software solutions
- Classical file infectors
- Cybersecurity: means of protecting
- Backup system
- Backup system (technologies)
- Backup system (security)