Translated by
2012/09/10 15:31:30

Information security

The information security is a comprehensive security of information and the infrastructure supporting her from any accidental or malicious influences of which causing damage of information, to its owners or the supporting infrastructure can be result. Problems of information security come down to minimization of damage and also to forecasting and prevention of such influences.

Content

Since 2000th years of cyberthreat became relevant for all, beginning from the largest state information systems to computers of ordinary citizens. The cyberthreat is an illegal penetration or threat of harmful penetration into virtual space for achievement political, social or others, is more whole.

Cyber wars between the countries

The largest cyber conflicts are developed between the states having the greatest computing and intellectual resources for conducting cyber wars. Information on agreements on electronic non-aggression and also on confrontation in virtual space between the countries, is selected in the separate article:

Russia is forced to undertake measures of control of other countries in the field of a cyberspace and thus it is involved in cyber wars. As the key opponent in this sphere the USA traditionally acts:

Cyber crime and losses of the organizations

Cyber crime became the world's largest direction in the criminal world. Chronicle of events in article:

Cyberswindlers annually cause huge economic damage to the separate organizations and the whole countries:

Banks are the largest purposes of cybercriminals. Information on losses of financial institutions is taken out in the separate article:

Often financial damage to the organizations is caused not by criminals, but own employees who steal, delete data or lose information media outside a circuit of the organization:

Industry specifics

Cars

Banks

Health care

Market of solutions and services in data protection

The coverage of Cybersecurity extends and there is Digital Security. Source: Gartner (August, 2016)
The coverage of Cybersecurity extends and there is Digital Security. Source: Gartner (August, 2016)

For prevention of the losses connected with cyber crime, the states and the companies buy the equipment, software and services for data protection.

Threats of information security

The analysis of potential cyberthreats for the organization is service which can be purchased in the market:

The actions posing threat for information systems can be separated into two main categories: internal (deliberate and unintentional actions of employees) and external (network cyber attacks, theft of information media).

Internal threats

Internal threats are connected first of all with date leaks:

Most often lead the following actions performed by authorized users (employees, insiders) to leaks:

  • purposeful theft, replacement on obviously false or destruction of data at the workstation or the server;
  • the damage of data by the user caused by reckless or negligent acts;
  • loss of information media behind perimeter of the organization.

External threats

The electronic methods of influence performed by hackers:

  • unauthorized penetration into computer networks;
  • DoS-and DDoS attacks;

Computer viruses

Spam

Natural threats: various external factors can affect information security of the company: the wrong storage, theft of computers and carriers, force majeur and other circumstances can become the reason of data loss.

The main problems of data protection in information systems


Ultimate goal of implementation of measures of security

Increase in consumer properties of the protected service, namely:

  • Convenience of using of service
  • Security when using service

  • In relation to the RBS systems it means safety of money
  • In relation to the systems of electronic interaction it means control over the rights to an object and safety of resources
  • Loss of any property of security means loss of trust to service of security


What undermines confidence to services of security?

At the household level

  • Information on plunders of money and property often stated hypertrophied
  • Intimidation of people unclear for them, so, uncontrollable threats (cyber attacks, hackers, viruses, etc.)
  • Low-quality work of the provided service, (failures, errors, inexact information, loss of information)
  • Insufficiently reliable authentication of the personality
  • The fraud facts which people face or were heard about them

At the legal level

  • Loss of authenticity of data
  • Loss of legitimacy of service of security on formal sign (the termination of validity period of the certificate, certificate on an object, licenses for a type of activity, the end of support)
  • Failures in work of SKD – SUD, confidentiality violation
  • The weak trust level to service of authentication
  • The failures and shortcomings of work of the systems of protection giving the chance to dispute legitimacy of the made transactions


Creation of any computer network begins with installation of workstations, therefore the subsystem of information security begins with protection of these objects.

Here are possible:

  • means of protecting of the operating system;
  • anti-virus packet;
  • additional devices of user authentication;
  • means of protecting of workstations from unauthorized access;
  • means of enciphering of the application layer.

Based on the listed information security tools the first level of subsystems of information security in automated systems is under construction. At the second stage of development of a system separate workstations integrate in local networks, install dedicated servers and will organize an exit from a local network in the Internet.

At this stage information security tools of the second level — the level of protection of a local network are used:

  • security aids of network operating systems;
  • means of access isolation to shared resources;
  • means of protecting of the domain of a local network;
  • servers of authentication of users;
  • internetwork screen proxy servers;
  • sensors of the attacks and vulnerabilities of protection of a local network.

At consolidation of local networks in the general intranet with use as the communication environment of public networks (including, the Internet) safety of information exchange is ensured by use of VPN technology which forms a basis of the third level of information security.

Read article "to cybersecurity: means of protecting"

Physical methods of information security support

Physical measures of protection are the any mechanical, electro-and electronic and mechanical devices and constructions which are specially intended for creation of physical obstacles in possible ways of penetration and access for potential violators to components of an information system and the protected information. Enter the list of physical methods of data protection:

  • organization of access control;
  • the organization of accounting, storage, use and destruction of documents and carriers with confidential information;
  • distribution of details of access isolation;
  • organization of the hidden control of activity of users and service staff of an information system;
  • the actions performed at design, development, repair and modifications hardware and the software.

When physical and technical methods are unavailable, administrative measures an obespechniya of information security are applied. Experience of functioning of the organizations with the complex organization of an information system showed that the best results in achievement of information security are achieved when using system approach.

Why in SMB risks in the field of cybersecurity are high

Many heads of small business underestimate importance of information security, believing that the small companies are not so interesting to hackers as large. This delusion. Small business is just very attractive to Internet swindlers. First of all what is not too anxious with information security.

Not at any small enterprise in the state there is an information technology specialist, but the illegal software, the "left" antivirus often meet. Data can be stored in public folders, keys from the system of the remote banking (RB) – in a box of a table of the head. Increases risk of leak of corporate information and use in operation of smartphones and tablets.

As shows the analysis of the arising incidents, malefactors, as a rule, do not hunt any specific company, "setting" viruses on all who will come to hand.

"And those who are protected less or are not protected absolutely become first "victims" of hackers who, getting into an information network of the company, abduct secret keys, data on transactions or clients", – Oleg Ilyukhin, the director of the department of information technologies of "SDM-bank" notes.

Safety rules

There are several obligatory rules of information security which it is just necessary to observe (2014).

Barrier from viruses and spam

Barrier for viruses and spam. The biggest security risk of the company, according to experts, is represented by the malware. For August, 2014 about 200 thousand its new samples daily appear. According to participants of the cybersecurity market, in 2013 95% of the Russian companies at least once underwent the hacker attack. Not less serious threat is leak as a result of the unprotected exchange of corporate information via mobile devices of employees.

Not to allow emergence of these threats, it is necessary to refuse the "left" software, to set a firewall and a modern antivirus, to regularly update it.

To use the computer for RBS only for RBS

The computer on which RBS is set needs to be switched-off from local networks. Go on-line from it, except as for communication with bank, it is impossible.

Not use social networks and open Wi-Fi from working computers

If in work or for information storage smartphones and tablet computers are used, it is not necessary to leave from them in social networks and to use public Wi-Fi[1].

To keep keys and passwords under the lock

Often heads of SMB give cards in hands to swindlers, keeping keys from RBS and the electronic signature in the available place.

"Moreover, some careless staff of the company does not take out an usb-flash card with a key from RBS from the computer at all. If the hacker will receive control over the computer, it will lead to theft of all secret keys and use of the RBS system by the swindler on behalf of the organization", – Oleg Ilyukhin, the director of the department of information technologies of "SDM-bank" warns.

These data need to be stored in the safe or other reliable place, access for strangers to them should be prohibited.

Corporate data should be stored on a remote server

It is the best of all to entrust commercial and personal data to cloud services. It is safer, than in the folder on a table or the computer, on the USB stick or a removable disk. Data in data centers are stored in encrypted form, and it is possible to reach them only using electronic keys and the digital signature.

Differentiate data access between employees

It is also important to prevent and internal threats – deliberate or accidental violations of information security policy by the staff of the company. These risks can be minimized, having set access to corporate information depending on the privilege level of employees. For example, the sales manager locates the information only about the clients, and the complete base and all sales history will be available only to the head of the sales department. The chief accountant should have access only to accounting records, and the management reporting will be available only to the CEO. Of course, in the small company it is difficult to achieve complete isolation of functions, but to try to differentiate information streams between employees after all it is necessary. All this will also reduce date leak probability.

See Also





Links