Why Security?
Cyberspace (internet, work environment, intranet) is becoming a dangerous place for all organizations and individuals to protect their sensitive data or reputation. This is because of the numerous people and machines accessing it. It is important to mention that the recent studies have shown a big danger is coming from internal threats or from disappointed employees like the Edward Snowden case, another internal threat is that information material can be easy accessible over the intranet.
One important indicator is the IT skills of a person that wants to hack or to breach your security has decreased but the success rate of it has increased, this is because of three main factors −
Hacking tools that can be found very easily by everyone just by googling and they are endless.
Technology with the end-users has increased rapidly within these years, like internet bandwidth and computer processing speeds.
Access to hacking information manuals.
All this can make even a school boy with the curiosity, a potential hacker for your organization.
Since locking down all networks is not an available option, the only response the security managers can give is to harden their networks, applications and operating systems to a reasonable level of safety, and conducting a business disaster recovery plan.
The following graph gives us a basic idea.
Correlation Graph
What to Secure?
Let’s see this case, you are an IT administrator in a small company having two small servers staying in a corner and you are very good at your job. You are doing updates regularly, setting up firewalls, antiviruses, etc. One day, you see that the organization employees are not accessing the systems anymore. When you go and check, you see the cleaning lady doing her job and by mistake, she had removed the power cable and unplugged the server.
What I mean by this case is that even physical security is important in computer security, as most of us think it is the last thing to take care of.
To make Secure
Now let’s go directly to the point of what all to secure in a computer environment −
First of all, is to check the physical security by setting control systems like motion alarms, door accessing systems, humidity sensors, temperature sensors. All these components decrease the possibility of a computer to be stolen or damaged by humans and environment itself.
People having access to computer systems should have their own user id with password protection.
Monitors should be screen saver protected to hide the information from being displayed when the user is away or inactive.
Secure your network especially wireless, passwords should be used.
Internet equipment as routers to be protected with password.
Data that you use to store information which can be financial, or non-financial by encryption.
Information should be protected in all types of its representation in transmission by encrypting it.
0 comments:
Post a Comment