IT SECURITY


Spread the love
15 / 100

The term information security refers to that branch of information technology that deals with the analysis of vulnerabilities, risks, threats or attacks and therefore with the protection of the physical (hardware) and logical-functional (software) integrity of an information system and the data contained therein or exchanged in a communication with a user. This protection is obtained through technical-organisational and functional measures aimed at ensuring:

  • the correctness of the data (integrity);
  • data confidentiality (encryption);
  • physical and/or logical access only to authorized users (authentication);
  • the use of all and only the services provided for that user in the times and in the manner provided by the system (availability);
  • system protection from malicious software attacks to ensure the previous requirements.

Generality

Computer security is a deeply felt problem in the technical-IT field due to the growing computerization of society and services (public and private) in terms of computer equipment and systems and the parallel diffusion and specialization of attackers or hackers.

The interest in the security of computer systems has therefore grown in recent years, in proportion to their diffusion and their role in the community. Many ex-hackers/crackers are now executives of computer security companies or responsible for this in large multinationals. This seems to show that in order to understand the best IT security strategies, it is necessary to enter the attacker’s mentality in order to predict and hinder his moves.

The achievement of availability depends on various factors that interfere between the user and the system, such as: robustness of the basic and application software, reliability of the equipment and the environments in which they are located.

The computer system must be able to prevent the direct or indirect alteration of the information, both by unauthorized users and due to accidental events; it must also prevent unauthorized access to data.

“In general, it is not good practice to assume that the countermeasures implemented in a system are sufficient to prevent any attack.”

Protection from cyber attacks is obtained by acting on several levels: first of all on a physical and material level, by placing the servers in the safest possible places, equipped with surveillance and/or access control; even if this precaution is part of normal security and not of “IT security”, it is always the case to point out how often the fact of adopting the most sophisticated techniques generates a false sense of security which can lead to neglecting the simple ones.

The second level is normally the logical one which provides for the authentication and authorization of an entity representing the user in the system. After the authentication process, the operations carried out by the user are traced in log files. This process of monitoring activities is called audit or accountability.

To avoid accidental events, however, there are no general solutions, but a first remedy is to regularly make a backup copy of the system, including data and applications, as is typical of disaster recovery procedures, in order to be able to deal with unforeseen damage .

Risk Analysis

The so-called risk analysis, i.e. the assessment of possible threats in terms of probability of occurrence and related potential damage, typically precedes the phase of putting the IT system into operation, thus making it possible to estimate the related risk: on the basis of this value it is decided if, how and which security countermeasures to adopt.

Often the attacker’s goal is not represented by the computer systems themselves, but rather by the data they contain, so computer security must take care to prevent access not only to unauthorized users, but also to subjects with limited authorization to certain operations, to prevent data belonging to the computer system from being copied, modified or deleted.

The violations can be many: there can be unauthorized attempts to access restricted areas, theft of digital identity or confidential files, use of resources that the user should not be able to use, etc. Cyber ​​security also takes care of preventing any Denial of service (DoS) situations. DoS are attacks launched on the system with the aim of making some resources unusable in order to harm the users of the system.

Security measures

Based on the previous observations, when we talk about “IT security” we often distinguish the concepts of passive security and active security. Enable: Foractive securityon the other hand, we mean all those techniques and tools by which information and data of a confidential nature are made intrinsically secure, protecting them both from the possibility that an unauthorized user can access them (confidentiality), and from the possibility that a user unauthorized person can modify them (integrity). Both hardware and software tools fall into this category. It is clear that passive and active security are complementary to each other and both are essential to achieve the desired level of security of a system. The possible attack techniques they are multiple, therefore it is necessary to use different defensive techniques at the same time to protect a computer system, creating more barriers between the attacker and the target.

Passive: Passive security normally means defensive techniques and tools, i.e. the set of technical-practical solutions whose objective is to prevent unauthorized users from accessing resources, systems, plants, information and data of a reserved. The concept of passive safety is therefore very general: for example, for physical access to protected rooms, the use of armored access doors, together with the use of personal identification systems, are to be considered passive safety components.

you are looking for a company to manage your computer equipment and protect you from cybersecurity, consider secuserv