The goal of information system protection is complete control of all data entering and leaving computer networks, it is necessary to define all objects in that system that need to be protected. Today, information systems consist of many different components, so defining all the objects in them is a very complex job. However, there are basic guidelines to follow when defining an IT system protection plan. This aspect of information system security is very important, and it is usually neglected, so we will pay a little more attention to it. We have already talked about the protection of some basic components of the information system - servers, workstations, network devices, and network infrastructures. Let's look at the other essential components.
Protect wireless network devices
Although we have already mentioned network devices and network infrastructure, we need to single out wireless network devices as they will be more susceptible to security attacks compared to wired network devices. The reason for their great vulnerability is simple - to communicate using an electromagnetic spectrum that can be accessed by anyone, without the possibility of physical isolation, which, for example, has a network infrastructure that uses copper or optical cables. Another important feature of wireless network devices, ie wireless networks in general, is the huge growth in popularity of these types of devices, ie this type of network connections. In urban areas, almost every resident owns at least one wireless network device. As far as rural areas are concerned, wireless networks are a great alternative in case cable is difficult or impossible to implement. Finally, in addition to electromagnetic or radio spectrum, laser and infrared technology can be used for wireless communication. It could be said that wireless networks "use the air to communicate", which is not true, but it reflects very well the problem that these networks have. Namely, just as air is available to everyone, so is the communication that is performed by wireless networks available to everyone. Both to those who use that communication for legitimate purposes and to those who have bad intentions. The only protection against eavesdropping on wireless network traffic is the use of encryption, which makes network traffic unreadable to anyone but legitimate participants in communication. In case the security of network traffic is recommended, the use of proprietary standards whose documentation is not publicly available is recommended. Finally, it is possible to completely ban wireless communication and use only wired communication channels that are much easier to control.
To all, this should be added the use of telecom operators as intermediaries to establish a connection, whether it is voice communication or data transmission. This way of communication is somewhat safer because it is always known exactly who is participating in the communication, but it still represents a potential security problem. As always when there is a third party in the system, you can never be sure if someone on the side of the telecom operator is eavesdropping on your communication, so you should pay attention to that aspect of security as well.
Mobile device protection
Like the protection of wireless network devices, the protection of mobile devices is increasingly needed due to the large increase in their popularity. Traditionally, laptops have been the main representatives of this category of devices, but smartphones and tablets have practically taken the lead when it comes to the mobile type of device. Physical protection of mobile devices is currently a major problem for IT professionals as there is not yet an ideal solution for remote management of them. Part of the problem is a large number of different manufacturers of these devices, and the other part is the very high speed with which the technical characteristics of these devices are improved, so it is very difficult for security professionals to develop appropriate procedures, specifications, and standards.
Since confidential data is often found on mobile devices, protection against theft is one of the main problems of their physical protection. The only practical solution is remote control of devices and deletion of data in case of reporting theft. As we have already said, a unique and comprehensive solution to these problems does not currently exist, although large global companies such as Microsoft, Apple, Google, Samsung, Blackberry, and others are actively working on it. The concept is known as BYOD (Bring Your Own Device) should definitely be mentioned here, which means the use of employees' private devices for business purposes, which further complicates the problem of business data protection. For now, it is recommended to use encryption for all data on devices, the use of strong codes, and other biometric data for user authentication and authorization (fingerprints, etc.). There are also specialized services that track the physical location of the device and that can help with the loss of the device.
Protection of paper documentation
Network security experts and system administrators typically concentrate on data protection in electronic form, but one should be aware of the simple fact that malicious users can gain important data by printing confidential digital information or finding already printed material. There is little benefit from implementing security rules on code complexity and detailed access control if employees can easily print confidential data and leave it on their desks. Or, worse, throw those papers in a nearby trash can, which is accessible to everyone. There is even a special term for "diving in containers", which means accessing confidential information in this way. All of this may sound ridiculous, but it is, in fact, one of the most common ways in which malicious users access confidential information. If confidential information already has to be printed, which should be avoided in as many cases as possible, care should be taken about its location. We should not forget to destroy such documentation either, because today it is no longer enough to use a paper cutter, but it is recommended to mix the cut paper with water to prevent its reassembly.
Protection of removable media for data transmission
Another way to circumvent complex and well-tested IT security plans are to record data on removable media. Once floppy disks, CDs and DVDs, and today portable hard drives and flash drives pose a serious security threat, both for deliberately leaking confidential information and for possibly stealing those media. Here, too, encryption and the use of complex data access codes prove to be the best solution. Attention should also be paid to the fact that simply deleting data and even formatting these media is not enough. There is specialized software, and for more serious purposes, specialized hardware devices that can restore the entered data even after several deletions. Therefore, it is recommended to use specially designed software that overwrites deleted data dozens of times with random data. Finally, security practice dictates that even in the case of worn-out devices, hard disks, and other storage devices be taken into account, as they too can be used to gain access to confidential data. As you can conclude from what has been written in this and the previous text, the physical protection of information systems is a very complex process that requires a lot of planning and field testing. Given the multidisciplinarity that IT system protection requires, the creation of a good security plan must be left to a professional and experienced security team.
If you have been a victim of cybercrime, our team is ready to help you.
Swiss Security Solutions GmbH
Schaffhauserstrasse 550. Postfach
CH-8050 Zürich, Schweiz
T. + 41 44 586 60 33
Comments