An information security system is a set of organizational and technical measures aimed at ensuring information security

An information security system is a set of organizational and technical measures created to ensure the information security of a company. The main object of protection is data processed by an automated control system and involved in the implementation of business processes.

Types and methods of information protection

State information protection is described in regulation P 50922-2006, according to which information protection activities can be:

• Legal. There is regulation of information protection by creating legal norms and documents, as well as supervision of their implementation.
• Technical. Using specialized software.
• Cryptographic. By converting information.
• Physical. Organizational measures that prevent access to confidential data.

Information Security Steps

Due to the difficulties with the different structures of companies requiring information protection, the creation of a concept and the provision of security services is carried out taking into account the specifics and characteristics of the organization, taking into account that the information protection system is a whole set of different measures.

At the same time, an integrated approach implies step-by-step methodological development, which will provide competent and professional protection. There are several basic principles that are also used in information protection systems of the Russian Federation, according to which the work is performed:

• Performing analysis and evaluating security status. Planning follow-up activities.
• Creating software, writing documentation, modeling a security management system.
• Creating a security policy, technical equipment of the company, creating a holistic structure of the security service, instructing office workers.
• Monitoring, updating programs, solving tasks, analyzing the effectiveness and evaluating the performance of the security system.

The described approach is thoughtful and professional, since it guarantees the suppression of attempts to hack data, provides continuous and uninterrupted work on the exchange of information by minimizing the risks of malicious code penetration.

Control and management

Many enterprises resort to the help of third-party companies that provide information security and offer their professional services. This is due to the need to manage and control the system, check and audit work, provide reports on violations, solve emerging problems, which, as a result, requires continuous and constant work.

Information about the work performed is provided to the company in accordance with the requirements established in this organization. Moreover, all the work of such companies is regulated by the Federal Law on the Protection of Information.

Major Security Threats

The basic threats to the information security of each company are: data theft, unverified software, hacker attacks, spam, employee errors. Occasionally, data loss may be associated with a malfunction in the functioning of hardware and software or theft of equipment, such moments are regulated by Art. 149 Federal Law. As a result, the company may suffer major losses.

The procedure for creating a system for protecting information can be divided into three steps:

• creation of enterprise policy in the field of information security.
• Search and implementation of technical and software protection tools.
• creation and implementation of organizational activities.

In this case, it is necessary to take into account government documents and standards governing information security issues at enterprises.

The basis for creating an information security system in any company is a document regulating the principles and provisions of the enterprise in this area. It covers the following issues:

• Creation of legal support for information security. In fact, a system of regulatory documents relevant to the operation of the enterprise is being developed. Using it, the rules for ensuring information security in the company and the definition of responsibility for their violation are established. Legal support includes state laws and acts, internal documents of the enterprise.
• Identification of potential threats to information security. The list of these dangers is quite large, and the company should independently identify and rank them in order to further identify the most vulnerable places and inform employees if necessary.
• Establish a list of protected data. The information used in the company may be open and closed. Among the first are data that do not have state or commercial value and are not confidential. The loss from the loss of such information is small, and protection is not a priority. The second type is various data representing state secrets, commercial information or personal information about employees. Protecting this information is paramount. For each such type of information, the place of processing, occurrence, units having access to them is taken into account.

The basic principles of information security have not changed since the term itself. They say the following:

• It is impossible to create an absolutely reliable and insurmountable defense. At best, the system will be resistant to potential threats. Because of this, in the planning process it should be borne in mind who and what information may be of interest, how valuable it is and what losses can be incurred if it is lost.
• The state system of information protection should include a set of means of protection, which consists of technical, administrative and legal elements.
• Such a protection system should easily adapt to changing conditions. The main role in this is played by administrative measures such as changing passwords, analyzing event logs, correctly distributing user privileges, and more. The person responsible for this must be a competent employee and a person dedicated to the company.

Areas of protection, means and systems of information protection, the most popular among users and technical masters:

• Protection against unauthorized access to offline resources and network PCs. The function is implemented by software and hardware.
• Protecting servers and individual users from intruders. Firewalls are used for this.
• Protection of personal and secret information from unauthorized reading and the possibility of correcting it by using cryptographic tools. This also includes digital signature verification of messages. The use of cryptosystems with public keys has prospects in banking and electronic commerce.
• Protecting programs from illegal copying by using electronic keys.
• Protection against information leakage through various channels.
• Protection against spyware devices that can be installed on the PC itself.

Software and hardware for computer protection

An automated system of protection against unauthorized access to computer resources is a complex problem, including the technical solution of the following issues:

• Authentication and user identification at login.
• Monitoring the integrity of the protection system, programs and information.
• Restricting user access to certain resources.
• Prohibition of loading the operating system from third-party media.
• Fixing user actions and programs.

Fingerprint Information Security Devices

The most popular systems in the field of user identification are security devices that use biometric data. As a rule, a fingerprint scanner is built into the device, which can scan the user's finger for consistency already entered into the database. There are also tools and information protection systems that scan the retina and face. The quality of the latter on PCs and smartphones is doubtful, because there were cases when the scanner gave access to a person with similar facial features, which is especially true for twins. However, the collection of such information should be strictly regulated and controlled by the Federal Law on the Protection of Information.

Electronic Key Information Security Tools

Initially, this technology had a very low efficiency indicator, because competent programmers could “split” the key very easily. At the debugging level, the pirates examined the protocol for exchanging the program and found key images on the basis of which emulators were created to help bypass the protection. Developers continue to complicate this method of protection in every possible way, taking into account the fact that the information protection system is a certain set of rules and tools. Traps are also thought up for those trying to circumvent protection in this way. However, crackers also learn and develop, so this tool will sooner or later be circumvented with an emulator or crack.

Information Security System Structure

In practice, the operation of information protection systems of a certain set is mainly carried out.

The main objective is to create an approach to the presentation of an information security system that includes an unambiguous classification of the document flow, a list of threats within each such flow, and determination of protection mechanisms against these typical dangers.

The approach to the consideration of information security can be carried out in two directions, given the definition that the information security system is an established system of measures:

• Structural and technical element of the system, with engineering, hardware and software.
• The structure of the regulatory element of protection that governs the work of the previous element and personnel.

After determining the structure of a complex system, the main stage remains the formulation of goals and performance criteria to create a system for protecting confidential information.

The final goal of protection becomes a predefined result of protection. A threat to information security is a combination of conditions and factors causing an organization’s security breach, which can cause negative consequences for it. In this case, the goal of the information protection system is to avoid possible damage.

It follows that the structure of the protection system should be formed on the basis of a list of possible threats to the system. It includes the following sections:

• A list of possible threats to the information.
• Threats to the media.
• Dangers to the elements of IP.
• Threats to the protection system.
• Dangers that may affect protection management

With further structuring of the protective system, two groups of protection mechanisms can be considered:

• for information, media and systems against privacy threats
• mechanisms for the same elements, with protection against integrity threats.

In the future, protection mechanisms can be divided into the following types:

• Obstruction of unauthorized access to certain information or system elements. Includes access restriction, authentication, and encryption.
• Obstruction of uncontrolled exit of information beyond the boundaries of an authorized object. Includes integrity monitoring and recovery methods.
• Control the flow of protected information.

Ways to access information

To combat unauthorized access to data and its interception, a clear knowledge of possible options for information loss is required. The integrated circuits, on the basis of which computers operate, create high-frequency changes in voltage and current. The vibrations pass through the wires and can not only be transformed into an understandable form, but also be intercepted by special devices. So, a device can be installed in the computer that intercepts information that is displayed on a user monitor or entered from the keyboard. The possibility of interception exists when transmitting data via an external communication channel, by the type of telephone line. Obstacle to these methods of hacking is the main task of the information protection system.

Security methods

In practice, several protection methods are used, including:

• Creating a system of measures to protect information and obstacles to the alleged kidnapper, physical or software means.
• Influencing or managing system elements.
• Creating a set of rules and regulations for users to create an idea of ​​the proper behavior when working with company databases.
• Creating conditions in which the user will be forced to comply with the rules for working with information.
• Encouraging users to comply with established rules.

To implement these types of security information protection systems, technical and organizational means are required.

Organizational Tools

Creating a complex of this type of information protection is the responsibility of the security service. Often it is required from her:

• Develop internal documentation that will establish the rules for working with equipment and commercial information.
• Provide briefing and verification of personnel, initiate the signing of additional agreements annexed to the employment contract, which will record information on liability for disclosure and misuse of data obtained during work.
• Define areas of responsibility that exclude a situation in which an array of important data was at the disposal of one of the employees. The organization of work in workflow programs and monitoring so that important files do not go beyond the network drives are carried out.
• Implementation of software tools responsible for protecting data from copying or destruction by any user.
• Drawing up a plan to restore the system in case of failure, regardless of the cause.

Technical means of information security

Technical security features include software and hardware. Their main ones are as follows:

• Backup and remote storage of the most important arrays in a computer system.
• Duplication and backup of network subsystems important for data storage
• Creating opportunities for the redistribution of network resources in case of disruption of the individual elements.
• Creating the possibility of using a backup power supply system.
• Creating protection in case of fire or water.
• Installing software responsible for protecting databases and other information from unauthorized access.

Technical measures include ensuring the physical inaccessibility of facilities, for example, equipping premises with cameras and alarms.

Authentication and identification

To exclude unauthorized access to information, user identification and authentication are used. These funds are aimed at determining the user and his authority. So, after going through the procedures, the system will determine the data available for this user and prohibit reading other documents. Authentication can occur using a program, machine, or person. The easiest way to protect is a password.

Typical Security System

In general, such a corporate information protection system includes:

• Manage antivirus software through the server.
• Antiviruses installed on workstations and servers.
• An automated workstation responsible for protecting the system from malicious administrator code.

The main components of the information protection system used in antivirus software include:

• Means of protecting the mail system from viruses that check incoming and outgoing messages for the presence of malicious code during dynamic monitoring performed during their work on mail servers. As a result, the user always receives messages that have been scanned through the latest versions of anti-virus databases, regardless of the time the message arrived on the server.
• , , . .
• -, , .

:

• , , .
• , .
• .
• .
• .
• , .
• .
• .
• .
• .
• .
• .
• .

. . 149 . . , .