Not so much time has passed since the meaning of the word «computer» was familiar only to employees of certain research laboratories and information security was a concern of special services. But those days are gone. Information technologies have drastically changed our lives. Using a computer, we have a rest, make friends, work, and do shopping.
Very often the cost of convenience to do a lot of things, without getting up from a favorite chair, is a number of our secrets, which are available to anyone who wants to know them. Our credit card numbers, place of residence, friends and beloved ones, jobs, hobbies – all this information is available on the web. Definitely, you can simply not enter a part of the information, and thus protect it from prying eyes. But without another part which includes email addresses, card numbers, passwords we cannot even log in to many sites. Moreover, you will not be able to buy or sell things.
The companies that are operating online get into an even more complicated situation: they have to keep the lists of employees and partners, and other official documents on servers that can be easily hacked. If such information is not there, the company is unable to operate properly.
That is why information security has become a more important question now than ever before. Moreover, the experts on data protection are the most important employees of any modern company, along with accountants, web developers, and commercial directors.
The famous idiom ‘forewarned – is forearmed’ is relevant to the field of data protection. As the threat of data loss can affect anyone, it would be beneficial to get familiar with risks and how they can be minimized.
Information security threats
In short, the information security threats are divided into four main groups:
- Violation of the integrity – information corruption. The simplest example: the virus that penetrated the computer deletes or alters important system files, which violates or completely stops the work of the operating system.
- Violation of authenticity – some experts often combine this group with the previous one, and some of them consider it as a separate species of threat (and rightly so). When a user enters the desired site but gets on a phishing one, there is a clear violation of the information authenticity.
- Violation of accessibility – this option generally relates to failure and damage of the equipment aimed at information exchange. Not so long ago all network public was concerned about temporal Skype disconnection. Although it did not last for a long, it caused a lot of unrest.
- Breach of confidentiality – this is a case when data becomes available for those for who shouldn’t see it at all. Publication of stars’ personal photos is a good example.
How information security can be compromised
There are three main sources through which information security can be violated:
- Targeted attacks from the outside – the machinations of the notorious hackers.
- Equipment failure (in some cases, also as a result of external attacks, for example, DDoS-attack).
- The human factor – the negligence or deliberate damage caused by the staff itself.
Based on the sources of threat, information security system is built in order to work with such groups of risk.
How to provide the reliable information security
While the maintenance of equipment and work with the staff of the company is a concern of security departments and technicians, special programs and services are responsible for the avoidance of external intrusions into the system.
Many companies have used for a long time such a solution as a two-factor authentication. Its most famous variation is the sending of a text messages by a system with one-time passwords. However, the latest developments also make possible to use tokens as a password generator, which is a more convenient and secure way. The system of data protection with two-factor authentication can include many additional features such as smart identification, data signing (CWYS) and others. Such a ‘rich’ 2 factor authentication solution is provided by Protectimus company.
Every day the reports about the hacking of this or that company are announced. For example, this year such cryptocurrency exchanges as Bter, Excoin, and Cryptoine were hacked. As a result of the break-ins, some of them were forced to announce the closure, while others suffered heavy losses. The trouble concerns not only the cryptocurrency sphere. According to the New York Times, there are constant attacks on the traditional financial sector, many of which are successful. According to various sources, from $300 million to $1 billion have been stolen from different accounts since 2013.
Such incidents constitute a serious damage to both reputation and revenue of any company. That is why information security is an aspect you shouldn’t save on