To keep a system secure it will need cyber security and physical security as well. But what does physical security include into it?
Physical Security
Imagine that you have perfect cyber and network security, but you don’t have anything that save it physically. To keep our organisation in safe we can use such things like scanners of fingers/eyes/face or voice recognition. ID cards similar to our college is a good idea as well or sign in and out systems. And in addition to all this we can add some guardians.
So our physical security will be pretty good. Why pretty good and not perfect? Because there is no system that can’t be hacked. All that I mentioned can be used against us, that is why we need guardians, but even guardians can disappoint us because we can employ a person that will help hackers to come in by mistake.
So the best what we can do is to include just one of these ” fingers/eyes/face or voice recognition ” because if we include all of them in our organisation hackers will have more options to come in, that is why we need to add no more than guardians + 2 options, for example fingerprint and sign in/out systems. Or if we want to include more types of security, we need to include it in different places. For example to go to a important room we use fingerprint, to to other room we use voice recognition, but we must not have all of these to enter only one room.
Software and Network Security
We can use different encryption techniques, like RSA and his partner AES, it is one of the safest techniques of encryption.
The RSA or Rivest-Shamir-Adleman encryption algorithm is one of the most powerful forms of encryption in the world. It supports incredibly key lengths, and it is typical to see 2048- and 4096- bit keys.
RSA is an asymmetric encryption algorithm. This means that there are two separate encryption keys. One encrypts information and is public for everyone to see. The other can decrypt that data and is private.
- Encryption is the process of encoding a message or information in such way that only authorised users can access the files. There are 2 types of encryption, Symmetric and Asymmetric. Asymmetric Encryption uses a pair of keys like public and private keys, to get better security, like when you send a encrypted message by public key and the receiver decrypts it with private key.
In software and network security we can use public and private keys. What is the difference between them? Public Keys refer to Asymmetric Encryption, it can be used to send secure messages to someone. It is used only to encrypt messages. Private Keys already refer to both types of encryption, Symmetric and Asymmetric. It is also know under as secret key. It can be used to decrypt a encrypted messages that you have got.
Diskless Network are some workstations that doesn’t have individual hard-drives and relies on a network, every file is stored on network and is shared between them.
What about backups? They are used to take a copy of computer data and to store it in one place. It is a good tool against data loss, because if we store all from our computer on a backup, we like give the second life to our computer in case of data loss, we can just change the backup from computer with the one with all data on it.
What is an Audit Log and how can we use it?
Audit Log is a document that have the function to record an event from a system, it shows what files were accessed.
Handshaking, is the exchange of information between 2 modems and the resulting agreement about which protocol to use that precedes each telephone connection, you can hear handshaking when you make a dial-out call from your computer.
Firewall is the network security system designed to prevent unauthorized access to or from a private network. All messages pass through the firewall, it examines each message and blocks those that don’t meet the specified security criteria.
Virtual Private Network – is a network that is constructed using public wires, to connect remote users or regional offices to a company’s private, internal network. VPN allows you to create a secure connection to another network over the internet. It can be used to access region-restricted websites, shield your browsing activity from prying eyes on public Wi-Fi.
Virus checking software, or AntiVirus software is a basic thing that should have everyone on their computer to keep it in safety. It was developed to detect and remove viruses from computers or even to not let the viruses come in. Nowadays are a lot of antiviruses, i think you will find one that you will like.
Passwords and levels of access to data. There are more levels of access to data, but the common are public and private. Public level is like a book but only for those who is in library, so it is for all from a company. And private level is like you buy a book, and just you can read it because it is yours, so everyone from the company has his account or something like this, and he has passwords for all that is connected to this.
Software Updating, is a very important thing because if we will not update apps as soon as possible after the new update, it can make some troubles. After the update our app will work faster because with every update the app becomes faster, more optimised and security level is higher.
An Intrusion Detection System is a system that monitors network traffic for suspicious activity and issues alerts when such activity is discovered. It is a software application that scans a network or a system for harmful activity or policy breaching.
Disaster recovery is an area of security planning that aims to protect an organisation from the effects of significant negative events. It allows an organisation to maintain or quickly resume mission-critical functions following a disaster.
So, after all that i mentioned, now we have some ideas how to avoid a disaster for our company. I already said what can we do with physical security and how can we use it. And we have ti do the same with the software and network security.
First of all we need a antivirus, i would recomend you ESET, Total AV, Avast, AVG, Kaspersky or MalwareBytes, i think these are the best variants that you could use. Also we will need to use FireWall and VPN, it will guarantee us secure navigation through internet. Of course we will need to do a copy of all our data and files with some help of the Backup. We will set a high level of security to access data as well, and our apps always will have the latest updates. And we will use an Intrusion Detection System, to see all the suspect things that are happening. You can use the rest of mentioned at the top as well, but it all depends of your organisation and what do you want to do.
But in case if a disaster happens, we need a plan B. Whole system replacement. This needs to be avoided at all cost. If this occurs it means you have either not planned or have experienced a disaster of unforeseen proportions. Many businesses will have a contract named “dark site” who, when the system fails, will be hired to duplicate the businesses system.
ICT BLOG 