INFORMATION SECURITY

Information Security



Pillars of Information Security

Background

Solving the complex and volatile task of information security, this is easy to get bogged down in details and lose sight of the real problems. Therefore, from time to time it helps to look at any current problem from the standpoint of the three pillars of information security: confidentiality, integrity and availability. Each requirement in a situation ultimately comes down to one of these foundations, and any danger that faced a threat to one of them. This verification framework allows not deviating from the target and not missing the crucial details. Every detail is important because the reliability of protection is determined by its weakest link. This article examines the role of confidentiality, integrity and fault tolerance in a typical Windows-based network of small and medium enterprises (Allen & Julia, 2001).

Protection

Today, every now and again we hear about the confidentiality of data a user or customer. The problem of protecting personal data cannot be ignored but is not limited to the privacy. The requirement of confidentiality is to prevent unauthorized person to read the information without the permission of its owner. Now, in a period of rapid growth in the number of "zombie" systems, robots and worms, it is important to remember that confidential information must be protected not only from intruders but also on their "agents" that can be harmful program, the vulnerable computer or other network component.

Privacy issues arise in networks of small and medium-sized businesses everywhere. The files on the file servers and workstations are the ultimate resource that needs protection. Before you think about security at the level of Windows, you should take care of physical protection. Anyone with physical access to a computer can get to the files stored in the system (Krutz & Ronald, 2003).

Protect servers are not too difficult. They can simply be locked up in a room accessible only insufficient support staff. The question is how to guarantee the physical security of workstations, especially laptops? The only way to protect sensitive data on the desktop is resorting to encryption. Online, there are many encryption programs, including file and storage levels. For file programs (eg, WinZip Company WinZip Computing) requires regular user intervention, and for the disk tool, (such as Encryption plus Hard Disk Company PC Guardian Technologies) user intervention is necessary only at boot time (Layton & Timothy, 2007).

A new way to encrypt files associated with the ...