Technology

Network and Security: Secure Information Management

Network and Security
Spread the love

Information security is understood as the set of preventive and reactive measures that allow us to safeguard and protect our information. In other words, they are all the actions and measures that are taken and affect the treatment of the data that is used in the company.

To understand it better, we must consider the 4 pillars by which information security is governed:

  • Availability
  • confidentiality
  • Integrity
  • Authentication

The main objective of any company in the field of information security should be to develop the capacity for “cyber-resilience”. This capacity will allow us to develop the capacity to resist, protect and defend our organization from the possible cyber threats that plague the Internet.

Generally, companies are not prepared to resist very sophisticated attacks, mainly due to:

  • Lack of technical measures to mitigate.
  • Little preparation of the systems
  • Lack of staff training and lack of resources to deal with threats.
  • Lack of security assessments.
  • Etc.

Organizations must be able to respond quickly to any type of attack, resulting in their main services not being affected, and strengthening their capabilities to identify, detect, prevent, contain, recover, and continuously improve cybersecurity.

To go into detail about each of the aspects on which we can base ourselves to protect our organization, we must first identify what type of environment we work on:

On-Premises:

On-Premise is the traditional infrastructure model, where we store our information in the company’s datacenter (servers) , either in a physical location in the offices or in rented racks in Housing locations.

See also  The Ultimate Auto Vote App: Enhance Your Campaign

Protecting the On-Premises Infrastructure has different aspects to consider.

In the first place, the network, the network infrastructure is what allows us to connect to the Internet and on which they connect to the organization’s systems that provide external services. (For example, an application exposed to the Internet)

To protect ourselves from attacks on an On-Premises infrastructure, we have different measures that we can take:

  • Establish physical protection measures on our data centers.
  • Installing a Next Generation Firewall (NGFW)
  • Protection of systems exposed to the Internet through a WAF or Web Application Firewall
  • Installation of Endpoints for monitoring exposed systems.
  • Limit system exposure to what is exclusively necessary.
  • Etc.

On-Cloud

The On-Cloud Infrastructure is characterized by having all its services in the cloud through an external provider. That is, the information is hosted in external data centers owned by the provider. However, in this typology there is shared responsibility in most cases. 

The provider’s datacenters must be physically safeguarded from physical threats, but it would be our responsibility to safeguard the information at a logical level by applying the measures that we deem appropriate in the logical field.

To protect ourselves in this area, we must consider the following protection measures with the measures that we have available from both the provider and external if it is plausible.

  • Design a secure network architecture, where the protection of critical resources is prioritized.
  • Establish network security measures such as the installation of virtual firewalls that protect resources.
  • Establish a strict backup and system backup policy so that we can have a backup point if necessary.
  • Etc.
See also  Govt mulling over plans to introduce one common charging cable for all devices

Mixed or Hybrid Architecture

In the mixed or hybrid architecture we have the recommendations of the two previous options. This model is the most common in medium-sized companies, where we have information on the provider’s side and in our physical infrastructure.

At this point we must have refined the responsibilities of all the parties that influence the management/administration of the infrastructure.

To safeguard our information in this model we must:

  • Establish physical protection measures on our data centers.
  • Install a Firewall that protects our On-Premises infrastructure and exposed systems and exposed systems on the provider’s side.
  • Design a network architecture that does not have infrastructure bottlenecks.
  • Etc.

Telecommuting

With the massive entry of teleworking around the world, the information security paradigm has changed drastically, it is no longer enough to protect our company, we must consider the security of all users with access to information from different perspectives:

  1. Infected user. A user who has been a victim of malware (early launch anti malware) or phishing and has given rise to an infection on his work computer so that we must prevent it from spreading to the network.
  2. Malicious User. A user who has bad intentions against the company, and who wants to extract information or damage the company’s image regardless of the reasons that lead him to do so.

Another of the approaches that we must consider is the use of our own equipment through which sensitive company information is accessed.

Among others, we must consider the following actions to protect information in a teleworking environment.

  • Delimit access to what is strictly necessary according to the functions that the employee must perform.
  • Keep equipment up to date.
  • Install Endpoint-type protection software that protects the employee’s computer in real time.
  • Encrypt information stored on the employee’s computer.
See also  Shane Braddick Discusses Printed Circuit Boards (PCBs) and How They Work

Spread the love
Adil Husnain

Posted by

Adil Husnain is a well-known name in the blogging and SEO industry. He is known for his extensive knowledge and expertise in the field, and has helped numerous businesses and individuals to improve their online visibility and traffic.