An integrated information protection system is an interconnected set of organizational and engineering measures, means and methods of information protection. In real life, reliable protection is a combination of all methods of protection. Reliable physical protection is necessary to ensure the safety of material assets – paper media and systems. Communication protection is responsible for the security of information transmission. Radiation protection is necessary if an attacker has powerful equipment to read electronic radiation from computer systems. Computer security is needed to control access to computer systems, and network security is needed to protect local networks. Together, all types of protection provide information security (INFOSEC).
Network security – measures that protect the information network from unauthorized access, accidental or intentional interference with the network or attempts to destroy its components.
Information network security includes the protection of hardware, software, data and personnel. Network security consists of the provisions and policies adopted by the network administrator to prevent and control unauthorized access, misuse, alteration or denial of computer network and network of available resources. Network security includes permission to access data on the network, which is granted by the network administrator. Users choose or are assigned an ID and password or other authentication of information, which allows them to access information and programs within their authority.
During the operation of computer systems, a variety of problems often arise. Some – as a result of user errors, others – as a result of criminal actions. In each case, the damage is caused. Such events are called attacks, regardless of the reasons for their occurrence.
There are four main categories of attacks:
- access attacks;
- modification attacks;
- denial of service attacks;
- denial of service attacks.
An access attack is an attempt to obtain information that the attacker does not have permission to view. Such an attack is possible wherever there is information and means for its transmission. An access attack is aimed at violating the confidentiality of data.
Snooping is the viewing of files or documents to find information of interest to the attacker. This can be either viewing documents in case of improper storage or viewing electronic versions of data stored in a computer system.
When someone listens to a conversation to which he is not a party, it is called eavesdropping. The introduction of wireless networks has increased the likelihood of successful eavesdropping. The attacker does not need to be inside the system or physically connect the listening device to the network. Instead, during a communication session, it is enough to place certain hardware within the wireless network’s coverage. The attacker does not need to be inside the system or physically connect the listening device to the network. Instead, during a communication session, it is enough to place certain hardware within the wireless network’s coverage.
Unlike eavesdropping, interception is an active attack. The attacker captures information in the process of its transmission to the destination. After analyzing the information, he makes a decision to allow or prohibit its further passage.
To improve the cyber security of your business, you should use a business protection toolkit for example https://www.digitaluppercut.com/services/business-protection-toolkit/ from Digital Uppercut.