Data protection

Data protection today came in first place. Computer systems, as never before, must successfully counter threats and attacks. To do this, there should be a security policy, an analysis of the risks from possible unauthorized access. In addition, it is necessary to classify existing threats to information security. Each classification criterion should reflect one of the general requirements for an information security system. At the same time, the threats themselves will allow to detail these requirements.

Data protection today came in first place. Computer systems, as never before, must successfully counter threats and attacks

Modern computer systems are very complex. They are subject to the influence of an extremely large number of factors and therefore the protection of information for such a multitude of threats is a very difficult task. Consider the list of classes of threats to which a complex of protective equipment should counteract.

Classification of threats can be carried out for a number of basic features:

  1. By the nature of occurrence: objective natural phenomena that do not depend on a person; subjective actions caused by human activities
  2. By the degree of intentionality: errors of the end user or personnel; deliberate action to obtain unauthorized access to information
  3. By the degree of dependence on the activity of computers: manifested regardless of the activity of computers (opening ciphers, stealing media); manifested in the processing of data (the introduction of viruses, collection of "garbage" in memory, preservation and analysis of the operation of the keyboard and display devices).
  4. By the degree of impact on computers and their systems: passive threats (data collection by way of scouting or peeping at the work of users); active threats (the introduction of software or hardware bookmarks and viruses to modify data or disorganize the work).
  5. By the way of access to resources: obtaining passwords and access rights, using the negligence of owners and staff, unauthorized use of user terminals, physical network address, hardware coding unit, etc .; bypass protection means, by downloading external operational protection from the removable media; use undocumented features of the operating system.
  6. At the current location of the information: external storage devices; RAM; communication networks; monitor, or other display device (the ability to covertly shoot printers, plotters, light panels, etc.).

It should be noted that absolutely reliable protection of information never happens. In addition, any protection system increases the time of access to information, so the construction of secure computer systems does not aim to reliably protect against all classes of threats. The level of the protection system is a compromise between the losses incurred from loss of confidentiality of information, on the one hand, and the losses from complication, rise in the cost of computers and increase in access time to resources from the introduction of protection systems, on the other hand.

Tools