Managing IT Security AJAY JASSI

Security methods for protecting IT systems and data

IT is one of the biggest and valuable industry.

There are many ways to protect computer systems and data in IT. These will prevent the risk of something harmful to do be done.

Theses are some of the many ways to prevent this by having:

Backups

Password protections

Anti-virus software's

Updated software

Encryptions

Firewalls

Backups Backups are very idle and are important, as it will protect the data from getting lost if stolen or corrupted. It is also important that backups are done regularly and daily so that no files and important data is at risk of not being seen again.

Backups can stored online, on disc, on hdd and servers. A copy is more secure being on site, than on the internet as there is less risk of it getting accessed, as most businesses have a high amounts of IT based security. However a backup is beneficially if stored online as well, as the site maybe destroyed therefore backup cannot be assessable.

A storage unit/warehouse could also be used to store backup.

Password protection User IDs and passwords is the simplest way to prevent data to get stolen or copied in the workplace.

Passwords should have a variety of characters including numbers and letters, so that this will ensure the password is strong.

The more stronger the password, the more harder it will be to find out. Therefore it will be more secure.

In the IT industry passwords are changed regularly. Most organisations change their passwords every month.

Passwords should be kept a secret and shouldn’t be obvious or easy to guess. An example is someone's pet’s name or date of birth.

Anti-virus software These software are used to detect viruses and malware. They also remove them from the computer system, so that it doesn’t get harmed or damaged.

It is important that full scans are run regularly so that it will reduce the chance of viruses.

Full scans should be performed at least once a week, as in organisations a lot of data is sent and received everyday.

This will maintain the internet and computer system running smoothly.

Updated software Updating software is important as bugs and errors are fixed. Theses fixes may have added more security features.

Updates are created mainly to stop patches from being cracked/hacked. This is normally done by users whom download these software illegally and don’t agree to pay for a licence or subscription.

Updated software can also remove unwanted threats to the computer which will increase the performance and security.

Encryptions This is used to scramble up words and numbers that want to be kept a secret from others.

These contain the original message, with a large amount of numbers and symbols added.

The encryptions are known by users in the organisation and is kept privately between each other, so that messages are not spread to everyone.

Encryptions are very hard to crack, that’s why it is used and user don’t bother cracking them as it isn’t worth it, as continental private information isn’t shared on there.

An example of this is shown below, it is meant to say: Security is very important.

E3cmeR9sUrK8ge+uF7ERUm6P4/FI7MTQeOHUoepGkrQ=(this is basic encryption)

Firewalls These are used to manage the organisations internet. It is a form of a program, where settings and features on the internet can be edited and changed.

An example of this is at a school, the network will block inappropriate sites, and games.

Firewall also protects computer systems and networks from being hacked from other users outside of the organisation.

All home PC’s and networks all should have an active firewall, to stay safe.

Security improvements Not only simple things can be done to protect the data and computer system, but more can be done to secure things even more.

Things to take in consideration is physical ways to keep the organisation secure from having stolen or damaged computer systems and data.

This can be things such as:

Securing computers to the desk and floor

Having CCTV cameras

Having security passes to enter and leave building site

Locking rooms when not in use

Having windows closed and use bars across them

Positioning equipment so it can’t be seen by others outside the site

Lock down systems From having the computer systems attached to a surface, this will make it harder for a thief to steal and will give time for security or the police to catch them as more noise is being made from the struggle and prevent the data and system form being stolen.

Also if people are aware that the computer systems are secured well on the floor, they wouldn’t attempt to steal, as they know it’s time consuming, difficult and noisy to break.

CCTV cameras From having these the business will be able to look at everything that is happening on the site with 24/7 recordings. This will help the business spot any threats to the systems and data and will allow them to respond quicker.

However people are aware of the CCTV as a responsibility for the employer is to warn people they may be recorded. This is done by displaying clear writing and posters around the site.

Although people look out for cameras, and look for areas where there aren’t any visible, but are actually disguised or hidden for crime and theft purposes. This is the main cause thief's get caught.

Security passes Theses are used to stop people from entering the site through entrances, as they can easily disguise themselves as an employee by wearing similar or the same clothing.

This is a form of identity in the business by using photographs and special codes in the card. These cards can either be electronically used or physically used by security checking it is the correct employee with their card.

Locks on doors To keep a business secure it’s ideal for the employer to setup a lock system when the rooms are not in use. This could be done manually or automatically, either by security systems or employees.

The common way is manually done by employees as security systems are expensive and requires a lot of maintenance.

There is a number of different types of locks which is electronically used or physically used. An example is using a key or using a fingerprint scanner.

Secured windows This is used for extra protection towards visibility, safety and security from theft.

Without these bars it is easy to smash through and climb in depending on window sizes, which in cases are normally big enough for someone to climb in.

These are also used for protection against employees as there is always danger around, therefore if a stone is thrown at the window there is a likely chance of it hitting the bars.

It also makes it harder for people to see through the windows as mostly all of it is covered.

Visibility angles It is important to position valuables and data in a area where it cannot be seen easily from the outside. This is so that people outside of the business doesn’t know what's inside and where it is.

People seeing the systems and data will make their decision whether or not to attempt to risk stealing it or damaging it. Likely in business, it is updated with the latest facilities, which are obviously valuable and expensive.

As seen in the image, this is position to place a computer system and valuables as it can be seen easily from the outside.

How to respond to a breach

As soon as a breach is recognised, it is important to take action immediately. The suitable parties should be alerted to help out in this situation.

The first thing that should be done is disconnecting the network from the user who affected or attempted breaching the system. Collect the logs and preserve them for evidence and leave the security as it is for proof of the breach until the case is closed.

Ensure that you record the details on the breach for further actions to be taken. This may require the account numbers, full data tracks, and encrypted data files.