During the last few years, we have observed a dramatic growth in the field of Information Technology and the main reason of this was an arrival of Internet technology and its subsequent development. Its rapid development and the further Information advancements and improvements have made the whole system more vulnerable against the virtual threats and attacks of internal and external origins. The threats and accidents in the Information Security can be explained with the lack of confidentiality, integrity and availability of electronic data. However, the researchers kept fighting against these threats, as they kept on inventing a variety of devices to soften these attacks and their consequences. Therefore, we have the firewalls, IPS/IDS technology and the access control devices. Taking all of these developments into consideration, a variety of organizations through all over the World applied the improved policies and/or frameworks and technologies to remit the electronic attacks.
Internal IT Department is always responsible for defending the company from the electronic threats; moreover, it doesn`t matter whether the company is big or small, the representatives of it have their main goal in protecting the whole system from the online attacks, either internal, or external. Their main tool helping them to balance the Information Security on a proper level is the proper security monitoring. Due to the fact that internal security affects the safety of all the employees, it`s crucial to keep the information protected; therefore, it`s usually performed by proper planning and the technical procedures providing the information safety, which will be listed below. Summarizing the mentioned above, it`s always up to the Internal IT Department to keep the system safe from the electronic and online threats and attacks.
As it was mentioned above, here are the main methods of providing a proper information security to the company:
Network Monitoring. It comprises the mixture of performance and security inspection. Performance monitoring deals with the behavior of packets being exchanged in and out of the network by the Users; therefore, it is a great tool in determining how much time the employees spend beyond the unproductive activities, as surfing social networks and/or chatting via the Internet. It also helps to create a schedule of improvement of the overall system`s security. Network monitoring tools also inform about any unwanted intrusions, which could be properly documented and a mitigation plan could be built based on these documents.
Penetration Testing. It`s a method in searching the maximum possible gaps inside a network. It`s usually performed by the so-called “Ethical” hackers that conduct their attacks outside to locate the exact gaps; moreover, it`s usually performed on a regular basis. In case of breaching of the network infrastructure due to the results of testing, it becomes clear where the potential threats will come from; therefore, it forces the IT Department to find out a solution according to the current breaches in the network. The tools like Nessus that help to determine the essential patches that are missing and initiate the penetrating testing, are widely available on the market for every company to purchase.
Physical Security and Monitoring. The tools of this group include the items like alarm systems and surveillance cameras; moreover, the services of security officers and guards are also referred to this group. Cameras can simply be used to track the people coming in and out; therefore, they track their activity on a particular floor or room. In order to prevent an unauthorized access to the company`s data, the services of security officers come in handy, as they check the employees` ID cards and let-passes. There should also be a proper company`s policy in a segregation of different departments and divisions with an according level of access to the company`s information for each division.
Incident Reports and Statistics. In case of any kind of security breach, even if it is found to be a false alarm, security personnel should report this issue in a proper format. The report should clearly show what happened in details with the addition of the time of occurrence, how the security team responded along with the measures taken in order to close that security breach. This gathered information helps an organization to improve its security procedures with its efficiency based on the statistical data.
Organizational Policies of the Company. The most common example of internal security breach is use of pen drives (USB Flash Drives). Unconsciously, many employees may induct malwares or viruses to their office systems, which can spread like an epidemic to other systems causing a real disaster to the whole information system of the company. The tools of prevention of such issues are various and are available for a purchase; for example, the systems like Symantec that can create the needed policies to limit the use of pen drivers within the office premises.
The next section of the research is the description of E-Commerce and its security for every company. E-Commerce refers to the exchange of goods either buying or selling over the Internet and the main medium, through which E-commerce is usually performed, is a website of a buyer and/or seller. Special security measures are usually applied in order to safeguard an electronic transaction and to avoid any external online threats. Those can be classified into four categories:
- Authentication. To ensure that only authorized users log into the system.
- Authorization. Allows the specified users to manipulate or intervene the data.
- Encryption. Information shared across the medium is encrypted to maintain its confidentiality.
- Auditing. To keep a track of all the activities and operations.
Attacks and their proper defenses. The most common forms of attacks implemented by hackers are Denial of Service attack and Password guesses.
Denial of Services: It is an attempt to make some specific resource unavailable to some intended Users. These types of attacks usually go along with Credit card payment websites and Internet banking websites, where the hackers try to capture the login information of the Users to access their funds. The measures that can be taken to ensure the proper online security are as follows:
- Installation of a software based firewall in the individual systems to block unwanted external access.
- Storing of important and confidential information in encrypted and hidden format.
- Encrypting the complete stream of data exchange using SSL protocol between the client and the Server.
- Using appropriate password policies, Firewall rules, and scheduling the external security audits.
Summarizing everything mentioned above, it should be concluded that the main responsibility for the online and information security is on the IT Department`s hands and heads, as any breach in the network of a company might cause the irreparable damage to the company`s position on market, its financial and intellectual capital, its resources and its employees. It`s obvious that the security measures could not be compromised, as the importance of information security is of the most importance nowadays.
Blount, S. (2006, 11). Four Elements for an Integrated Security Compliance Platform. Retrieved from Internal Auditor Online: http://www.theiia.org/intAuditor/itaudit/archives/2006/november/four-elements-for-an-integrated-security-compliance-platform/
Security Monitoring Activities. (2011, 09). Retrieved from StudyMode: http://www.studymode.com/essays/Security-Monitoring-Activities-769335.html
Smith, B. (2000, 11 03). Thinking about Security Monitoring and Event Correlation. Retrieved from Symantec.com: http://www.symantec.com/connect/articles/thinking-about-security-monitoring-and-event-correlation