IT Security Plan
Businesses have large repositories of extremely sensitive information. Key data sets such as customer details, product specifications, transactional records and employee data among others are vital information that needs to be protected.
Most common IT security models employ a layered structure that provides varying levels of security at each level. There are separate security features for hardware and software. The basic concepts involved in a robust cybersecurity plan are mentioned below.
- Identification of threat: Accurate and timely detection of threats is vital in ensuring the security of data. Early detection of cyber attacks can give IT support teams time to put defensive plans in action that can mitigate the damage. This requires establishing a centralised facility for data monitoring and risk assessment. Such centres are often called Security Operations Centres or SOCs. There are two main parts of proper threat identification- intrusion detection/prevention and proper flagging and alert generation during attacks.
- Threat management: After a threat has been successfully identified, the exact scope of its effect and its quantitative damage needs to be analysed. Moreover, the threat needs to be catalogued, and proper communication needs to be sent regarding the risks involved. Hence, threat management has four basic elements- (a) risk cataloguing, which involves asserting the threat, (b) threat quantification, where the exact damage of the attack is calculated, (c) risk measurement, where the possible consequences of the risks are identified and (d) communication of threat, which involves letting all the stakeholders know of the imminent attack and its effects.
- Threat mitigation: Subsequent to the analysis of threats, security experts can employ mitigation techniques to address the threat. Every attack exploits a pre-existing vulnerability or flaw in the system that needs to be identified. Security engineers can then determine if the pre-existing tools are sufficient for fixing the issue or new systems need to be designed from scratch. Sometimes, entire infrastructures need to be redefined in order to fix critical system vulnerabilities.
Parts of hardware and software security systems
As mentioned above, building a robust security system requires both hardware and software features. Some of the basic hardware security capabilities are mentioned below.
- Firewall: The firewall is one of the first lines of defence in any cybersecurity system. The firewall resides directly between the user’s computer network and the rest of the Internet. Every data that passes between the user’s system and the client is sniffed and approved by the firewall.
- UPS system: Critical to the safety of servers is the continuous supply of power. If the server goes offline during a power outage, then it becomes extremely vulnerable to attacks. Hence, having a separate UPS system for critical servers is mandatory for data protection.
- Physical locks: Apart from the theft of data over the Internet, data storage systems such as confidential hard drives, flash drives and servers often need to be placed under physical lock and key. Flash drives need to be locked inside secure storage facilities, and important ports of servers and switches need to be placed behind cages. Additionally, company-owned laptops and CPUs need to be confined to office spaces and should be placed under a number padlock.
Apart from securing the hardware, businesses need to employ security software modules with the latest update patch. Some of the basic software security features are mentioned below.
- Anti-virus software package: This includes the basic anti-virus, spyware prevention and detection software. They detect common threats such as Trojans and ransomware before they cause significant damages.
- Spam and phishing filters: Spam filters screen incoming emails for potential threats. Phishing is a common form of cyber attack where account details of users are stolen by impersonating legitimate websites. Strong spam filters prevent such malicious content from entering the inbox.
- Backup capabilities: The last resort of any security feature is backup. During unmitigated disasters, systems often need to reboot in order to restore operations. During such phases, a backup facility is vital in preventing the loss of valuable information.