Source: Info-Tech Research Group

Executive Summary

IT security is often overlooked and misunderstood by businesses. Many feel that they have nothing worth stealing and any money spent on security is a wasted investment. Understand more about IT security and why it is important in every business.

Implementing proper IT security policies, software, and equipment is vital to any business. All businesses have something of value that needs to be protected, regardless of the size of the company or their industry. At the very least, companies have services and infrastructure that hackers can exploit. Common exploits include using phone systems to place expensive long distance calls and using the network storage to host illegal Web sites. Governments and industry regulatory groups are aware of the importance of implementing a sound IT security system and many have put security requirements in place.

What is Security?

IT information security is the process by which businesses protect their information, internal systems, and platforms from unauthorized use, theft, deletion, and unauthorized changes. Security is not about eliminating risks to the business, it is about mitigating these risks to acceptable levels.

Security CIA

IT security can be divided into three core principles, which are confidentiality, integrity and availability (CIA).

• Confidentiality. Taking steps to ensure that only authorized people access certain systems, data, and materials.
• Integrity. Ensuring that the data available to authorized people is always correct and unaltered, without faults or unauthorized changes.
• Availability. Ensuring that the data is always available when needed.

Security Basics

There are three components of security: the organization, the process, and the technical tools (Figure 1). The details of these components should be stated clearly in the security policy and supporting documents. For more information on security policies, refer to the McLean Report research brief "Security Documents More Than Just Policy."

Figure 1. The Three Components of Security

Source: Info-Tech Research Group

• Organizational components. These deal with the employees of a business, how they are structured, and how responsibilities are split up between them. Examples of organizational components include allowing employees to access only the files necessary for their roles, and not allowing any one person to own an entire suite of duties.
• Process related components. These are the procedures put in place to ensure that the business's data is secure. An example of a process related component is the use of passwords to validate identity.
• Technical components. These are the tools used to protect the business and its network. Examples of the technical components of a security system include antivirus software and firewalls.

The Basic Technical Components of a Security System

Multiple tools are required to ensure that a business's resources are properly protected from internal and external threats (Figure 2).

Figure 2. Basic Components of a Security System

Source: Info-Tech Research Group

Firewall. This is the first line of defense and the most basic security requirement. It regulates and restricts traffic to and from the network based on a set of rules which are specified by the security policy. Without the proper rule settings, a firewall can be useless.

Intrusion, Detection, and Prevention (IDP) sensor. This basically functions as an alarm system. There are two types of IDP systems and both are commonly used.

• Intrusion Detection System (IDS) -This system will inform the IT administrator of perceived intrusions but will not prevent them.
• Intrusion Prevention System (IPS) -This system will stop any perceived intrusions from occurring, after which it may notify the IT administrator of the issue.

As IDP security is increased, more and more valid traffic will be perceived as intrusions. IDS will generate more false positives, or will perceive more valid traffic as malicious, as security is heightened.IDS is more popular than IPS, however, there are some integrity issues with this since an IDS does not stop malicious traffic, it just alerts IT administrators to the traffic.

Antivirus software. This software directly protects the business's computers. Its main responsibility is to mitigate the risk of malware and files by deleting, quarantining, or repairing infected files. Antivirus software actively scans files for known threats and monitors programs for suspicious behavior which may indicate the presence of a threat. Antivirus software is able to detect all forms of malware, including the following:

• Viruses             • Worms
• Trojan Horses    • Rootkits
• Spyware           • Crimeware

Bottom Line

IT security is often overlooked and misunderstood by businesses. Many feel that they have nothing worth stealing and any money spent on security is a wasted investment. Understand more about IT security and why it is important in every business.

For assistance in determining your IT security needs, contact us now.  678-797-0747.