Methods and means of information protection

Methods and means of protection of computer information are a combination of various measures, technical and software tools, moral and ethical and legal norms that are aimed at countering the threats of intruders and minimizing the possible damage to the owners of the system and users of information.

Consider the following varieties of traditional measures to prevent the leakage of information from the computer.

Technical methods and means of information protection

These include:

• Protection against unauthorized access to the computer system;
• Backup of all important computer subsystems;
• The organization of networks with the subsequent possibility to redistribute resources if there will be a disruption in the performance of individual network links;
• Installation of equipment to detect and extinguish fires ;
• Installation of water detection equipment;
• The adoption of a set of measures to protect against theft, sabotage, sabotage, explosions;
• Installation of a backup power supply system;
• Equipping the room with locks;
• Alarm installation, etc.

Organizational methods and means of information protection

These include:

• Server security;
• Carefully organized recruitment;
• The exclusion of such cases, when all the most important works are performed by one person;
• Development of a plan, how to restore the server's performance in a situation where it will fail;
• Universal means of protection from any user (even from top management).

Methods of unauthorized access to information

It is not enough to know the above methods and means of protecting information, it is necessary to understand how unauthorized access can be made to information.

It should be noted that unauthorized access to important information can occur during repair or preventive work with computers due to the fact that residual information on media can be read, even though the user has removed it in a timely manner by the usual method. Another way is when the information is read from the media, if it is transported without protection.

The work of modern computers is based on integrated circuits, which operate with high-frequency changes in current and voltage levels. This leads to the fact that in power circuits, nearby equipment, ether, etc. There are electromagnetic fields and pickups, which with the help of some "spy" technology can easily be transformed into information that is processed. In this case, the smaller the distance from the receiver of the attacker to the hardware, the more likely that it will be possible to extract and decipher the information. A familiarity with information that is unauthorized is also possible by directly connecting the "spyware" means to the network equipment and communication channels.

Methods and methods of information protection: authentication and identification

Identification is the assignment to a subject or object of a unique image or name. Authentication is a test of whether the subject / object is the one for whom it is trying to extradite itself. The ultimate goal of both measures is the admission of the subject / object to that information that is in limited use or denied such admission. The identity of an object can be implemented by a program, a hardware device, or a human. Objects / subjects of authentication and identification can be: technical means (workstations, monitors, subscriber stations), people (operators, users), information on the monitor, magnetic media, etc.

Methods and means of information security: the use of passwords

A password is a collection of characters (letters, numbers, etc.) that is intended to identify an object / subject. When it comes to the question of which password to choose and install, there is always a question about its size, the way to apply resilience to the choice of an attacker. Logically, the longer the password, the higher security level it will provide the system, since it will take much more effort to guess / pick up the combination.

But even if the password is reliable, it should be periodically changed to a new one in order to reduce the risk of its interception while directly stealing the media or removing a copy from the media, or by forcibly coercing the user to say "magic" word.