Managed Security Services
In the current world, information wants to be free, and people are used to accessing whatever information they want at any time using a range of computing devices. Unfortunately, the security and control of access to information have proven to be quite a problem. Many users consider security and control measures to be a barrier to effectively accessing information. Achieving information security requires safeguarding of computing resources, seeking the integrity of data, controlling access by authorized users, and maintaining the confidentiality of data.
Given the extent to which we rely on technology, physical security measures need to ensure that computer hardware is not compromised. The most significant threats to computer resources include theft, fire and flood, power surges and power outages. Organizations, therefore, need to implement a backup and disaster recovery strategy to provide resilience against these threats.
Threats to the integrity of data include:
Errors by the operator, for instance inadvertently deleting of files
Failure of hardware or storage media as a result of wear and tear, old age or damage
Theft of hardware or data
Hacking incidents (through unauthorized online access)
Physical protection of computer equipment and data from damage is critical for achieving information security. However, another controlling access to the entire or part of the data store to authorized users alone, best serves to compliment physical security. User authorization can be verified using one of the following three means:
Using a parameter known to the user as a password
Using something that is possessed and carried by the user like a security or ID card
Using biometric characteristics of the user, for example, their fingerprint
For more enhanced security, two of the measures can be used in what is referred to as “two-factor security.”
Effective information security measures should have in place plans in case they fail, and how data confidentiality may still be withheld even after data falls into wrong hands. This becomes necessary when it comes to protecting sensitive data like financial information. The confidentiality of the information on within hardware that has been accessed by unauthorized users is only achievable through encryption.