Steps towards Information Technology Security






Information Technology Security (IT Security) is the process of taking necessary precautions to ensure that information is well protected using technological means. The information that is protected in this case can be both data in a computer system or even in paper. Although IT security and cyber security are terms which are usually used interchangeably, there is a slight technical difference between the two. This is because cyber security is precaution taken to guard against crime in the internet especially access to data in the system or illegal logging in to unauthorized computer systems. With this, one could say that cyber security is blanketed in the scope of IT security.


Those who commit IT crimes use vulnerabilities to manipulate the system so that they can be able to access and maybe get information from a system. Vulnerabilities are weaknesses in the IT system in design, operations, implementation or internal control. It is important to know that the system can be attacked and therefore protect it against such kind of threats. Go here to read more now.


Successful detection of vulnerabilities can be attained through steps such as security engineering which is building networks that are dependable, safe, and secure against attacks. Security engineering is achieved through penetration testing, vulnerability assessment and by use of network intrusion detection systems (NIDS). With these, a software engineer predicts the worst possible scenario and comes up with preventive measures. They also probe the computer for possible threats and halt them. The NIDS monitor and keep the system in check for possible threat.


Some of the possible system attacks include, identity theft, data interception and theft, denial of service attack which makes the machine or the network not to be available to its user, SQL injection attack, eavesdropping,, spoofing which is falsifying data in order to gain access to unauthorized information., tampering, direct access and zero-day attacks which occur before the vender is aware of it such that they are not able to halt it beforehand.


Other methods that can be used in implementing IT security include, anti-virus software which protects against computer viruses, encryption which ensures that the data can only be read by the sender and the receiver, firewalls which usually automatically blocks unauthorized access into the system, virtual private networks, password "salt and peppering", IT security frameworks, honey pots, application whitelisting and authentication, authorization and two-factor authentication e.g. via sending SMS for verification. Click this to know more.


Find out about Cyber Security Standards by going to https://en.wikipedia.org/wiki/Cyber_security_standards.