There are 3 main principles one should always strive to achieve when configuring or operating IT systems: • Confidentiality: All information in a system can only be accessed by those with proper authority • Integrity: Information cannot be altered in any way that is not authorized • Availability: Data can be made available quickly and easily for those with authority to access it Unfortunately, there are many types of attacks that attempt to bypass one or more of these security principles: eavesdropping, alteration, denial of service, masquerading, etc.. How can one avoid such attacks and achieve the highest level of security possible? Some tools that can be used to increase the confidentiality of information in a system are access controls, fail-safe defaults, and encryption. Access controls involve the designation of what users or systems can do with any resources or data. By setting specific file permissions, for example, you can determine who can read, write, or execute a file. You can also apply varying permissions to the owner of the file, the owner group, and any user of the system. Fail-safe defaults, an extension of access controls, gives either read-only permission or denies permission altogether to the "other user" category. Encryption, of course, is also a means for protecting confidentiality. Users with access to data are given encryption keys with which they can encrypt private information and then decrypt that information upon receipt. Users without a key may be able to retrieve the information - but as long as it is encr ypted they will not be able to interpret it. Once confidentiality is assured, you should then work to maintain the integrity of your system's information. Checksum algorithms, like SHA-2 and MD5, are a good tool to use to confirm that data is unmodified. Checksum algorithms are created before a file is sent, and then run again once it is received by the other party, where the receiving party can compare the two values. If the sent file is even one bit off, the algorithm will return a different value. This tool is especially useful when downloading files from [...]The post Managed IT Services: The CIA Triad appeared first on Virtual IT Group, LLC | IT Support |Brandon.
