information security technology
TRANSCRIPT
Information Security
Technology
By:
Garima Sagar
00311504911
4th year
EEE
Information security, sometimes shortened to InfoSec , is the practice of defending information from unauthorized access, use, disclosure, disruption, modification, perusal, inspection, recording or destruction.
Process by which digital information assets are protected.
Julius Caesar is credited with the invention of the Caesar cipher c. 50 B.C., which was created in order to prevent his secret messages from being read should a message fall into the wrong hands
Key features
ConfidentialityIntegrityAvailability
Importance
Prevents data theftAvoids legal consequences of not securing informationMaintains productivityFoils cyberterrorismThwarts identity theft
Technologies
Cloud Access Security BrokersCloud access security brokers are on-premises or cloud-based security policy enforcement points placed between cloud services consumers and cloud services providers to interject enterprise security policies as the cloud-based resources are accessed.
In many cases, initial adoption of cloud-based services has occurred outside the control of IT, and cloud access security brokers offer enterprises to gain visibility and control as its users access cloud resources.
Adaptive Access ControlAdaptive access control is a form of context-aware access control that acts to balance the level of trust against risk at the moment of access using some combination of trust elevation and other dynamic risk mitigation techniques.
Context awareness means that access decisions reflect current condition, and dynamic risk mitigation means that access can be safely allowed where otherwise it would have been blocked
Use of an adaptive access management architecture enables an enterprise to allow access from any device, anywhere, and allows for social ID access to a range of corporate assets with mixed risk profiles
Virtual private networksA Virtual Private Network (VPN) is a private communications network that makes use of public networks, oftentimes for communication between different organizations.
A VPN is not inherently secure, though in its most common incarnation it does utilize encryption to ensure the confidentiality of data transmitted.
There are three types of VPNs available today: dedicated, SSL and opportunistic.
appear to currently be the most prominent deployment
The basic goal of a Virtual Private Network is to ensure the integrity of the connection and communications.
When encryption is added, the goal of preserving confidentialitymay also be achieved.
Endpoint Detection and Response SolutionsThe endpoint detection and response (EDR) market is an emerging market created to satisfy the need for continuous protection from advanced threats at endpoints (desktops, servers, tablets and laptops) — most notably significantly improved security monitoring, threat detection and incident response capabilities.
These tools record numerous endpoint and network events and store this information in a centralized database.
Analytics tools are then used to continually search the database to identify tasks that can improve the security state to deflect common attacks, to provide early identification of ongoing attacks (including insider threats), and to rapidly respond to those attacks.
These tools also help with rapid investigation into the scope of attacks, and provide remediation capability
Intrusion detection and analysis system The concept of intrusion detection has been around since 1980. In its most essential form, intrusion detection is designed to detect misuse or abuse of network or system resources and report that occurrence.
This detection occurs as a result of identifying behaviour based on anomalies or signatures.
The most common form of intrusion detection system (IDS) today relies on signature-based detection.
Other forms are:
Intrusion Prevention System (IPS)
Event Correlation System (ECS)
Anomaly Detection System (ADS)
Interactive Application Security TestingInteractive application security testing (IAST) combines static application security testing (SAST) and dynamic application security testing (DAST) techniques.
This aims to provide increased accuracy of application security testing through the interaction of the SAST and DAST techniques.
IAST brings the best of SAST and DAST into a single solution.
This approach makes it possible to confirm or disprove the exploitability of the detected vulnerability and determine its point of origin in the application code
Antivirus Antivirus software was developed to detect the presence, and eventually the attempted infection, of a system by malware. There are generally two types of antivirus scanning software: signature-based and heuristic.
Signature-based scanning relies on a database of known malware signatures. It must be updated on a regular basis in order to ensure acurrent database of known malware.
According to eBCVG, an IT Security company, a heuristic scanner "looks at characteristics of a file, such as size or architecture, as well asbehaviors of its code to determine the likelihood of an infection." The downside to heuristic scanners is that they often generate results that misidentify software as being malware (a.k.a. "false positives").
Firewalls A firewall is defined as a "component or set of components that restricts access between a protected network and the Internet, or between other sets of networks.“
Firewalls are network security resources that are defined to control the flow of data between two or more networks. From a high-level perspective, they can serve as a choke-point.
"Firewalls are powerful tools, but they should never be used instead of other security measures.
They should only be used in addition to such measures." The primary role of a firewall, in the traditional sense, is to protect against unauthorized access of resources via the network as part of a “defense in depth” solution.
Few more technologies
Audit data reduction
Network mapping
Password cracking
Public key infrastructure
Vulnerability scanning systems
Software-defined Security
Conclusion
Information security is the ongoing process of exercising due care and due diligence to protect information, and information systems, from unauthorized access, use, disclosure, destruction, modification, or disruption or distribution. The never ending process of information security involves ongoing training, assessment, protection, monitoring & detection, incident response & repair, documentation, and review. This makes information security an indispensable part of all the business operations across different domains.
