Information Security requires the combination of people, process, and technology. Each of the people, process, and technology should be managed considering the capabilities & limitations of the other. When the components should be considered in total and they should provide a adequate overall risk mitigation for any organization. Information security strategies encompass prevention, detection, and response, and all three are needed for a comprehensive and robust Information security framework. Most information security strategies focus on prevention. Prevention addresses the possibility of harm. Detection and response are generally used to limit damage once a security breech has occurred. Weaknesses in the prevention parameter may be counterbalance by strengths in detection and response. Information system security Mexico strategies should establish limitations on the access and limitations on the ability to perform unauthorized actions. All hese limitations are derived from concepts known as security domains, least privileges and least permissions.
The formation of security domains involves designing a network solution so that users and network resources are grouped in a logical/physical manner & control are established to mitigate the risks related to every individual domain. At the network level, the connectivity among network areas may be disabled, or tightly restricted through perimeters. The tools used are firewalls, virtual local area networks (VLANs), access control lists (ACLs) in routers, and directories. The tools allow for limitations on access and authorizations at the network layer and application layers. The concepts of least permissions and least privileges are used to provide functionality while limiting the potentially harmful actions. It involves restricting authorizations at the network, server, and client level. For example, a user is allowed to access certain network resources and the same user is denied access to access the other network resource.
Another example could be that A user is allowed access to some file and is not allowed access to others. A program could also be allowed access to some of a network’s resources and disallowed access to others. Authorization for users is managed by assigning a user to a group, and granting permissions to the group. Financial organizations should design multiple layers of security controls to establish several layers of defense between the attacker and the asset being attacked. The layers should be at multiple control points throughout the communication and transactional flow and should include both systems and manual processes. At Webimprints, an Information security services company Delhi we take care of the above mentioned concepts while offering information security services.
No comments:
Post a Comment