Information security. A common understanding.
Telegram channel: https://t.me/protectioninformation
Telegram Group: https://t.me/informationprotection1
Website: https://legascom.ru
Email: online@legascom.ru
In the last three decades, information technology has made a real breakthrough. The emergence of hypertext, IP telephony, increased processor clock speeds and bandwidth of communication channels, the development of cloud technologies and mobile devices, and much more. All this has significantly complicated the process of not only developing, but also maintaining the IT infrastructure. A new profession has appeared – system administrator.
The system administrator is a specialist who ensures the smooth operation of the entire IT infrastructure of the company. Ensuring the information security of corporate resources is far from the last place in the work of a sysadmin.
To ensure information security, the administrator needs to install the software correctly himself, as well as install updates and fixes to software that is already in use. Solving these tasks, especially in large companies, often requires a lot of time and a large number of specialists, since usually in large companies different specialists are engaged in the maintenance of telephony systems, email servers, web resources and other systems. But at the same time, each of these systems must be built taking into account the requirements for ensuring information security. However, information systems are usually interconnected, for example, email servers running Microsoft Exchange must be part of an Active Directory domain, an IP telephony system is connected to the mail system, and web servers are connected to database servers. In addition, thanks to the development of the BYOD (Bring Your Own Device) concept, many employees now use their mobile devices for work: tablets and phones. Effective information security for such integrated systems requires extensive technical knowledge in related fields from the relevant specialist, otherwise poor security of one element of the integrated system may negate all efforts to protect its other elements. As the saying goes, the strength of the entire chain is determined by the strength of its weakest link.
It is best to use the most stringent settings for all resources directly when building a corporate network. As a rule, application and hardware manufacturers themselves recommend using the most secure operating modes and describe their settings in detail (for example, using complex passwords to log in to the system, protecting email from unwanted mailings, disabling default user accounts, prohibiting remote access to corporate resources, etc.).
However, a typical situation is the presence of some kind of corporate infrastructure that has been built over several years by various specialists on different hardware models and applications. At the same time, "cloud" services such as "cloud" file storage, office applications, and more are integrated into this infrastructure. Also relevant here is the problem already mentioned earlier with the use of mobile devices. In such cases, corporate resources contain information security vulnerabilities and weaknesses for various reasons.
A system administrator usually has a lot of work to do. Especially in small companies where there are about 100 jobs, one and a half to two dozen servers and one or two people at most have to maintain all this. As a result, these specialists are engaged in daily routine work, such as solving user problems, replacing ink cartridges in printers and paper in faxes, preparing jobs for new users, etc. At the same time, they often perform tasks to ensure the safe configuration of software and hardware, writing instructions and information security policies.
they are put in the background for users and, as a rule, are not executed. The reason for this is both the employment of system administrators and their lack of relevant knowledge and skills to ensure information security.
For large companies, this problem is not so relevant, because, for example, large banks have a department or even an information security department. Accordingly, it is no longer system administrators who are engaged in solving information security problems, but security administrators. At the same time, system administrators and information security administrators perform various tasks, some maintain IT resources and ensure their functionality, while others ensure the security of the IT infrastructure. Information security administrators prepare policies and instructions for system administrators.
But in any case, regardless of who is responsible for ensuring information security, the system administrator or the information security administrator, this specialist needs to regularly assess the security of corporate IT resources, that is, audit the information security of the system.
Of course, many large organizations prefer to involve professional auditors to verify the security of the corporate information system. However, this only makes sense for large organizations that are subject to the requirements of various standards (GOST, ISO, etc.). Small companies simply cannot afford such an audit, and therefore the task of carrying out a practical audit falls on the system administrator as the chief corporate network specialist. In addition, such checks must be carried out regularly, which also imposes additional costs.
