An Introduction to IT Security

This document is aimed at providing an insight into the basic considerations for IT Security within a computer environment.

Why have Security?

Security is aimed at preventing something from happening; this is usually divided into three main areas:

• To prevent damage to important company information.
• To prevent access to information by people who should not have access to it.
• To control access to resources, to prevent their abuse.

Classification of Threats to Systems

It should be noted that threats to computer systems could be both deliberate and non-deliberate and both have to be covered to protect systems.

Examples of Non-Deliberate Dangers:

• Acts of God (Flood, Fire, etc.)
• Power interference (The office cleaner, lighting, power failures, office equipment such as photocopiers, etc.)
• User errors (pressing wrong keys, miss-understanding, etc.)

Examples of Deliberate Dangers:

• Disgruntled employees (Single biggest cause of deliberate damage)
• Hackers (Only attack if you look interesting, and if preventative measures are taken this should not be an issue)
• Viruses (If preventative measures are taken this is a minor inconvenience)

A Historical Note on Computers and Viruses

Originally most computing environments were orientated around single machines, whether they were mainframes or mini-computers utilizing dumb terminals. With the advent of Personal Computers aimed at increasing the productivity of individuals the tight control provided by centralized computer services was lost and the development of viruses began.

Viruses were originally aimed to attack the computer operating system, and were usually passed between users by floppy diskettes.

With the advent of networking technology, people could share resources, and information between PCs. This meant that viruses could now be transmitted between systems electronically without the passing of a physical floppy diskette.

The next wave of viruses in this new network environment was no longer aimed at operating systems, but at the office applications, notably Word Macro viruses.

At present the biggest cause of computer disruption is e-mail transmitted viruses, usually through the Internet. This medium opens up some of the biggest opportunities since it allows the communication of large numbers of individuals and companies. However with this amount of access and joined systems viruses have been designed to exploit this new electronic Utopia. (The “Love Bug” being one example)

The Solutions

To solve security issues requires a mix of Hardware, Software, Procedures and Commitment. The mix and quantity of each varies, dependent on the aim of the organization.

One way we can divide security into technology is as follows:

• Protocol / Packet based Security
• Application based Security
• User based Security

All the technological solutions can be implemented in the world to make your environment safe, but if no procedures are defined to control users then they are worthless. And if you define these procedures and do not tell anyone they also become worthless, and if you do not have commitment from everyone in the organization then all this effort is still worthless.

Protocol / Packet based Security

This is carried out usually utilizing a router, or server acting as a router.

Security is implemented by creating lists of machines that can access other machines. This can be an intensive programme in complicated environments, and modifications within the network must be kept up to date within the list.

Application based Security

This is based on controlling access to the different TCP/IP ports to prevent access to applications such as FTP, SMTP, POP3, etc. Usually implemented within the router or a firewall.

User based Security

User based security requires the implementation of a Network Operating System, so that user profiles can be defined and allow the controlling and sharing of network resources.