Computer Security and How to Protect Data
Computer security, also known as cybersecurity and internet technology security, refers to protecting computers and the data stored within them from unauthorized change, access, or destruction through a series of techniques. The two most commonly used techniques in data security are data encryption (translating or encrypting data into an unintelligible form that requires a deciphering mechanism to be read) and passwords. In addition, there are two main aspects to computer security: IT security and information assurance. Information assurance is simply the security applied to technology. Usually IT security specialists are responsible for keeping the computers and information with them secure from malicious cyber-attacks. Information assurance, on the other hand, is the act of ensuring data is not lost when issues arise where data has the potential to be lost. Common issues include natural disasters, physical theft, and computer or server malfunction. The most common method in providing information assurance is a complete backup of data, stored off-site.
There are several security controls (safeguards or countermeasures) in place today to enhance computer security by minimizing security risks. Implementing security controls brings down the risk of breached computer security to an acceptable level. The three main sectors of controls are administrative, logical, and physical. Administrative controls form the framework of the policies, procedures, standards, and guidelines. They inform how operations are to be conducted. Therefore, existing laws and regulations in place are actually administrative controls because they inform the companies.
After administrative controls are in place, logical controls can be applied. They are the technical controls used to monitor and control access to information and computing systems, usually through the use of software and data. Common logical controls include passwords, network and host-based firewalls, access control lists, data encryption, and network intrusion detection systems. Logical controls operate under the principle of least privilege. This requires that a person, program, or system process is only granted access privileges that are necessary to perform the task and nothing more. A simple example to explain failure to adhere to this principle is if an employee were to log in to a computer using the Administrator account rather than his own, and then read email or surfed the Internet while logged into this account.
Physical controls make up the final sector of controls. They monitor and control the environment and the access to and from computing facilities and the workplace. In addition, physical controls separate the network from the workplace in order to minimize risk. One important physical control is separation of duties, which ensures critical tasks cannot be completed by one person alone. An example of a physical control violation is if a programmer was also the server administrator or database administrator in an organization. These roles and responsibilities must be clearly defined and separated from each other to maintain security.
The most common measures put into place to ensure computer security in individual homes is the use of a firewall and/or a virus scanner. A firewall is either software or hardware that helps block hackers, viruses, and worms that try to reach computers via the Internet. A virus scanner, also known as an antivirus, is similar to a firewall in that it is software used to prevent, detect, and remove malware.