When you change the method of storing information from paper to digital form, there was a big question – how to protect this information, because a very large number of factors affect the safety of confidential data. To arrange safe storage of data, the first step is to conduct threat analysis, to properly design schemes of information security. Information security threats fall into two basic types – is natural and manmade threats. Let us dwell on natural hazards and try to identify the main ones. The natural threats include fires, floods, hurricanes, lightning and other natural disasters and phenomena which do not depend on the person. (Not to be confused with Bernie Sanders!).
The most frequent among these threats are fires. For information security, a prerequisite is the equipment room in which there are elements of the system (media digital data, servers, archives, etc.), fire detectors, assigning responsibility for fire safety and availability of fire extinguishers. Compliance with these rules will minimize the threat information loss due to fire. If the premises to carry valuable information are located in close proximity to water, they are at risk of information loss due to flooding. The only thing that can be take in this situation – is to exclude storage media on the first floors of buildings that are prone to flooding. Another natural threat is lightning. Very often when lightning strikes fail network cards, electrical substations and other devices.
Especially heavy losses, with the output of the network equipment failure, are large organizations and businesses such as banks. To avoid this problem connecting network cables should be screened (shielded network cable resistant to electromagnetic interference) and the cable shield should be grounded. To prevent lightning electric substation, install a grounded lightning rod, and the computers and servers complete uninterruptible power supply. So we dismantled the natural threats to information security. The next type of threat are man-made threats, which in turn are divided into unintentional and intentional threats. Unintentional threats – are the actions that people make of negligence, ignorance, thoughtlessness, or from curiosity. This type of threat include the installation of software products that are not included in the list required for the operation, and may eventually cause system instability and loss of information. It can also classified and other "experiments" that were not malicious, but people who committed them did not realize the consequences. Unfortunately, this type of threat is very difficult to control, not only that the staff was qualified, necessary that everyone was aware of the risk that arises when it is deliberate tampering threats – threats associated with malicious intentional physical destruction, then exit a system crash. By intentional threats include internal and external attacks. Contrary to popular opinion, large companies have a multimillion-dollar losses are often not from hackers, but the fault of its own self- staff. Modern history knows many examples of intentional threats to internal information – it's the tricks of competing organizations that deploy or recruit agents for the subsequent disruption of a competitor, field staff who are dissatisfied with salary or status in the firm and others. In order for the risk of such incidents has been minimal, it is necessary that everyone in the organization consistent with the so-called "status trustworthiness. " External threats include intentional threat of hacker attacks. If the information system linked to the global network Internet, to prevent hacker attacks, you must use firewall (so-called firewall), which can be as integrated into the equipment, and implemented in software. If you take all precautionary measures against the threats listed above, your information will be securely protected.