Security of IT Systems

The problem of ensuring IT security grows with the enterprise, but it occurs in every organization that processes information critical to its functioning. Very often, this problem appears when trying to make users aware of the threats of hardware and software.

In general, no one likes negative associations, which is why it's so hard to talk about safety. "Why change it, if it works" - is the opinion of many managers and employees. In some companies, the IT department is treated only as a cost center. The second issue is functionality and user convenience. The implementation of additional procedures in the field of increasing security often requires e.g. careful authentication (with a complex password) and additionally providing an SMS code (with two-step authentication). Meanwhile, too often the weakest link in IT systems is the human being - the employee, who may get "caught" by cheap social engineering. "I broke people, not passwords" is the subtitle of the book by Kevin Mitnick, one of the most "media" hackers. This title says enough.

According to the Niebezpiecznik.pl website ("10 security tips"), one of the first steps to protect our data on laptops and other mobile devices is to encrypt the entire disk. This protects against unauthorized access to data, e.g. due to theft. For owners of computers with Windows (8.1 or 10), the BitLocker encryption technology is built into the system and quite simple to implement. The above rules also apply to mobile devices (smartphones, tablets) - their operating systems also have built-in encryption tools for the entire memory of the device. This is especially important in a situation where mobile devices have become our everyday life.

Dangerous social engineering

One of the most serious threats related to the widespread use of the Internet in business is "cheap" but sufficiently effective social engineering. Criminals pose as banks, telecommunications operators, courier companies, etc. Malware distributed in this way can wreak havoc on resources necessary for work, such as irreversible encryption of files or leakage of confidential data to criminals (for resale). It is then especially important to raise awareness of the existence of such threats. Visiting only reliable websites, checking the correctness of certificates in the browser when using, for example, financial websites (green color in the browser's address line), no response to messages that we did not expect, and which contain a specific call to acacia (unique opportunity, request for payments, collection of the parcel). Unfortunately, the anti-spam protection of many ISPs is not able to filter out all of these types of threats.

In light of the above facts, it is quite dangerous to assume that you only need an up-to-date antivirus system to fully protect your company. It is of course absolutely necessary, but it is effective in combination with other tools, such as network protection along with checking the reputation of network connections, systems preventing data leakage outside the company, or monitoring user behavior on the network. And of course, it is fundamental to be aware of the sources of risks among all employees.

So what should be considered when choosing antivirus solutions?

According to Gartner.com, global market leaders are Intel Security, Kaspersky Lab, Sophos, Symantec, and Trend Micro. Recommendations are important, e.g. reference visits or a review of tests published on specialized websites such as Av-comparatives.org, Av-test.org, and Virusbtn.com. Equally important is the functionality of the tools that allow you to remotely manage and monitor the protection of all computers in our infrastructure, provided with the software. This is especially important in the case of geographically dispersed multi-departmental organizations.

Advanced protection systems are also characterized by the possibility of flexible extension of the scope of protection with additional tools. Modules protecting against data leakage, encrypting selected files (e.g. particularly confidential) on disks and memory sticks are just some of the functionalities that can and should be extended to protection.

To sum up, the organization's development strategy should take care of all areas affecting the security of IT technologies supporting the business. Investments in IT security are a key element in investing in a company's stable future.

Marcin Pieleszek

Microsoft SI-Consulting systems administrator