Skip to main content

IT Infrastructure Security

 


As I have said, the Security of the IT Infrastructure, taken as a whole, encompasses the security of the Information System and the Security of the connected Industrial and/or high-tech equipment such as for example research laboratory equipment, medical equipment or that of the functionalities of a company or institution. The IT Infrastructure is understood as comprising all the operational elements essential for the effective, efficient and proactive use of technology in general, information and data. The IT Infrastructure is therefore made up of visible and/or physical elements such as computers, servers, personnel, all physical installations including programmable and connected industrial or high-tech equipment. But it is also made up of invisible and/or intangible elements such as networks, data and storage, virtual facilities and software, to which must be added processes, policies, training, security, mobile and virtual functionalities. IT Infrastructure Security is the set of means, tools, techniques, policies and methods that guarantee: - that only competent persons or other authorised systems intervene on the system, on the physical or virtual installations and on the functionalities and that only competent persons or other authorised systems have access to the data, whether sensitive or not and, - the confidentiality, integrity and availability of such data. The security of industrial and/or high-tech equipment or the security of the functionalities of a company or institution differs from the security of the Information System because it requires the implementation of different means and measures of protection, among which the following can be mentioned: - Prevention and sensitization of operators and stakeholders to good practices, - A thorough knowledge of the network infrastructure to detect potential faults (mapping), - The implementation of a continuous monitoring approach for industrial systems and flows, - Constant monitoring of threats and vulnerabilities, The objective of the security of industrial and/or high-tech equipment or the security of the functionalities of a company or institution is to reduce risk areas without harming business objectives. Thus, we will use a: - Physical access control, - Intrusion detection, - Use of industrial components and equipment integrating authentication or trade protection systems, - Updating of supervision software solutions (SCADA) to benefit from the latest developments in safety, However, there is no point in rushing to these means of protection without first carrying out a risk analysis. The analysis of risks in the area of Industrial and/or high-tech equipment or the analysis of the functionalities of a company or institution can begin either by drawing up a list of assets to be protected classified according to their order of importance for the activity of the company or institution, followed by an analysis of the impact in the event of a loss, or by drawing up a table of risks which will be sorted according to their level of dangerousness and the probability of their occurrence. In order to draw up the impact analysis, those affecting the infrastructure and production capacity (more or less long interruption), people (injuries, deaths) and the environment (pollution) must be taken into consideration, without omitting the impact on the national economy. In our next email we will develop this impact analysis and especially we will address the problems related to the interconnection of networks.

Comments

Popular posts from this blog

Hannover Messe 2021

Hannover Messe 2021   The World's largest Industrial Technology Exhibition "Hannover Messe 2021" will be completed tomorrow, April 16, 2021. There is still time for you to visit the exhibition, there will be a lot of information that you get related to the development of industrial technology in the world. Various sectors of industrial from various countries are in the exhibition. Indeed this exhibition is different from Hannover Messe in previous years, because this year Hannover Messe held full Digital. this is certainly a strategy to anticipate the spread of the Covid-19. But you don't have to worry, because even if it's refreshed digitally you can still get all the information you need. because there are features available to share contacts, livestreaming and even meetings within the Platform. This year Indonesia was selected as a Country Partner and represented by at least 156 Companies from Indonesia. one of them is PT Sydeco who concentrate fully on Cyber S

KASEYA CRASH

  I can't help but draw a parallel between KASEYA and SOLARWINDS. Both companies offer I would say "hyper-integrated" solutions, the "all in one", management and security, easy to use and both put forward the IT security not only of their solution but especially of the whole IT system of the users.   And both seem to either be adept at "do as I say, not as I do" unless they are deceiving users about the quality and effectiveness of their solutions. On closer inspection, both offer full visibility that should allow for immediate reaction and data protection. It is clear that both companies were unable to detect the early stages of the attacks, despite the vaunted performance of their security solutions. The fault of these two companies is that they wanted to "hyper-integrate" everything, the IT protection solution with the IT management solution. Data management and IT security cannot be integrated in one product. Of course, when

Cyber Crime

  Cyber Crime Cyber Crime atau kejahatan digital pasti sudah tidak asing lagi di telinga kita. Dari kejahatan yang sifatnya kecil dan sederhana sampai yang sangat besar dan kompleks. Motif mereka juga berbagai macam, mulai dari mengkopi data, merusak data maupun situs bahkan meretas atau mencuri data atau sebuah situs. Tentu tindakan mereka sangat merugikan kita, baik kerugian secara moril sampai kerugian materiil yang sangat besar. Sasaran mereka juga beraneka ragam, mulai dari Individu, Lembaga, perusahaan, Instansi swasta, bahkan Instansi Pemerintahan sekalipun tak luput dari serangan mereka. Mereka juga menyerang semua sektor kehidupan, seperti Perbankan, Pendidikan, Kesehatan, Perindustrian, Perdagangan, Pertanian, Penelitian, Pertanian dan lain sebagainya. Metode yang mereka gunakan untuk menyerang juga beraneka ragam dan terus berkembang seiring dengan perkembangan Teknologi dan perkembangan Ilmu Pengetahuan. Mulai dari penyerangan dengan menyebarkan Virus, Malware, Ransomwa