Skip to main content

Cyber Security 101 - Basic principles

CYBER SECURITY 101

With changes in technology and everyone connected digitally often create a havoc thought of privacy and security, often termed as Cyber Security.

Do's and Don'ts  -  Wants and Needs, often dictates our choices of selection. But before we go deeper in discussion , let's talk Security at basic level to better understand it.

Here are basic principles which can help understand security  for better designed solutions for physical or  cyber security needs.

1) Security Vs Convenience  : It's usual that higher the level of security is create lower the convenience level it creates for user in order to safely go through all layers of security. Ease to access means limited security for user as well as intruder. Choosing the balance wisely with needs and requirements is essential.

2) Security is continuous process : Issues can be fixed and resolved to mitigate the risk but there's always be new avenues of exposure and it's impossible to eliminate all risks. Establishing a best security policy, analyzing risks and fixing any realized issues.

3) Risk formula : The level of risk can be understood using simple equation : 
                            [ Risk = Impact  X Probability ] 
If a cause has higher impact or higher probability or both, then it has higher risk factor.

4) Cost vs Cause : Not all risks needs to be mitigated because cost vs cause factor dictates this choice. If cost of execution for a security need is significantly higher than preventing content, it may not be advisable to spent on that cause.

5) Security is a 2-way road : Often misconception is that security is about building walls and closing plugs that no unauthorized access can happen but security is more than that. It's also about making it strong inside that unwanted information do not get released by error or unknowingly  a window or door left open  or hole got created while in process. Security is about preventing from intrusion and limiting error exposure.

6) Irrelevant  ROI : When comes to expenses for security, calculating Return Of Investment(ROI) is often irrelevant as the benefits always doesn't translate directly in to monetary  but into peace of mind.

7) CIA Triad : An industry accepted model for securing systems(data). Where CIA stands for - Confidentiality, Integrity, Availability

8) Security methods Categorization :  Prevention ( stop unexpected activity before it happens ) , Detection (Monitor, observe and detect any unusual activity ) and Deterrents ( Counter response any unusual activity )

9) Fail Safe : Despite all efforts there's always an avenue of chances which can cause security to fall, so it's essential to know the range and extension security design to better understand how much it can withstand. It's better if you know what it takes or what could cause security breach so you can can fix and update before someone else does.

10) Layers and Privileges : More the layer, stronger the system and less prone for breach but often by simply limited the privileges to limited audience as well sun dividing what can be accessed and how it's access can also reduces risk of errors which can compromise integrity. 

This simple and basic principles can help you plan and design complex and robust solution for cyber security needs.

Learn more about evaluating you digital platform, servers, websites and online contents for threat analysis, security and risk analysis to prevent and deter possible intrusions. Contact Estiopi Cybersafe a partnered solution provider for Solnet Canada
Labels:

Comments

Post a Comment

Popular posts from this blog

Work from Home and Remote Access for Small Business

  Work from Home and Remote Access for Small Business   This pandemic has taught us many things and one of those things includes being flexible and adaptable in business. Not all business has opportunities to be completely flexible and adaptable according to business situations but all business has certain avenues to do so. Adaptability can be seen as being lean in operations, reduce overhead costs, revisiting technology and recurring expenses, offering employee flexibility, entering into online marketplace, creating digital presence and marketing, reducing maintenance costs are to name a few. If researched properly, many businesses needs just few small steps can help cover the basics and make business more flexible to be adaptable. Every business is different with varying scope of changes. Many businesses which are office based, who share common space and technology to perform day to day tasks. A work from home setup is very fruitful for those businesses as it allows ...
Post a Comment
Read more

CE Code Handbook for Fiber Optic Cable

In CE Code handbook, installation of fiber optic cable in same vicinity of electrical cables has be discussed. Section 56 is intended to ensure that optical fiber cables installed adjacent to, or in the same raceway and enclosures as, component of electrical systems do not pose, or contribute, to a fire or shock Section 56 – Optical Fiber Cables Rule 56-000 Scope Section 56 includes additional and specific requirements for the installation of optical fibre cable adjacent to electrical conductors or electrical system equipment. These optical fiber cables are used for control, signalling and communications functions that are generally performed by electrical conductors. The optical fibers transmit modulated light patterns that are encoded and decoded by terminal equipment. They do not transmit electrical voltages or currents, nor are they affected by electrical contact or induction. Shock and fire hazards, however, can arise from following: 1) The type of optical fib...
2 comments
Read more

Business Phone System ( Managed VOIP PBX)

  Business Phone System ( Managed VOIP PBX) Phone systems for business is no longer just  a tool for making and receiving calls. It's an important tool to connect and collaborate with team members and customers using audio, video, text, file sharing, conference calls and more with flexibility to be able to communicate while at office, working from home or off-site or at away location. For most businesses, their phone is their primary point of contact with their customers. Any disconnection or call drops or issues with the phone system  means your business is missing out  from current and potential customers, and you are at the complete  mercy of the traditional  telecom service provider while you wait for your service to be restored. Typically, businesses implement  a phone system in the work environment  to connect and collaborate. For the longest time businesses have been choosing what's available or been referred or been approached  at tha...
Post a Comment
Read more