By: Lotfi Al-Sarori
The significance of cybersecurity cannot be overemphasized. Information security has been a big concern ever since computers were invented. According to a recent Forbes article, Cybersecurity Ventures expects that there will be a new cybersecurity attack every two seconds. This amounts to more than 43 thousand attacks per day and almost 16 million attacks per year. Cybersecurity Ventures also estimate the cost of Ransomware to reach $265 Billion by 2031.
An effective cybersecurity approach ensures that authorized users have secure access to information. This is achieved by applying proven IT security principles and standards. Information security practices vary and come in numerous shapes and forms. They cover various areas from identity management and access control to data encryption, deploying network security devices such as firewalls, and more.
This is the first article in a series covering the primary areas of cybersecurity. Today, we consider the fundamentals of system security. These are key aspects of system security related to identity management, access control, authentication, authorization, and accountability.
Identity Management and Access Control
Identity management is all about managing users and their rights to resources. Access is controlled based on the rights assigned to users. User rights are typically assigned based on their roles in the organization, and what resources, such as information, they need to access. Finance employees, for example, would need to have access to the company’s financial system. In addition, their access levels may vary depending on their roles, grade level, among other factors. Moreover, system administrators also assign users rights in accordance with the organization’s security and administration policies.
Authentication and Authorization
Before giving people access to information or any kind of resources, they need to be verified first. That is, there needs to be a mechanism to verify that they are who they claim or are supposed to be. This security concept is known as authentication and using a username and password has been the most common way to establish this. To secure this process, system administrators typically require users to use strong passwords, which means using a combination of mixed case letters, numbers, and special characters. The goal is to make it impossible to guess or that it takes a very long time that makes it as good as impossible. A key concept we have been witnessing in recent years concerning authentication is the use of two-factor or multi-factor authentication. The idea is that a user is verified with additional methods, in addition to entering their username and password combination. We all have probably seen it here or there where a bank, for example, would require it to verify user identity by entering a secret code sent by email or a text message.
This article on keeping safe online covers the topic of strong passwords and multi-factor authentication in more detail.
Once a user is “authenticated” and verified, they are “authorized” to access the required resource. Authorization is the process of providing “authenticated” users access to the resources they are “authorized” to access based on their pre-defined access rights.
Accountability
Another key concept in system security is accountability. Software systems need to not only identify system users and authenticate them before giving them access but also keep track of who changed what on the system. The system needs to keep logs of all actions performed and the changes made and who changed them. This way, if any change happens that was not supposed to happen, these logs can be used to identify which user made that change and hold them accountable.
Moreover, keeping logs of transactions that took place and changes that were performed by the different users allows system administrators to use these logs to find suspicious activities. Gathering such information can enable them to make the system more secure based on previous mistakes such as in cases of security breaches. For example, a hacker might gain access to the system using an employee’s username without them knowing. Looking at the logs can help system admins know what user account was used for the attack and after the proper analysis, they can find the system vulnerability and fix it. In the given example, it may include enforcing stronger passwords among other system fixes.
Logging and audit trail systems are used to keep track of such information.
To Summarize
We discussed the topic of identity management, access control, and assigning the proper user rights based on their roles and the organization’s administration and security policies. Moreover, the article explained how authentication is used to provide authorization to users who have the right to utilize the relevant system resources. The discussion of system security concluded with a discussion of accountability and how IT systems should keep track of who changed what. Moreover, keeping logs of system transactions provides system admins with valuable information to keep enhancing the security of the systems they are managing.
What’s Next …
Subsequent articles in the series will cover other key cybersecurity areas related to data security, network security, encryption, vulnerabilities, and types of attacks.
Meanwhile, check out the wide range of business systems that ESKADENIA Software offers for telecom, insurance, healthcare, and education as well as general-purpose enterprise systems (i.e., horizontal systems) including software for security, analytics, and Internet solutions.
No comments:
Post a Comment