Systems Security

Ensure control and security of information

The fact that there is a security suite installed on a computer does not make the computer safe. Firewall monitors incoming and outgoing traffic based on predetermined rules, blocking or allowing traffic according to those rules. For example, if a user opens an attachment to an e-mail that was sent by a friend, they may inadvertently install a "Trojan horse" on the computer that "destroys" the firewall settings, allowing unauthorized access. The same goes for malware. While the Trojan horse does not replicate, malware infection can affect a network and consequently all devices connected to it. In conclusion, having good safety equipment with no rules of use makes the system unsafe!

As we have previously demonstrated, a safety system is composed of rules of use and control devices. The lack of a part will affect the whole, that is, the system becomes incomplete. These rules are usually referred to as "Security Policies", which will be more or less complex depending on the size of the Company. Systems security encompasses the physical & logical part. Establishing safety rules is a simple and intelligent attitude. Examples of security policies:

Logic Security:

  • Install security suites on all computers. The user should not have access to the configuration that must be password protected;
  • Block access to unsafe sites or that the Company defines (for example, there are companies that totally block the Internet to certain users);
  • Define passwords policies, for example the passwords must have certain characters (configurable in OS);
  • Very important - Define data backup policies. A cost-effective way to have two systems backup computers running RAID (first backup), install a NAS system with automatic backups at certain times.
  • etc, etc. ...

Physical Security:

  • All devices must be connected to outlets with surge protection;
  • Critical devices (servers, NAS, network equipment) must be connected to UPS;
  • Existence of suitable extinguishers;
  • etc., etc. ...

If you need advice to increase the security of your system, contact us and expose your problem. Together, we may find a solution for:

  • Security Audit;
  • Implementation of security policies;
  • Physical and Logical Security;
  • Safety equipment;
  • Reorganization and Management of Security Systems.

Security Systems

Physical Security

It is intended to prevent damage caused by local or environmental disasters and, for example:

  • Prevent access by unauthorized persons - to areas where company-critical data and information are found.
  • Control the input and output of equipment - The exit or entrance of equipment must have a higher authorization;
  • Control visitors - When there are visitors in the company, they must be registered and accompanied by an employee to the place of destination;

Logical Security

Prevents access to applications, data, operating systems, passwords and log files, through firewalls, encryption, anti-virus and other applications against hackers and possible intrusions to internal sources.

Logical security allows access to be based on the specific needs of each user, making identification through login and password. Thus, each employee can only perform functions that are allowed to him.

The risks that the company runs for not having a good logical security structure are many, such as third party access to sensitive information, data loss, network failures caused by fraud, among others