Introduction
What's the purpose and how does Information Security helps us with it?
Purpose
The purpose of this field is to protect our data and prevent access from people that should not have access to it
How Do We Do It?
Put simply it's a matter of permissions
IE: You'll get access to the data only if I allow you so
Exactly how you don't want other people to get into your home or business, IS came about to prevent other people from getting your data without your explicit consent
In the end everything revolves around permissions -> If we can bypass them, we can get to the data. Which is why it's always a cat and mouse race between IS specialists and hackers
CIA Concepts
Confidentiality
Preventing unauthorized access to our data (read permissions)
Integrity
Preventing unauthorized modifications to our data (this can mean creating, changing and deleting files or in other words - write permissions)
Availability
Making sure that the data is available for authorized users
Types Of Security Mechanisms
- Network security -> Allow / disallow access to computers or ports based on user / source computer
This can be achieved with Firewalls, NACs and Micro-segmentation solutions (Specific FW rules for each computer such as what ports can be opened, by which app, etc)
- Application security -> Application specific security controls (permissions), A user can have access to a computer but that does not mean he can access the app itself
- Endpoint security -> Anti-viruses, EDR, XDR - Their purpose is guarding your computer from attackers that might be trying to steal or lock your data for their own gain
- Data security -> Data loss prevention solutions - The purpose of this type of mechanism is to stop authorized users from sending confidential data to other (possibly) unauthorized people
By people I mean anyone, a user can be part of some organization but it does not mean that they can only send the data to other fellow users