--Originally published at BECOME A BADASS IN INFORMATION SECURITY
Usually when we talk about information security we only think in big companies and gigantic infrastructures that custody and protect their data, nevertheless everybody must protect his data.
Granting that the resources of a company are available any time and that they are not damaged or infected for external factors is known as information security.
In general terms, the security can be understood like those technical rules or activities that are intended to prevent, protect and backup your data.
Why is so important the information security?
Due to other people that are looking to stole, destroy, or alter your data, this people also known as hackers, they want to have access to your network and do whatever they want to do.
But also that people can belong to the company, mostly they want to hijack your data or sold it to other company. More of the data attacks are done by people inside the company due to the fact that is easier for them to know the company’s processes and its vulnerabilities.
There is not perfect system that will never have vulnerabilities but most of the attacks that have been performed successfully were done because the network didn’t implement good security practices .
This results in the loss and alteration of sensible data in the organization which usually represents a damage of billions of dollars.
Threats and vulnerabilities
In order to reduce and prevent a possible attack, it is necessary to implement security measures, for instance:
- Identify and select the data that you want to protect (sensible data).
- Establish priority levels and the importance of the data in each levels.
- Know the consequences that the company would have to pay in terms of money, productivity and loss of sensible data.
- Identify threats and vulnerability levels in the network.
- Implement and immediate response case of an attack.
This kind of security politics will save you money and productivity for your company.
Tools to get it done
Your company architecture must have an antivirus, backup tools, network monitoring, firewalls, authentication (two steps) and online security services. This will keep the user alert in case of any attack, know its roots, and solve the problem before it happens again.