It is carried out using special software and hardware for monitoring incoming traffic. As soon as an attack is recorded, access is immediately blocked by the system, and a message about the danger is sent to the responsible employee.
There are two ways to ensure protection against intrusions:
With the help of IPS. This system blocks any suspicious activity and carefully sifts traffic, discarding everything unnecessary. The system is good because it both detects and prevents threats. One of the disadvantages is that IPS often triggers inappropriately. The administrator has to be distracted by this, run a check, and stop the network for a while.
With the help of IDS. The organize your finances with mint system notices suspicious activity and notifies the responsible employee. The advantages of this method are that intrusions are tracked very effectively, and further decisions on them are made by the administrator. The negative aspect is that if this specialist does not act quickly enough, the system can be seriously damaged.
Intrusion Prevention
Preventing leaks
This refers to measures to maintain the confidentiality of corporate data. There are two ways that valuable information can fall into the hands of outsiders:
targeted theft (espionage, insider theft, raiders);
carelessness of your own employees (sending a password in an email, opening viral links, losing a storage device with valuable data, lack of control over access rights, etc.).
Malicious thefts can be prevented by introducing a strict access control system (for entering the organization's territory, any department), installing surveillance equipment. In addition, information destruction equipment is used, data is encrypted, stored on servers in other countries, etc.
The usual way to combat staff inattention is to reduce access rights to corporate data to the minimum possible, impose individual responsibility on the employee, strictly regulate work with important documentation and information carriers (used by employees), and transfer valuable information only through secure channels.
Also, business information security can be enhanced by recording telephone conversations, implementing RMS and DLP, using encrypted USB cards, monitoring traffic, monitoring personnel while working on a PC, etc.
Protecting files with valuable information
We are talking about information stored on company-owned computers and servers. The following methods are available to protect files:
data encryption (using EFS, Qnap, CryptoPro, etc.);
encryption of gadgets used by staff: mobile phones, laptops, any media (using special programs such as Kasperskiy, SecretDisk, Endpoint Encryption or encryption modules produced by Sony, Asus and others);
encryption of data from the system administrator (TrueCrypt is used);
mandatory registration of mobile phones through monitoring system trackers (using Kaspersky or Prey software);
full or partial blocking of access to certain files (Active Directory Rights Management Services has proven itself to be a good tool here);
use of a single authentication. Here you can choose to bind the equipment to the domain structure (domain authorization) and use an electronic key (E-token), or use the SMS notification system.
Protecting files with valuable information