IT security overview
The Internet has become a modern tool for information, communication and trade. With the increasingly important role that the Internet plays in today’s business environment, companies use more mobile devices connected to data networks, interconnected via the Internet, e-commerce websites or mail servers, all of which are very important or even indispensable tools for achieving business objectives.
Most companies do not realize the risks involved in using the Internet without taking security into account. Currently all the important data of a company (financial data, contracts, written communication, databases of customers, suppliers) are also stored in digital format in the information infrastructure.
Data security available within the network, information security transmitted by messaging systems and internet security services become a critical issue for any company and are just as important as the physical security of a company or its documents.
IT security provides three data features: confidentiality, data integrity and availability.
Confidentiality is the prevention of access of unauthorized personnel or systems to company information.
Integrity is making sure that information cannot be altered without authorization. Data integrity is compromised when an employee is allowed to change or delete files or important information, when computers are infected by viruses, when an unauthorized user can modify information in a website or a database and so on.
In order to fulfill its role, a system should provide the information when needed. Therefore, the systems storing the information, the security policies applied to protect the information and the communication channels used for access should work properly.
Data availability should be ensured by using High Availability solutions, by preventing service interruption due to power failure, technical malfunctions, by making regular upgrades and by preventing DOS attacks (Denial of Service).
Risk Management
Risk Management is the process of identifying the vulnerabilities of IT resources used by a company to achieve its business targets and to decide which measures to take in order to reduce risks, depending on the criticality of the company’s computer resources.
As required by security standards, HQ will provide the security management of your IT infrastructure by:
- Drafting a security policy;
- Organizing and centralizing the IT security;
- Rigorously managing user accounts and access;
- Securing hardware and software equipment;
- Managing communications and computer operations;
- Fast monitoring and handling of security incidents;
- Constantly checking security logs.
HQ ensures information security through various methods
- Securing access using firewall solutions, complex passwords and authentication certificates, regular renewals of access information, limiting access to authorized locations only;
- VPN (Virtual Private Network) solutions for securing the information transfer between multiple locations or remote connections within your computer infrastructure;
- Implementing and administrating access rights to the company’s sensitive information;
- Establishing levels of access to documents for company employees;
- Encrypting confidential data;
- Proposing anti-Virus and anti-spam advanced solutions for data security.