Chapter 5 Technical means of information protection 5.1. Information security Information security refers to the security of information and its supporting infrastructure from any accidental or malicious influences that may result in

5.4. Information protection methods

Hazard Information System (HIS) Drivers and other workers of road transport organizations directly involved in the registration, preparation and maintenance of the transportation of dangerous goods must comply with the requirements of the rules of the Ministry of Emergency Situations, when

Question 1. Information resources and confidentiality of information In accordance with the current Federal Law "On Information, Informatization and Protection of Information", information resources of an enterprise, organization, institution, bank, company and others

Question 2. Threats to confidential information of the organization All information resources of the company are constantly exposed to objective and subjective threats of loss of the medium or the value of information. Under the threat or danger of loss of information is understood as a single or

Question 2. Model and methodology of the corporate information security system In accordance with Art. 20 of the Federal Law "On Information, Informatization and Information Protection", the goals of information protection are, inter alia, to prevent leakage, theft, loss, distortion, counterfeiting

Lecture 5 Conceptual foundations of information security in automated systems Educational questions: 1. Analysis and typification of organizational and hardware-software structures of enterprise automated systems 2. Analysis of possible threats and their specificity in various types

Question 3. Systematization of types of information protection In practical activities on the application of measures and means of information protection, the following independent areas are distinguished, determined in accordance with the existing industry structures and types of information

Question 3. Principles of protection of banking automated systems Each security information processing system should be developed individually, taking into account the following features :? organizational structure of the bank ;? the volume and nature of information flows (within the bank in

Question 2. The unified concept of information security.

Question 2. Formal models of protection Consider the so-called matrix model of protection, which has received the most widespread in practice. In terms of the matrix model, the state of the protection system is described by a triple: (S, O, M), where S is a set of subjects

Question 1. The purpose of mathematical models for ensuring information security in an automated control system.

Question 2. Comparative analysis and basic definitions of mathematical models for ensuring information security Existing technologies for the formal description of information security processes are based on the concepts of the theory of finite automata, theory

Question 1. Legal and organizational protection measures Legal remedies are mainly reduced to administrative and criminal liability for the deliberate creation and spread of a virus or "Trojan horses" with the aim of causing damage Difficulty of their application

Question 2. Hardware and software methods and means of protection In modern personal computers, the principle of separation of software and hardware is implemented. Therefore, software viruses and Trojan horses cannot effectively influence the hardware, unless

Introduction

Conclusion

Bibliography

Introduction

At the present stage of development of our society, many traditional resources of human progress are gradually losing their original value. They are being replaced by a new resource, the only product not decreasing, but growing over time, called information. Information is becoming today the main resource for scientific, technical and socio-economic development of the world community. The more and faster quality information is introduced into the national economy and special applications, the higher the living standard of the people, the economic, defense and political potential of the country.

The integrity of the modern world as a community is ensured mainly through intensive information exchange. The suspension of global information flows, even for a short time, can lead to a crisis no less than the rupture of interstate economic relations. Therefore, in the new competitive market conditions, there are a lot of problems associated not only with ensuring the safety of commercial (entrepreneurial) information as a type of intellectual property, but also individuals and legal entities, their property and personal safety.

The purpose of this work is to consider information security as an integral part of national security, as well as to identify the degree of its security at the present stage, to analyze internal and external threats, to consider problems and ways to solve them.

In this regard, certain tasks have been set:

.Determine the place and importance of information security at the present stage of development;

2.Consider the legal framework in the field of information protection;

.Identify the main problems and threats and ways to solve them.

Chapter 1. Problems and Threats of Information Security

1.1 The place of information security in the national security system of Russia

The national security of the Russian Federation essentially depends on ensuring information security, and in the course of technological progress, this dependence will increase.

In the modern world, information security is becoming a vital condition for ensuring the interests of individuals, society and the state and the most important, pivotal link in the entire national security system of the country.

The Doctrine of Information Security of the Russian Federation, approved by the President of the Russian Federation in 2001, became the normative and legal basis for regulating the protection of information. It is a set of official views on the goals, objectives, principles and main directions of ensuring information security in Russia. The Doctrine addresses:

objects, threats and sources of threats to information security;

possible consequences of information security threats;

methods and means of preventing and neutralizing threats to information security;

features of ensuring information security in various spheres of life of society and the state;

the main provisions of the state policy on ensuring information security in the Russian Federation.

The doctrine examines all work in the information sphere on the basis of and in the interests of the Concept of National Security of the Russian Federation.

She identifies four main components of Russia's national interests in the information sphere.

The first component includes the observance of the constitutional rights and freedoms of man and citizen in the field of obtaining and using information, ensuring the spiritual renewal of Russia, preserving and strengthening the moral values ​​of society, the traditions of patriotism and humanism, the cultural and scientific potential of the country.

For its implementation it is necessary:

to increase the efficiency of using the information infrastructure in the interests of social development, the consolidation of Russian society, the spiritual revival of the multinational people of the country;

to improve the system of formation, preservation and rational use of information resources, which form the basis of the scientific, technical and spiritual potential of Russia;

ensure constitutional human and civil rights and freedoms to freely seek, receive, transmit, produce and disseminate information in any legal way, to receive reliable information about the state of the environment;

to ensure the constitutional rights and freedoms of a person and citizen to personal and family secrets, privacy of correspondence, telephone conversations, postal, telegraph and other messages, to protect their honor and good name;

to strengthen the mechanisms of legal regulation of relations in the field of intellectual property protection, to create conditions for compliance with the restrictions on access to confidential information established by federal legislation;

guarantee freedom of the media and prohibit censorship;

not to allow propaganda and agitation that contribute to the incitement of social, racial, national or religious hatred and enmity;

confidential information protection russia

to ensure a ban on the collection, storage, use and dissemination of information about a person's private life without his consent and other information, access to which is limited by federal law.

The second component of national interests in the information sphere includes information support of the state policy of the country, associated with bringing to the Russian and international community reliable information about its official position on socially significant events in Russian and international life, with ensuring citizens' access to open state information resources. This requires:

to strengthen the state mass media, to expand their capabilities for timely delivery of reliable information to Russian and foreign citizens;

to intensify the formation of open state information resources, to increase the efficiency of their economic use.

The third component of national interests in the information sphere includes the development of modern information technologies, including the information technology industry, telecommunications and communications, ensuring the needs of the domestic market with these products and entering the world market, as well as ensuring the accumulation, safety and effective use of domestic information technologies. resources.

To achieve a result in this area, it is necessary:

develop and improve the infrastructure of a single information space in Russia;

develop the domestic information services industry and improve the efficiency of using state information resources;

to develop the production in the country of competitive means and systems of informatization, telecommunications and communications, to expand Russia's participation in international cooperation of manufacturers of these means and systems;

to provide state support for fundamental and applied research, developments in the fields of informatization, telecommunications and communications.

The fourth component of national interests in the information sphere includes protecting information resources from unauthorized access, ensuring the security of information and telecommunication systems.

For these purposes, it is required:

to increase the security of information systems (including communication networks), first of all, primary communication networks and information systems of state authorities, financial and credit and banking spheres, the sphere of economic activity, systems and means of informatization of weapons and military equipment, command and control systems of troops and weapons, environmentally hazardous and economically important industries;

to intensify the development of domestic production of hardware and software for information protection and methods of monitoring their effectiveness;

to ensure the protection of information constituting a state secret;

expand international cooperation of Russia in the field of safe use of information resources, countering the threat of confrontation in the information sphere.

1.2 The main problems of information security and ways to solve them

Ensuring information security requires solving a whole range of tasks.

The most important task in ensuring the information security of Russia is the implementation of a comprehensive account of the interests of the individual, society and the state in this area. The doctrine defines these interests as follows:

the interests of the individual in the information sphere are in the realization of the constitutional rights of a person and citizen to access information, to use information in the interests of carrying out activities not prohibited by law, physical, spiritual and intellectual development, as well as in protecting information that ensures personal safety;

the interests of society in the information sphere are to ensure the interests of society in this area, to consolidate democracy, to create a legal social state, to achieve and maintain social harmony, in the spiritual renewal of Russia;

the interests of the state in the information sphere are to create conditions for the harmonious development of the Russian information infrastructure, the implementation of constitutional rights and freedoms of a person (citizen) in the field of obtaining information. At the same time, it is required to use this sphere only in order to ensure the inviolability of the constitutional order, sovereignty and territorial integrity of Russia, political, economic and social stability, in the unconditional provision of law and order, and the development of equal and mutually beneficial international cooperation.

The Doctrine combines general methods for solving key tasks in ensuring information security into three groups:

legal;

organizational and technical; economic.

Legal methods include the development of normative legal acts regulating relations in the information sphere, and normative methodological documents on issues of ensuring information security of the Russian Federation (they are discussed in detail in Chapter 4 of this manual).

Organizational and technical methods of ensuring information security are:

creation and improvement of information security systems;

strengthening the law enforcement activity of the authorities, including the prevention and suppression of offenses in the information sphere;

creation of systems and means to prevent unauthorized access to information and impacts that cause destruction, destruction, distortion of information, changing the normal modes of operation of systems and means of information and communication;

certification of information security means, licensing of activities in the field of state secret protection, standardization of methods and means of information security;

control over the actions of personnel in information systems, training in the field of information security;

formation of a system for monitoring indicators and characteristics of information security in the most important spheres of life and activities of society and the state.

The economic methods of ensuring information security include:

development of information security programs and determination of the procedure for their financing;

improvement of the system of financing of work related to the implementation of legal and organizational and technical methods of information protection, creation of a system of insurance of information risks of individuals and legal entities.

According to the Doctrine, the state in the process of implementing its functions to ensure information security: conducts an objective and comprehensive analysis and forecasting of threats to information security, develops measures to ensure it; organizes the work of authorities to implement a set of measures aimed at preventing, repelling and neutralizing threats to information security; supports the activities of public associations aimed at objectively informing the population about socially significant phenomena of public life, protecting society from distorted and inaccurate information; exercises control over the development, creation, development, use, export and import of information security tools through their certification and licensing of information security activities; conducts the necessary protectionist policy in relation to manufacturers of information technology and information protection in the territory of the Russian Federation and takes measures to protect the internal market from the penetration of low-quality information technology and information products; contributes to the provision of individuals and legal entities with access to world information resources, global information networks; formulates and implements the state information policy of Russia; organizes the development of a federal program for ensuring information security, combining the efforts of state and non-state organizations in this area; contributes to the internationalization of global information networks and systems, as well as the entry of Russia into the world information community on the basis of equal partnership.

When solving the main tasks and implementing the top-priority measures of state policy to ensure information security, the desire to solve mainly regulatory and technical problems currently dominates. Most often we are talking about "the development and implementation of legal norms", "raising the legal culture and computer literacy of citizens", "creating secure information technologies", "ensuring technological independence", etc.

The development of the training system for personnel used in the field of information security is also planned accordingly, that is, training in the field of communication facilities, information processing, and technical means of its protection prevails. To a lesser extent, training of specialists in the field of information and analytical activities, social information, information security of the individual is carried out. Unfortunately, many state institutions consider the technical side of the problem to be the most important, overlooking its socio-psychological aspects.

1.3 Sources of information security threats

Information security threats are the use of various types of information against one or another social (economic, military, scientific and technical, etc.) object in order to change its functionality or complete defeat.

Taking into account the general focus, the Doctrine divides information security threats into the following types:

threats to the constitutional rights and freedoms of man and citizen in the field of spiritual life and information activities, individual, group and public consciousness, the spiritual revival of Russia;

threats to information support of the state policy of the Russian Federation;

threats to the development of the domestic information industry, including the industry of informatization, telecommunications and communications, meeting the needs of the domestic market for its products and the entry of these products to the world market, as well as ensuring the accumulation, safety and effective use of domestic information resources;

threats to the security of information and telecommunications facilities and systems, both already deployed and created on the territory of Russia.

Threats to the constitutional rights and freedoms of man and citizen in the field of spiritual life and information activities, individual, group and public consciousness, the spiritual revival of Russia can be:

the adoption by the authorities of legal acts that infringe upon the constitutional rights and freedoms of citizens in the field of spiritual life and information activities;

creation of monopolies on the formation, receipt and distribution of information in the Russian Federation, including using telecommunication systems;

opposition, including from criminal structures, to the exercise by citizens of their constitutional rights to personal and family secrets, secrecy of correspondence, telephone conversations and other messages;

excessive restriction of access to necessary information;

illegal use of special means of influencing individual, group and public consciousness;

non-fulfillment by public authorities and local self-government bodies, organizations and citizens of the requirements of the legislation regulating relations in the information sphere;

illegal restriction of citizens' access to information resources of state authorities and local self-government bodies, to open archival materials, to other open socially significant information;

disorganization and destruction of the system of accumulation and preservation of cultural property, including archives;

violation of constitutional human and civil rights and freedoms in the field of mass media;

ousting Russian news agencies and mass media from the domestic information market and increasing dependence of the spiritual, economic and political spheres of public life in Russia on foreign information structures;

devaluation of spiritual values, propaganda of models of mass culture based on the cult of violence, on spiritual and moral values ​​that contradict the values ​​accepted in Russian society;

decrease in the spiritual, moral and creative potential of the population of Russia;

manipulation of information (disinformation, concealment or distortion of information).

Threats to the information support of the state policy of the Russian Federation can be:

monopolization of the information market in Russia, its individual sectors by domestic and foreign information structures;

blocking the activities of state media to inform Russian and foreign audiences;

low efficiency of information support of the state policy of the Russian Federation due to a shortage of qualified personnel, the absence of a system for the formation and implementation of state information policy.

Threats to the development of the domestic information industry can be:

counteracting access to the latest information technologies, mutually beneficial and equal participation of Russian manufacturers in the global division of labor in the information services industry, information technology, telecommunications and communications, information products, creating conditions for strengthening Russia's technological dependence in the field of information technology;

procurement by public authorities of imported means of informatization, telecommunications and communications in the presence of domestic counterparts;

displacement from the domestic market of Russian manufacturers of information technology, telecommunications and communications;

the use of non-certified domestic and foreign information technologies, information security means, information technology, telecommunications and communications;

the outflow of specialists and intellectual property owners abroad.

The Doctrine divides all sources of threats to information security into external and internal.

The Doctrine refers to external sources of threats:

activities of foreign political, economic, military, intelligence and information structures against the interests of the Russian Federation;

the desire of a number of countries to dominate the global information space, to oust Russia from information markets;

activities of international terrorist organizations;

increasing the technological gap between the world's leading powers and building up their capabilities to counter the creation of competitive Russian information technologies;

activities of space, air, sea and ground technical and other means (types) of reconnaissance of foreign states;

the development by a number of states of concepts of information wars, providing for the creation of means of dangerous influence on the information spheres of other countries, disruption of the functioning of information and telecommunication systems, and obtaining unauthorized access to them.

Internal sources of threats, according to the Doctrine, include: the critical state of a number of domestic industries;

an unfavorable crime situation, accompanied by tendencies for the merging of state and criminal structures in the information sphere, for criminal structures to gain access to confidential information, increase the influence of organized crime on the life of society, reduce the degree of protection of the legitimate interests of citizens, society and the state in the information sphere;

insufficient coordination of the activities of authorities at all levels in the implementation of a unified state policy in the field of information security;

shortcomings of the legal framework governing relations in the information sphere and law enforcement practice;

underdevelopment of civil society institutions and insufficient state control over the development of the information market in Russia;

insufficient funding of measures to ensure information security;

insufficient number of qualified personnel in the field of information security;

insufficient activity of the federal authorities in informing the public about their activities, in explaining the decisions made, in the formation of open state resources and in the development of a system of citizens' access to them;

Russia's lag behind the leading countries in the world in terms of informatization of authorities and local self-government, credit and finance, industry, agriculture, education, health care, services and everyday life of citizens.

Chapter 2. Protecting confidential information

2.1 Classification of information to be protected

Currently, various regulatory documents indicate a significant number (more than 40) types of information that require additional protection. For the convenience of considering the legal regime of information resources on the basis of access, they can be conditionally grouped into four groups:

state secret;

trade secret;

confidential information;

intellectual property.

State secret. The RF Law "On State Secrets" defines state secrets as follows: it is information protected by the state in the field of military, foreign policy, economic, intelligence, counterintelligence and operational-search activities, the dissemination of which may harm the security of Russia (Article 2).

Article 5 of this Law defines a list of information classified as state secrets:

information in the military field - on the content of strategic and operational plans, on plans for the construction of the Armed Forces, development, technology, production, on production facilities, on storage, on the disposal of nuclear ammunition, on the tactical and technical characteristics and possibilities of combat use of weapons and military equipment , on the deployment of missile and critical facilities, etc .;

information in the field of economics, science and technology - on the content of plans for the preparation of the Russian Federation and its individual regions for possible military operations, on production volumes, on plans for state orders, on the production and supply of weapons, military equipment, on the achievements of science and technology that have an important defense or economic value, etc .;

information in the field of foreign policy and economics - on the foreign policy and foreign economic activity of the Russian Federation, the premature dissemination of which may damage the security of the state, etc .;

forces and means of the named activity, its sources, plans and results;

persons who cooperate or have cooperated on a confidential basis with the bodies carrying out the above-mentioned activities;

systems of presidential, government, encrypted, including encrypted and secret communication;

ciphers and information-analytical systems for special purposes, methods and means of protecting classified information, etc.

Any information useful in business and giving an advantage over competitors who do not have such information can constitute a trade secret. In many cases, trade secrets are a form of intellectual property.

According to article 139, part 1 of the Civil Code of the Russian Federation, information constituting a commercial secret includes information that has actual or potential commercial value due to its unknown to third parties and to which there is no free access on a legal basis. It can include various ideas, inventions and other business information.

Decree of the Government of the Russian Federation of 5.12.1991, No. 35 "On the list of information that cannot constitute a commercial secret." Such information includes:

organizational information (charter and constituent documents of the enterprise, registration certificates, licenses, patents);

financial information (documents on the calculation and payment of taxes, other payments provided for by law, documents on the state of solvency);

information on the staff and conditions of activity (the number and composition of employees, their wages, availability of vacancies, the impact of production on the natural environment, the sale of products that harm the health of the population, the participation of officials in entrepreneurial activities, violation of antimonopoly legislation);

information about property (size of property, funds, investments of payments in securities, bonds, loans, statutory funds of joint ventures).

Confidential information. Confidentiality of information is a characteristic of information indicating the need to impose restrictions on the range of subjects who have access to this information. Confidentiality presupposes the preservation of rights to information, its nondisclosure (secrecy) and invariability in all cases, except for legitimate use.

Presidential Decree No. 188 of March 6, 1997 approved a list of confidential information. This list includes:

information about the facts, events and circumstances of the private life of a citizen, allowing to identify his personality (personal data);

information constituting the secrecy of the investigation and legal proceedings;

official information, access to which is limited by state authorities in accordance with the Civil Code of the Russian Federation and federal laws (official secret);

information about professional activities (medical, notarial, attorney's secrets, privacy of correspondence, etc.);

information about the essence of the invention or industrial designs before the official publication of information about them.

The list of confidential information is supplemented by other regulatory legal acts: Fundamentals of the legislation of the Russian Federation "On the protection of the health of citizens", the laws of the Russian Federation "On psychiatric care and guarantees of the rights of citizens in its provision", "On notaries", "On the legal profession", "On basic guarantees electoral rights of citizens of the Russian Federation "," On Banks and Banking Activities ", as well as the Tax Code of the Russian Federation, the Family Code of the Russian Federation, etc.

As a result, several groups of confidential information can be distinguished, forming certain "secrets":

medical (medical) secrecy;

banking secrecy;

tax secret;

notarial secret;

insurance secrecy;

attorney-client privilege;

the secret of attitude to religion and the secret of confession; secrecy of voting; official secrets, etc.

The information defined by the concept of intellectual property includes most of the above information of a scientific and technological nature, as well as works of literature and art, products of inventive and rationalization activities, and other types of creativity. In accordance with the Law of the Russian Federation "On the Legal Protection of Programs for Electronic Computers and Databases" dated 09.23.1992, computer programs and databases are also objects of copyright, violation of which entails civil, criminal and administrative liability in accordance with the legislation RF.

A certain part of information classified as state and commercial secrets also falls under the definition of intellectual property.

2.2 Organization of information protection

Most experts consider the following "protective" measures to be the most reasonable effort in this direction:

adequate definition of the list of information to be protected;

identifying levels of accessibility and forecasting possible vulnerabilities in access to information;

taking measures to restrict access to information or an object;

organization of the security of the premises and constant control over the safety of information (in particular, the need for lockable cabinets, safes, offices, television security cameras, etc.);

the presence of clear rules for handling documents and their reproduction. As you know, the invention of the duplicating technique literally caused a surge in industrial espionage;

the presence on the documents of the inscriptions "Secret", "For official use", and on the doors - "No unauthorized entry". Each information carrier (document, disk, etc.) must have an appropriate designation and storage location (room, safe, metal box);

signing a nondisclosure agreement with the employees of the organization, the firm.

At present, the main means of protecting information are security measures aimed at preventing the leakage of specific information. The adoption of these measures depends, first of all, on the owners of information, the competitive environment in their field of activity, the value that production or commercial information represents for them, and other factors.

Among the measures for protecting information can be distinguished external and internal.

External activities include: studying partners, clients with whom you have to do business, collecting information about their reliability, solvency and other data, as well as predicting the expected actions of competitors and criminal elements. Whenever possible, persons who show interest in the activities of the organization (firm), in the personnel working in the organization are identified.

Internal measures to ensure security include the selection and verification of persons entering work: their personal data, behavior at the place of residence and at their previous job, personal and business qualities, psychological compatibility with employees are studied; the reasons for leaving the previous place of work, the presence of convictions, etc. are found out. In the process of work, the study and analysis of the employee's actions affecting the interests of the organization is continued, an analysis of his external relations is carried out.

Employees are the most important element of the security system. They can play a significant role in protecting trade secrets, but at the same time, they can be the main reason for their leak. This often happens due to carelessness, illiteracy. Therefore, regular and intelligible training of personnel on secrecy issues is an essential condition for maintaining secrecy. However, cases of deliberate transfer (sale) of company secrets by an employee cannot be ruled out. The motivational basis for such actions is either self-interest or revenge, for example, on the part of a fired employee. The practice of such actions is rooted in antiquity.

Information protection involves the use of special technical means, electronic devices, which allows not only to contain their leakage, but also to stop such a type of activity as industrial (commercial) espionage. Most of them are technical means of detection and means of countering listening devices:

telephone neutralizer (to suppress the operation of the mini-transmitter and neutralize the removal of audio information);

telephone jammer of listening devices;

professional detector (used for "rough" location of radio bookmarks);

mini-detector of transmitters (used to accurately determine the location of radio patches);

noise generator.

Organizations that have valuable information should keep it in special fireproof cabinets or safes, not to allow the keys to be lost or transferred to other persons, even those who are especially trusted, for storage.

One of the widespread methods of protecting intellectual property is a patent, that is, a certificate issued to an inventor or his assignee for the exclusive use of an invention made by him. The patent is intended to protect the inventor (author) from reproduction, sale and use of his invention by others.

The implementation of special internal and external measures to protect valuable information systems should be entrusted to specially trained persons. To this end, an entrepreneur can seek help from private detective firms specializing in the search and protection of property. Own security services can also be created. Since protective measures require significant costs, the entrepreneur himself must decide what is more profitable for him: put up with information leakage or involve specialized services to protect it.

Conclusion

The current state of information security in Russia is a new state, which is only taking shape, taking into account the dictates of the times of a state-public institution. Much has already been done on the way of its formation, but there are even more problems here that require the most prompt solution. In recent years, the Russian Federation has implemented a number of measures to improve information security, namely:

The formation of a legal basis for information security has begun. A number of laws have been adopted that regulate public relations in this area, and work has been launched to create mechanisms for their implementation. The step-by-step result and legal basis for further solving problems in this area was the approval by the President of the Russian Federation in September 2001 of the Doctrine of Information Security of the Russian Federation;

Information security is facilitated by the created:

state information protection system;

system of licensing activities in the field of protection of state secrets;

system of certification of information security means.

At the same time, an analysis of the state of information security shows that there are still a number of problems that seriously impede the full provision of information security of a person, society and the state. The doctrine names the following main problems in this area.

The current conditions of the political and socio-economic development of the country still retain sharp contradictions between the needs of society to expand the free exchange of information and the need for certain regulated restrictions on its dissemination.

The inconsistency and underdevelopment of legal regulation of public relations in the information sphere significantly complicates the maintenance of the necessary balance of interests of the individual, society and the state in this area. Imperfect legal regulation does not allow completing the formation of competitive Russian information agencies and mass media on the territory of the Russian Federation.

Lack of citizens' rights to access information and manipulation of information cause a negative reaction from the population, which in some cases leads to destabilization of the socio-political situation in society.

The rights of citizens to inviolability of private life, personal and family secrets, and secrecy of correspondence, enshrined in the Constitution of the Russian Federation, practically do not have sufficient legal, organizational and technical support. The protection of data about individuals (personal data) collected by federal government bodies, government bodies of the constituent entities of the Russian Federation, and local government bodies is poorly organized.

There is no clarity in the conduct of state policy in the field of the formation of the Russian information space, as well as the organization of international information exchange and the integration of the information space of Russia into the global information space, which creates conditions for ousting Russian news agencies and the media from the internal information market, leading to deformation of the structure international exchange.

There is insufficient government support for the activities of Russian news agencies to promote their products to the foreign information market.

The situation with ensuring the safety of information constituting a state secret is not improving.

Serious damage has been inflicted on the personnel potential of scientific and industrial teams operating in the field of creating information technology, telecommunications and communications, as a result of the mass exodus of the most qualified specialists from these teams.

Bibliography

1.Information security doctrine of the Russian Federation (approved by the President of the Russian Federation of 09.09.2000, No. Pr-1895)

.RF Law "On Security" 2010

.Law of the Russian Federation "On State Secrets", adopted on July 21, 1993 (as amended on 11/08/2011)

.The Law of the Russian Federation "On Copyright and Related Rights", which entered into force on August 3, 1993 (as amended),

.Federal Law "On the Fundamentals of Civil Service", adopted on July 31, 1995,

.Criminal Code of the Russian Federation 2013

How to protect confidential data, how to make the work of processing centers secure?

As elsewhere, in matters of building information security systems, an integrated, balanced, multi-level approach is needed, since a misfire in one issue can negate efforts in all other areas.

In order to understand the main areas to which you should pay attention, let us consider the main features that characterize data storage and processing systems:

all the bulk of information is accumulated in structured databases;

all computer resources are usually located in dedicated, well-guarded server rooms (the so-called data center - data processing centers);

storages are not just dead warehouses of information, but also the presence of a large number of closely related application and service systems (for example, software for archiving information, control, processing systems, systems such as ETL (extraction, transformation, loading), application systems, which, in fact, generate the original data, etc.);

the average storage size is 1 terabyte and more, which dictates a serious attitude towards network infrastructure and information storage and processing systems.

If you do not consider physical security and organizational measures (the organization of processing centers requires a serious approach), then one of the first issues will be the organization of a reliable and secure telecommunications infrastructure, which includes both perimeter protection and internal security.

Processing centers should be kept as closed as possible from outside intrusion attempts. All external connections must include traffic encryption (SSH, IPSec, SSL, etc.), which is also desirable in the internal management network (it is advisable to separate it from the public data network at the physical level or using VLANs). Due to performance issues, core encryption is generally not used.

Different network protocols and network interactions require different levels of protection:

transport layer protection;

VLAN organization, Port Security, etc .;

proxy servers at the perimeter, analyzing the application level of interaction;

Intrusion Detection / Prevention systems, etc .;

Fiber Channel layer: Fiber Channel Authentication Protocol, Switch Link Authentication Protocol, etc .;

SAN level: Virtual SAN, LUN tagging, etc.

8.4. Insider problem

Recently, the problem of information leaks has been frequently discussed and solutions for the control of the telecommunications perimeter and external devices on computers have been considered in connection with the term “insider”.

In this area, there are foreign and domestic solutions for the control of external devices (such as USB, DVD-RW, Bluetooth). Such products are offered by SecureWave (Sanctuary Device Control), Safend, Control Guard, SecurIT and other companies. There is a large group of means of network control and perimeter protection from companies (Info Watch is the most noticeable of domestic companies).

By the way, one should not forget about the need to carefully monitor users' computers: what kind of software is installed on them, whether there are any security holes, what programs are allowed to run, what processes are required to work in the system, etc.

But! As is often the case, an attempt to make the infrastructure as secure as possible creates distortions in the implementation of an integrated security system. Often the forest is not visible behind the trees.

The first thing to note is that there is no 100% protection against information leaks. You can control corporate mail and computer ports, but an attacker will always find additional opportunities to implement his plan. For example, print a document or simply take a picture of the screen with further conversion to the desired electronic format using text recognition programs. In addition, you should be aware of the difficulties associated with how exactly all this is controlled (who will analyze what data the authorized user has written to the USB device?). You can also recall the moral and psychological side of the question: if the company authorized the user to work with this document (therefore, he is entrusted with this work), then where does the need to control his actions arise? In this case, this means that, probably, the very fundamentals of security - corporate management of identity, authorization and access, as well as database protection - are not built correctly in the organization.

41. Organizational and legal measures to protect confidential information.

Organizational protection is the regulation of production activities and the relationship of performers on a regulatory and legal basis that excludes or significantly complicates the illegal acquisition of confidential information and the manifestation of internal and external threats.

Organizational protection provides:

Organization of security, regime, work with personnel,

with documents;

The use of technical security tools and information and analytical activities to identify internal and external threats to business.

Organizational measures play a significant role in creating a reliable mechanism for protecting information, since the possibility of unauthorized use of confidential information is largely determined not by technical aspects, but by malicious actions, negligence, negligence and negligence of users or security personnel. The influence of these aspects is almost impossible to avoid by technical means. This requires a set of organizational, legal and organizational and technical measures that would exclude (or at least reduce to a minimum) the possibility of a risk of confidential information.

The main organizational activities include:

Organization of the regime and protection. Their goal is to exclude the possibility of secret penetration into the territory and premises of unauthorized persons; ensuring the convenience of controlling the passage and movement of employees and visitors; creation of separate production zones by the type of confidential work with independent access systems; control and observance of the temporary working regime and stay on the territory of the company's personnel; organization and maintenance of reliable access control and control of employees and visitors, etc.;

Organization of work with employees, which provides for the selection and placement of personnel, including familiarization with employees, their study, training in the rules of working with confidential information, familiarization with the measures] of responsibility for violation of information protection rules, etc .;

Organization of the use of technical means

collection, processing, accumulation and storage of confidential information;

Organization of work on the analysis of internal and

external threats to confidential information and

development of measures to ensure its protection;

Organization of work to carry out systematic control over the work of personnel with confidential information, the procedure for accounting, storage and destruction of documents and technical media.

To protect confidential information developed in the organization, the following regulatory documents should be developed:

List of information constituting confidential information of the organization;

CI nondisclosure contractual obligation

Instructions for the protection of confidential information

Information protection in computers must be carried out in accordance with the requirements of the RD GostekhCommission, and STR-k (special requirements and recommendations for the technical protection of confidential information).

First of all, a list of information should be developed that constitutes the confidential information of the organization. The list should include all information that is the property of the organization.

Information (and their carriers) means:

Data obtained as a result of information processing using technical means (office equipment);

Information as a part of data that carries useful information and is used by employees of the organization to work for business purposes;

Documents (media), resulting from the mental activity of employees of the organization, including information of any origin, type and purpose, but necessary for the normal functioning of the organization.

Effective protection of information in computer systems is achieved by using appropriate means, which can be conditionally divided into several groups:

1) differentiation of access to information;

2) protection of information during its transmission via communication channels;

3) protection against information leakage on various physical fields arising during the operation of technical means of computer systems;

4) protection against the effects of virus programs;

5) security of storage and transportation of information on media and its protection from copying.

The main purpose of such tools is to delimit access to local and network information resources of computer systems, which provide: identification and authentication of users, delimitation of access of registered users to information resources, registration of user actions, protection of operating system loading from flexible media, control of the integrity of information protection tools, and information resources. Despite the functional commonality of the information security tools of this group, they differ from each other in terms of operation, the complexity of setting and managing the parameters, used identifiers, the list of registered events and cost. Information security tools are divided into formal that perform this function according to a predetermined procedure without human intervention, and informal (restricting the activities of personnel or severely regulating it).

The main means of protection include technical and programmatic ; technical means are usually divided into physical and hardware.

Physical aids are implemented through autonomous devices and security systems (burglar alarms, shielding shells for equipment, internal shielding protection of individual rooms, means of external and internal surveillance, locks on doors, etc.).

Hardware- these are devices that are directly built into devices that interface with the equipment used for data processing via a standard interface (parity information control circuits, memory field protection circuits by key and special registers).

TO software include special programs and / or modules that perform information security functions.

The use of only one of these methods of protecting information does not solve the problem - an integrated approach is required. There are two main methods commonly used: obstruction and access control.

Block- creation of physical obstacles (for access to the territory of the organization, directly to physical media).

Access control- regulation and regulation of authorized access to technical, software, information resources of the system.

In turn, authorized access control is ensured through certain protection functions:

User identification - the initial assignment to each user of a personal name, code, password, analogues of which are stored in the security system;

Authentication (authorization check) - the process of comparing the presented identifiers with those stored in the system;

Creation of conditions for work within the established regulations, that is, the development and implementation of complex measures in which unauthorized access is minimized;

Registration of calls to protected resources;

Adequate response to unauthorized actions.

Antivirus software- the most widespread means of protection - from individual computers of home users to huge corporate networks (Kaspersky Antivirus 7.0, Dr. Web 4.44 + antispam, AVPersonal, Panda, NOD32).

Electronic digital signature (EDS)- a sequence of characters obtained as a result of cryptographic transformation of electronic data. EDS is added to the data block and allows the recipient of the block to check the source and integrity of the data and to protect against counterfeiting. EDS is used as an analogue of a handwritten signature.

Transparent encryption tools protect your data from inadvertent disclosure and prevent spies from infiltrating other users' data. At the same time, encryption keys are stored in accounts, so for the legal owners of information, its decryption occurs imperceptibly. There are several such solutions on the market; in particular, they are offered by Microsoft. Microsoft's solution is used in the operating system in the form of the EFS cryptographic file system. However, if an employee who has access rights to encrypted data accidentally sends it by e-mail or transfers it to an unencrypted medium, then the protection will be violated. To eliminate the risk of such accidental leaks, the company can monitor the transmission of data via e-mail and Web protocols (to protect the transmission of Web-mail). But from the covert data transfer that spies can come up with, such systems most likely will not be able to provide security. In particular, no protection can open a properly encrypted file, and therefore cannot check its content. However, for domestic companies, the most interesting are services for the development of an integrated protection system, which includes, among other things, the creation of mechanisms to prevent internal threats.

Content control. The latest upsurge in interest in content control systems has been fueled by spam issues. However, the main purpose of content controls is still to prevent leakage of confidential information and suppress misuse of the Internet. One of the top priorities for vendors of such tools is to make sure that the content control system does not work for the user.

Firewalls were and are the basic means of protecting connections to external networks, differentiating access between segments of the corporate network, protecting data streams transmitted over open networks. The first (and most important) thing to do to ensure your network security is to install and properly configure a firewall (also called a firewall or firewall). A firewall — in computer science — is a software and / or hardware barrier between two networks, allowing only authorized interconnections to be established. A firewall protects the corporate network connected to the Internet from outside intrusion and prevents access to confidential information. Correct configuration and maintenance of the firewall is the responsibility of an experienced system administrator.

To protect small networks where there is no need to make a lot of settings related to flexible bandwidth allocation and restricting traffic by protocols for users, it is better to use Internet gateways or Internet routers.

Firewalls also carry out anti-virus scanning of downloaded WEB or E-mail content. Antivirus databases are updated over the Internet to keep your network protected as new viruses emerge. All statistics about data flow, signaling about attacks from the Internet and information about user activity on web-navigation are saved in real time and can be provided in the form of a report.