Information protection types and content of events. Technical methods of obtaining information

If the results do not frighten you, you can proceed to the next large block of work. This block is to create a legal framework for the protection of information. In general terms, these activities consist of the creation of the Regulations on trade secrets and the List of information classified as trade secrets, familiarization of all employees with this provision, signing by each employee of the Agreement on Non-Disclosure of Trade Secrets. A large number of documents is due to the fact that the institution of trade secrets in Russian law is regulated by several branches of law: - Civil law - Criminal law - Labor law I draw Special attention at this stage. If you want to take legal action to protect your property (in this case information), then consider the implementation of these activities. Of fundamental importance is not only every word in the non-disclosure agreement, but also the construction of sentences and the general logic of the document. You can then move on to the next steps.

First of all, it is necessary to talk about preventive measures, and then about measures to identify and suppress attempts of unauthorized removal of information, attempts to destroy or distort information. Preventive (preventive) should include: - explanatory and educational work with staff - an explanation of what is a trade secret, how to protect it, what are the consequences of its disclosure, what should an employee do in a given situation, EVERY employee should feel that this sufficient attention has been given to the issue. - creating conditions for employees to protect information - conditions for storing information media (safe, lockable cabinet, etc.), conditions for the safe transmission of information (closed communication channels) - preventive cleaning of especially important premises - before important events, after meetings, and it is also necessary to routinely check especially important premises for the presence of technical channels for information leakage - regular inspection of the territory of the facility - is carried out with the same purpose as the previous event - the creation special regime work both at the enterprise as a whole, and work with protected information in particular - this is a clear regulation of the storage, transfer, use, destruction of protected information with detailed description who, in what situation and what should be done, this is also the control of compliance this mode- study of candidates for work in the company - this is finding out the biography of the candidate, identifying his connections with crime, negative facts of life, connection with direct and indirect competitors or ill-wishers, reviews from previous jobs, etc.

Measures to identify facts or attempts to steal, modify and destroy information include: - continuous monitoring of the electromagnetic environment - instrumental monitoring of all emissions at the facility and electromagnetic signals in communications - operational measures - undercover work, provocations, work with staff, with partners, with clients and with competitors.

Prevention measures are a logical continuation previous actions: - actual suppression - punishment of an employee (this requires an evidence base), removal of a mortgage device, etc. - creation of a system for suppressing unauthorized radiation - the use of materials that absorb electromagnetic radiation in construction and interior decoration, the installation and periodic use of a system of noise generators - the masking or encryption of useful signals - the use of devices or programs that encrypt transmitted information or masking its presence. This is a short list of what needs to be created for the normal operation of the information security system. This is not a one day job and the system will not work on its own even if everything is described in detail on paper. In order for this colossus to start producing results, you need a person who knows HOW to do it, who is able and willing to do it, as well as appropriate management support, especially at initial stage- the stage of formation. This is primarily due to the resistance of employees to the creation of the system. After all, this is a complication of their work, which means additional efforts on their part. And people are lazy and therefore will resist all innovations that somehow complicate their lives, even knowing full well the importance and necessity of these innovations.

information commercial secret classification

1

The degree of relevance of the problem of information security at the present time is determined. The main definitions related to engineering and technical protection are presented. The stages of ensuring the protection of information necessary for enterprises are described. The distribution of protected objects into the corresponding classes has been carried out. Possible channels of information leakage are described and a classification of technical channels of information leakage is presented. Established requirements for the scope and nature of a set of measures aimed at protecting confidential information from leakage through technical channels during the operation of the protected object. The main officials at the enterprise responsible for the implementation of information security are indicated. The types of technical means for receiving, processing, storing and transmitting information are considered. The main methods and means of protecting information from leakage through technical channels are described - organizational, search and technical. Methods of active and passive protection of information are presented.

data protection

facilities

leakage channels

classification

information

1. Khorev A.A. Organization of information protection from leakage through technical channels // Special Technique. - 2006. - No. 3.

2. Khalyapin D.B. Data protection. Are you being overheard? Protect yourself. - M .: NO SHO Bayard, 2004.

3. Averchenkov V.I., Rytov M.Yu. Information security service: organization and management: tutorial for universities [electronic resource] - M.: FLINTA, 2011.

4. Torokin A.A. Fundamentals of engineering and technical protection of information. – M.: Gelius, 2005.

5. Buzov G.A. Protection against information leakage through technical channels. M.: Hot line, 2005.

Information is now the key. Information - information about persons, facts, events, phenomena and processes, regardless of the form of their presentation. Possession of information at all times gave advantages to the side that had more accurate and extensive information, especially if it concerned information about rivals or competitors. "Whoever owns the information owns the world" (Nathan Rothschild - British banker and politician).

The problem of information security has always existed, but at present, due to the huge leap in scientific and technological progress, it has gained particular relevance. Therefore, the task of information security specialists is to master the whole range of techniques and methods of information security, methods of modeling and designing information security systems. One of the ways to protect information is the engineering and technical protection of information. Engineering and technical protection is a set of special bodies, technical means and measures for their use in the interests of protecting confidential information.

Information leakage is understood as an unauthorized process of transferring information from a source to a competitor. The physical path of information transfer from its source to an unauthorized recipient is called a leak channel. The channel in which unauthorized transfer of information is carried out using technical means is called the technical channel of information leakage (TCLE). The classification of technical channels of information leakage is shown in the figure.

To ensure high-quality protection of information from leakage through technical channels, first of all, a differentiated approach to protected information is needed. To do this, they must be divided into appropriate categories and classes. In this case, the classification of objects is carried out in accordance with the tasks of technical protection of information. It also establishes requirements for the volume and nature of a set of measures aimed at protecting confidential information from leakage through technical channels during the operation of the protected object.

Protection class A includes objects on which information signals are completely hidden that occur during information processing or negotiation (hiding the fact of processing confidential information at the object).

Classification of technical channels of information leakage

Protection class B includes objects on which the parameters of information signals that arise during information processing or negotiation are hidden, for which it is possible to restore confidential information (hiding information processed at the object).

Depending on the nature of the source of confidential information, leakage channels are classified as follows:

• electromagnetic channels of information leakage in the radio frequency range of electromagnetic waves, in which the technical reconnaissance (unmasking) sign of the protected objects is electromagnetic radiation, the parameters of which qualitatively or quantitatively characterize a specific object of protection;
• electromagnetic channels of information leakage in the infrared range of electromagnetic waves, in which the technical unmasking feature of the object of protection is the own radiation of objects in this range;
• acoustic channel of information leakage. Used to obtain information in acoustic speech and signal intelligence;
• hydroacoustic channels of information leakage. It is used when receiving information about the transmission of sound information communications, reconnaissance of noise fields and hydroacoustic signals;
• seismic information leakage channels, which allow, by detecting and analyzing deformation and shear fields in the earth's surface, to determine the coordinates and strength of various explosions, as well as intercept ongoing negotiations at a short distance;
• magnetometric information leakage channels that provide information about objects through detection local changes Earth's magnetic field under the influence of the object;
• chemical channels of information leakage that allow obtaining information about an object by contact or remote analysis of changes in the chemical composition of the environment surrounding the object.

The process of ensuring information security can be divided into several stages.

The first stage (analysis of the object of protection) is to determine what needs to be protected.

The analysis is carried out in the following areas:

• the information that needs to be protected in the first place is determined;
• stand out the most important elements(critical) protected information;
• the lifetime of critical information is determined (time, required by a competitor for the implementation of the obtained information);
• determined key elements information (indicators) reflecting the nature of the protected information;
• indicators are classified according to the functional areas of the enterprise (production and technological processes, the system of logistics for production, divisions, management, etc.).

The second step is to identify threats:

• it is determined - who may be interested in protected information;
• methods used by competitors to obtain this information are evaluated;
• probable channels of information leakage are assessed;
• a system of measures is being developed to suppress the actions of a competitor.

The third one analyzes the effectiveness of adopted and permanently operating security subsystems ( physical security documentation, reliability of personnel, security of communication lines used to transfer confidential information, etc.).

Fourth - the definition of necessary protective measures. Based on the first three stages of analytical studies, the necessary additional measures and means to ensure the security of the enterprise are determined.

Fifth - the leaders of the firm (organization) consider the submitted proposals for all necessary security measures, and calculate their cost and effectiveness.

The sixth is the implementation of additional security measures, taking into account the established priorities.

The seventh is the implementation of control and bringing the implemented security measures to the attention of the company's personnel.

Within the framework of the organization, the process of protecting information passes, to one degree or another, through the above stages.

The enterprise security system is currently understood as an organized set of special bodies, services, means, methods and measures that ensure the protection of the vital interests of the individual, enterprise and state from internal and external threats.

The company's security system consists of the following main elements (officials and bodies):

• The head of the company in charge of information security issues.
• Company Security Council.
• Company security service.
• Departments of the firm involved in ensuring the security of the firm.

Safety management is assigned, as a rule, to the head of the company and his deputy for general issues(1st Deputy), to whom the security service is directly subordinate.

To organize the protection of information at the enterprise, it is necessary to form a Security Council. It is a collegial body under the head of the company, whose composition is appointed by him from among qualified and responsible for information security officials. The Security Council develops proposals for the manager on the main issues of ensuring the protection of information, including:

• areas of activity of the company to ensure security;
• improvement of the security system;
• interaction with authorities, customers, partners, competitors and consumers of products, etc. .

Along with technical means for receiving, processing, storing and transmitting information (TSPI), technical means and systems are installed in the premises that are not directly involved in the processing of confidential information, but are used in conjunction with TSPI and are located in the zone of the electromagnetic field created by them. Such technical means and systems are called auxiliary technical means and systems (ATSS).

In organizations, work on engineering and technical protection Information usually consists of two stages:

• construction or modernization of the protection system;
• maintaining information security at the required level.

The formation of an information security system is carried out in newly created organizations, in the rest, modernization is carried out existing system.

Depending on the goals, the procedure for carrying out measures to ensure the security of information and the equipment used, methods and means of protecting against information leakage through technical channels can be divided into organizational, search and technical.

Organizational ways to protect

These measures are carried out without the use of special equipment and involve the following:

• establishment of a controlled zone around the facility;
• the introduction of frequency, energy, temporal and spatial restrictions in the modes of operation of technical means for receiving, processing, storing and transmitting information;
• disconnection for the period of closed meetings of auxiliary technical means and systems (ATSS), which have the qualities of electro-acoustic converters (telephone, fax, etc.), from connecting lines;
• use only certified TSPI and HTSS;
• involvement in the construction and reconstruction of allocated (protected) premises, the installation of TSPI equipment, as well as in the work on protecting information, exclusively organizations licensed by the relevant services for activities in this area;
• categorization and certification of informatization objects and allocated premises for compliance with the requirements for ensuring the protection of information when working with information of varying degrees of secrecy;
• regime restriction of access to TSPI accommodation facilities and allocated premises.

Search activities

Portable listening (mortgage) devices are identified during special surveys and inspections. Inspection of TSPI accommodation facilities and allocated premises is carried out without the use of equipment by visual inspection. During special check, performed using passive (receiving) and active search tools, is carried out:

• control of the radio spectrum and spurious electromagnetic radiation of the TSPI;
• detection with the help of indicators of the electromagnetic field, interceptors, frequency meters, scanners or software and hardware systems behind the scenes installed listening devices;
• a special check of allocated premises, TSPI and HTSS using non-linear locators and mobile x-ray units.

Technical protection

Such events are carried out using both passive and active protective techniques and means. Passive technical methods of protection include:

• installation of access restriction and control systems at TSPI accommodation facilities and in allocated premises;
• shielding of TSPI and connecting lines of means;
• grounding of TSPI and screens of connecting lines of devices;
• soundproofing of allocated premises;
• embedding in VTSS, having a "microphone" effect and having an exit beyond the controlled zone, special filters;
• introduction of autonomous and stabilized sources, as well as uninterrupted power supply devices in the TSPI power supply circuit;
• installation in the power supply circuits of the TSPI, as well as in the power networks of dedicated premises of noise suppression filters.

Active influence on leakage channels is carried out by implementing:

• spatial noise generated by electromagnetic noise generators;
• targeted interference generated at the operating frequencies of the radio channels of eavesdropping devices by special transmitters;
• acoustic and vibration interference generated by vibroacoustic protection devices;
• suppression of voice recorders by devices of directional high-frequency radio emission;
• noisy electrical networks, extraneous conductors and connecting lines of VTSS that go beyond the controlled zone;
• modes of thermal destruction of electronic devices.

As a result of using the funds to carry out measures to ensure the engineering and technical protection of information, the organization will significantly reduce the likelihood of threats being realized, which undoubtedly contributes to the preservation of the material and intellectual capital of the enterprise.

Reviewers:

Kitova O.V., Doctor of Economics, Professor, Head of the Department of Informatics, FSBEI HPE “Russian University of Economics named after G.V. Plekhanov” of the Ministry of Education and Science of the Russian Federation, Moscow;

Petrov L.F., Doctor of Technical Sciences, Professor of the Department of Mathematical Methods in Economics, G.V. Plekhanov” of the Ministry of Education and Science of the Russian Federation, Moscow.

The work was received by the editors on March 18, 2014.

Bibliographic link

Titov V.A., Zamaraeva O.A., Kuzin D.O. MEASURES TO ORGANIZE ENGINEERING AND TECHNICAL PROTECTION OF INFORMATION // Basic Research. - 2014. - No. 5-3. – P. 573-576;
URL: http://fundamental-research.ru/ru/article/view?id=33920 (date of access: 04/06/2019). We bring to your attention the journals published by the publishing house "Academy of Natural History"

Everyone has already ceased to be surprised by the fact that information constantly appears on sale that constitutes a trade secret of an organization. Today it will not be difficult to acquire a client base or personal data of employees of a company you are interested in. This is because the leaders of the organizations do not make sufficient efforts to protect information related to trade secrets. Moreover, do not forget about the real-life hunters for such information. Scientific and technological progress has introduced into our lives a large number of technical means that allow recording telephone conversations, meetings, it became possible to read information from a computer screen, geographically being outside the company's location.

But the main source of information leakage are employees. It is they who “leak” information that is a trade secret. There can be a lot of reasons for this - and getting additional income, and through negligence or by accident.

Today, companies specializing in technical protection valuable information, offer a range of products capable of dynamically blocking devices through which attackers can download information.

But it is more difficult to build protection against the human factor. It is necessary to clearly explain to employees what information is classified as a trade secret, and what is the degree of responsibility for its disclosure. Limit access to information constituting a trade secret: determine the procedure for handling this information, monitor compliance with this procedure. Design special instruction on confidentiality.

It is mandatory to conclude employment contracts with employees, and with contractors (Latin contrahens - contracting - persons, institutions, organizations bound by obligations under a general agreement, cooperating in the process of fulfilling the agreement) civil law contracts, which must contain conditions on the protection of confidential information. The non-disclosure obligation can be drawn up in any form, it is important that it contains a list of information that constitutes a trade secret in your company.

Also, organize a special office work that ensures the safety of media containing commercial secrets, and introduce a system for separating information into blocks. Each employee should know exactly as much as is necessary to perform his duties.

Another way to protect the rights of the owner of a trade secret is to establish sanctions for violation of confidentiality obligations by counterparties in civil law contracts. By general rule, the protection of violated civil rights is carried out in court (recognition of the right, suppression of illegal actions, compensation for losses). In addition to civil law methods of protection, trade secrets can be protected under labor law, criminal law, and unfair competition.

Of the possibilities provided by labor law, the rights of the owner of a trade secret can be protected by such actions as bringing to material liability and bringing to disciplinary liability up to the termination of the employment relationship. In addition, if there are signs of an offense provided for by the relevant branches of law, it is possible to bring offenders to criminal liability.

When storing information in electronic form, three areas of work on information protection can be distinguished: theoretical research, development of protection tools and justification of ways to use protection tools in automated systems.

In theoretical terms, the main attention is paid to the study of the vulnerability of information in electronic information processing systems, the phenomenon and analysis of information leakage channels, the substantiation of the principles of information protection in large automated systems and the development of methods for assessing the reliability of protection.

To date, many different means, methods, measures and measures have been developed to protect information accumulated, stored and processed in automated systems. This includes hardware and software, cryptographic closing of information, physical measures, organized events, legislative measures. Sometimes all these means of protection are divided into technical and non-technical, moreover, hardware and software and cryptographic closure of information are classified as technical, and the rest of the above are non-technical.

a) hardware protection methods.

Hardware protection includes various electronic, electro-mechanical, electro-optical devices. To date, a significant number of hardware have been developed for various purposes, but the following are the most common:

Special registers for storing security details: passwords, identification codes, vultures or secrecy levels,

Code generators designed to automatically generate a device identification code,

Devices for measuring individual characteristics of a person (voice, fingerprints) in order to identify him,

Special security bits, the value of which determines the level of security of information stored in the memory to which these bits belong,

Schemes for interrupting the transmission of information in the communication line in order to periodically check the address of data output.

A special and most widely used group of hardware protection devices are devices for encrypting information ( cryptographic methods).

b) software protection methods.

Protection software includes special programs that are designed to perform protection functions and are included in the software of data processing systems. Software protection is the most common type of protection, which is facilitated by such positive properties of this tool as versatility, flexibility, ease of implementation, almost unlimited possibilities for change and development, etc. By functional purpose they can be divided into the following groups:

Identification of technical means (terminals, devices group control input-output, computers, storage media), tasks and users,

Determining the rights of technical means (days and hours of operation, tasks allowed for use) and users,

Monitoring the operation of technical means and users,

Registration of the operation of technical means and users when processing information of limited use,

Destruction of information in the memory after use,

Alarms for unauthorized actions,

Auxiliary programs for various purposes: monitoring the operation of the protection mechanism, affixing a secrecy stamp on issued documents.

c) backup.

Backing up information consists in storing a copy of programs on a media. On these media, copies of programs can be in normal (uncompressed) or archived form. Backup is carried out to save programs from damage (both intentional and accidental), and to store rarely used files.

G) cryptographic encryption information.

Cryptographic closing (encryption) of information consists in such a transformation of the protected information, in which it is impossible to determine the content of the closed data by appearance. Specialists pay special attention to cryptographic protection, considering it the most reliable, and for information transmitted over a long communication line, - the only means protection of information from theft.

The main directions of work on the considered aspect of protection can be formulated as follows:

The choice of rational encryption systems for reliable closure of information,

Substantiation of ways to implement encryption systems in automated systems,

Development of rules for the use of cryptographic methods of protection in the process of functioning of automated systems,

Evaluation of the effectiveness of cryptographic protection.

A number of requirements are imposed on ciphers designed to close information in computers and automated systems, including: sufficient strength (closing reliability), ease of encryption and decryption from the method of intramachine representation of information, insensitivity to small encryption errors, the possibility of intramachine processing of encrypted information, insignificant redundancy of information due to encryption and a number of others. To some extent, these requirements are met by some types of substitution, permutation, gamma ciphers, as well as ciphers based on analytical transformations of encrypted data.

Combined ciphers are especially effective when the text is encrypted sequentially by two or more encryption systems (for example, substitution and gamma, permutation and gamma). It is believed that in this case the strength of the encryption exceeds the total strength in the composite ciphers.

Each of the encryption systems can be implemented in an automated system or programmatically or using special equipment. Software implementation is more flexible and cheaper than hardware implementation. However, hardware encryption is generally several times more productive. This circumstance is crucial for large volumes of confidential information.

e) physical protection measures.

The next class in the arsenal of information security tools are physical measures. These are various devices and structures, as well as measures that make it difficult or impossible for potential intruders to enter places where you can have access to protected information. The most commonly used measures are:

Physical isolation of structures in which the equipment of the automated system is installed from other structures,

Territory fencing computer centers fences at such distances that are sufficient to exclude the effective registration of electromagnetic radiation, and the organization of systematic monitoring of these territories,

Organization of checkpoints at the entrances to the premises of computer centers or equipped entrance doors with special locks that allow you to regulate access to the premises,

Organization of a security alarm system.

f) organizational measures to protect information.

The next class of information security measures are organizational measures. These are such regulatory legal acts that regulate the functioning of the data processing system, the use of its devices and resources, as well as the relationship between users and systems in such a way that unauthorized access access to information becomes impossible or significantly impeded. Organizational measures play an important role in creating a reliable information protection mechanism. The reasons why organizational measures play an increased role in the protection mechanism is that the possibilities of unauthorized use of information are largely determined by non-technical aspects: malicious acts, negligence or negligence of users or personnel of data processing systems. The influence of these aspects is almost impossible to avoid or localize using the hardware and software discussed above, cryptographic closure of information and physical protection measures. This requires a set of organizational, organizational-technical and organizational-legal measures that would exclude the possibility of the danger of information leakage in this way.

The main activities in this aggregate are the following:

Activities carried out in the design, construction and equipment of computer centers (CC),

Activities carried out in the selection and training of personnel of the EC (checking those hired, creating conditions under which the staff would not like to lose their jobs, familiarizing themselves with the measures of responsibility for violating the rules of protection),

Organization of reliable access control,

Organizing the storage and use of documents and media: defining issuance rules, maintaining issuance and usage logs,

Control of changes in mathematical and software,

Organization of training and control of users' work,

One of the most important organizational measures is the maintenance in the CC of a special full-time information security service, the number and composition of which would ensure the creation reliable system protection and its regular operation.

Thus, the means, methods and measures of protection discussed above come down to the following:

1. The greatest effect is achieved when all the means, methods and measures used are combined into a single, integral information protection mechanism.

2. The protection mechanism should be designed in parallel with the creation of data processing systems, starting from the moment the general idea of ​​building the system is developed.

3. The functioning of the protection mechanism should be planned and ensured along with the planning and provision of the main processes of automated information processing.

4. It is necessary to constantly monitor the functioning of the protection mechanism.

Send your good work in the knowledge base is simple. Use the form below

Good work to site">

Students, graduate students, young scientists who use the knowledge base in their studies and work will be very grateful to you.

Posted on http://www.allbest.ru/

Introduction

“Whoever owns the information owns the world” is probably one of the most truthful expressions today, which expresses the essence of the most acute problem in the world. Throughout the history of mankind, there are thousands of examples of information theft that led to the most unpleasant and complex consequences. That is why, all information of any value must be protected, because intelligence activities do not sleep and only improve.

Despite the prohibitions in force in accordance with Russian law, the likelihood of leakage of confidential information implemented using modern technical means is quite high. Intelligence techniques and technologies are improving, and this has led to the fact that some methods of extracting information are already quite ordinary, very inexpensive and quite productive. Consequently, there is a need for a comprehensive suppression of all possible channels of information leakage, and not just the simplest and most accessible.

There are several communication channels through which information is transmitted, and all of them must be properly protected. To avoid situations with information leakage, various technical means are used that do not allow information to spread beyond a given zone. If information has spread outside the controlled area, then such channels are called channels of information leakage. Also, there is such a thing as unauthorized access, it can include cases of deliberate distortion, theft, deletion of information by an attacker.

This paper will consider the issues of ensuring the information security of the enterprise, as well as possible security threats to the premises intended for holding closed events where information constituting a state secret or confidential information is discussed (using the example of the office of the head of the enterprise).

The relevance of this work is the need to protect confidential data, information and data, the loss, disclosure or distortion of which can lead to negative consequences for the organization, enterprise and state, as well as the need to comply information system requirements of regulatory legal documents of the Russian Federation.

The purpose of this work is to develop a set of recommendations for ensuring information security at an enterprise, to study methods for protecting information from technical intelligence and from its leakage through technical channels, as well as to study and build an engineering and technical protection system for a dedicated room intended for holding closed events at which it is discussed information constituting a state secret or confidential information.

Work tasks

Investigate threats and information leakage channels. Consider Implementation technical measures information protection.

Explore the main measures to protect information in the enterprise.

Investigate the security system of the premises for holding closed events where information constituting state secrets or confidential information is discussed (hereinafter referred to as the premises). Conduct an analysis of the existing system of engineering and technical protection of the premises and propose possible options modernization of the engineering and technical protection system of the premises;

The work was done in the interests of an electronic industrial enterprise.

Based general provisions work of the enterprise, a security policy and means of ensuring it are recommended. In the work, based on the analysis of information leakage channels, a system for protecting the premises is proposed, taking into account multi-channel interception.

The practical significance of this work is to reduce the risks of leakage of confidential information and state secrets through various channels in the considered office of the head of the electronic industrial enterprise.

1. GENERAL CONCEPTS OF INFORMATION SECURITY

information security access computing

1.1 Definition of the concept of "information security" and its goals

Information protection is the adoption of legal, organizational and technical measures aimed at:

Ensuring the protection of information from unauthorized access, destruction, modification, blocking, copying, provision, distribution, as well as from other illegal actions in relation to such information;

Compliance with the confidentiality of information of limited access;

Realization of the right to access to information.

To date, several types of protected information can be distinguished, and each of them has its own characteristics in the field of regulation, organization and implementation of the protection itself. It is worth highlighting a few common features protection of information of any kind.

For example,

the owner of the information himself organizes and takes measures to protect it;

protecting his information, the owner restricts it from access by third parties, illegal acquisition or use to the detriment of his interests, and also retains his rights to own and dispose of this information;

to protect information, it is necessary to implement a set of measures to restrict access to it and create conditions that will completely exclude or hinder unauthorized access to classified (confidential) information and its media.

Information security is divided into two main groups of tasks:

a) Satisfaction of information needs that arise in the course of any activity, that is, providing specialists of organizations, firms, enterprises with secret or confidential information.

Each specialist, in the process of work, can use information both open and closed type. Information open type rarely carries something worthwhile, so there are no restrictions. When supplying a specialist with classified information, there are some restrictions: this person has an appropriate clearance (the degree of secrecy of information to which he is admitted) and permission to access specific information. There are always contradictions in solving the problem of a specialist’s access to classified information, on the one hand, it is necessary to limit his access to classified information as much as possible and thereby reduce the likelihood of leakage of this information, on the other hand, to most fully satisfy his needs for information, including number and classified for informed decision them official tasks. In this case, it is necessary to be guided by two factors: his official position and the problem being solved by the specialist at the present time.

b) Protection of classified information from unauthorized access to it for malicious purposes.

This group includes conditions such as:

Conditioning effective use information resources;

Ensuring the security of protected information;

Maintaining the secrecy or confidentiality of classified information in accordance with the established rules for its protection;

Ensuring the constitutional rights of citizens to preserve personal secrets and confidential personal information;

Prevention of unpunished taking away and illegal use of intellectual property;

Protecting the information sovereignty of the country and expanding the ability of the state to strengthen its power through the formation and management of the development of its information potential;

The types of protected information are shown in Figure 1.

Figure 1. Types of protected information

1.2 Mode of secrecy or confidentiality

The concept of information security is closely intertwined with the issue of secrecy or confidentiality. The secrecy regime is the implementation of an information protection system for a specific, specifically specified enterprise, firm, plant, laboratory or specific program, such as the development of new products.

The conclusion is that the mode of secrecy or confidentiality is a complete set of measures that performs the implementation of an information security system, depending on all the factors that have an impact on the construction - these are information security systems. the main task this mode - ensuring an appropriate level of information protection. It all depends on the degree of its secrecy, the higher it is, the correspondingly higher level of protection, and the corresponding secrecy regime.

Secrecy mode - implementation at a specific facility of the current norms and rules for the protection of data and information, including a secret protected by law (state, commercial, etc.), defined and ordered by the relevant legislative acts. Groups of measures that include the secrecy mode:

Permit system, namely the precise definition of employees who have access to one or another protected information and to specific premises where work is carried out.

The implementation of the access mode required for a specific privacy mode required by the object.

Precisely established rules and procedures for working with classified documents or other media of protected information.

Constant monitoring and preventive work with personnel who have access to classified information, which helps prevent its leakage.

1.3 Information security and its goals

Under information security Russian Federation understood as the state of protection of its national interests in information sphere determined by the totality of balanced interests of the individual, society and the state.

In other words, information security is a set of measures aimed at ensuring the security of an enterprise's information assets. It is worth emphasizing that information security can only be ensured in the case of an integrated approach. Consideration and decision individual issues(for example, technical or organizational) will not solve the problem of information security of the enterprise entirely.

An enterprise information security strategy is a combination of well-thought-out, planned actions and quick decisions to adapt an enterprise to new opportunities for obtaining competitive advantage and new threats to weaken its competitive positions.

The main goals of information security:

Confidentiality

Integrity

Fitness

1.4 Information security policy

In many Russian enterprises and companies, information security is at a low level. This is confirmed by the results of statistical studies and direct communication with experts in the field. Today, there is practically no full-fledged information security risk management procedure at enterprises. Most practitioners do not even take on this task, they prefer to be guided only by their own experience and intuition when solving information security problems. Losses from violations of information security can be expressed as a leak of confidential information, loss of working time for data recovery, elimination of consequences virus attacks, and material values, for example, fraud in financial sector using computer systems.

Information security policy - a set of documented management decisions aimed at protecting information and its associated resources.

The information security policy can be divided into three levels.

The highest level should include decisions that concern the organization as a whole and come from the management of the organization or enterprise. Such a list may include the following elements:

Formation or revision of the information security program;

Setting the goals that the organization should pursue in the field of information security;

Ensuring the legislative framework;

Formulation of management decisions on the implementation of the information security program.

Politics top level deals with three aspects of law-abiding and executive discipline:

compliance with existing laws.

control of the actions of persons responsible for the development of a security program.

ensuring the subordination of personnel, respectively, introduce a system of rewards and punishments.

The middle level includes questions related to certain aspects of information security, but important for various systems operated by the organization. For example, attitudes towards insufficiently proven technologies, use of home or other computers, use of unofficial software by users, etc.

The information security policy at the middle level should cover the following topics:

Application area;

The position of the enterprise;

Roles and responsibilities;

law-abiding;

Points of contact;

The low-level security policy can be attributed to specific services. It includes goals and rules for achieving them. If you compare the lower level with the two upper ones, then it should be much more detailed. This level is very important for ensuring the information security regime. Decisions at this level should be made at the managerial level, not the technical level.

Low-level policy in formulating goals can come from three considerations: integrity, availability, and confidentiality.

From these goals, security rules should be derived that describe who can do what and under what conditions. How detailed rules the more formally they are stated, the easier it is to support their implementation by software and hardware measures. But too strict rules will interfere with work, you will have to spend time revising them. In such a situation, the manager needs to find a rational solution, a compromise, when a decent level of security will be provided at an affordable price, and workers will not be severely overloaded or constrained.

2. THREATS AND CHANNELS OF INFORMATION LEAKAGE, PROTECTION MEASURES

2.1 Classification of information threats

Any data of any value is always under the threat of unauthorized access to it, accidental or deliberate destruction, or modification.

There are two types of data threats - natural threats and man-made threats.

Natural threats include threats caused by the impact on the information system and its elements of objective physical processes or natural disasters that do not depend on the human factor.

Artificial threats include threats to the information system and its elements caused by human activity. Based on the motivation of actions, among the artificial threats it is worth highlighting:

intentional (deliberate) are aimed at causing damage to the managed system or users. This is often done by attackers for personal gain.

unintentional (unintentional, accidental). The source of such threats can be hardware failure, incorrect actions of employees or its users, software errors, etc. Such threats should also be kept in mind, as the damage from them can be significant;

In relation to the information system, it is worth highlighting two options for the source of threats: external and internal. The classification of information security threats is shown in Figure 2.

Posted on http://www.allbest.ru/

Figure 2. Classification of threats to information security

2.2 Model of threats to the security of information processed at a computer facility

Information security threat - a set of conditions and factors that create the danger of information security violations. In other words, this is a potential possibility of influencing the object of protection (intentional or accidental), due to which information can be lost or leaked, therefore, damage will be done to the owner of the information.

The information security threat model is shown in Figure 3.

Figure 3. Information security threat model

2.3 Classification of information leakage channels

Channels of information leakage -- ways and methods of information leakage from the information system.

a) Electromagnetic channel. The reason for its occurrence is the electromagnetic field. Electricity, flowing in the technical means of information processing creates an electromagnetic field. The electromagnetic field can induce currents in closely spaced wire lines (pickup).

The electromagnetic channel, in turn, is divided into:

Radio channel (high-frequency radiation).

Low frequency channel.

Network channel (induction to ground wires).

Grounding channel (induction to ground wires).

Linear channel (interference on communication lines between computers).

b) Acoustic channel. It is associated with the propagation of sound waves in the air or elastic vibrations in other media that occur during the operation of information display devices.

c) Unauthorized copying channel.

d) Channel of unauthorized access.

The main leakage channels are shown in Figure 4.

Figure 4. Main channels of information leakage

2.4 Channels of information leakage at the computer facility

2.4.1 Threat to information security through acoustic leakage channel

Unauthorized access to confidential information through an acoustic leak channel (Figure 5) can be carried out:

by direct listening;

with the help of technical means.

Direct eavesdropping of negotiations (conversations) by an attacker can be carried out:

through the door;

through an open window (window);

through walls, partitions;

through ventilation ducts.

Listening to conversations through the door is possible provided that the entrance to the meeting room is made in violation of the requirements for soundproofing. You should also not negotiate open windows or vents. Under these conditions, there may be direct access to the content of the negotiations.

The walls, partitions, ceilings, and even the floor of a meeting room are not guaranteed protection against eavesdropping unless they have been tested for soundproofing and there is no assurance that they meet soundproofing requirements.

Ventilation ducts are very dangerous from the point of view of unauthorized access to the content of negotiations. They allow you to listen to a conversation in a room at a considerable distance. Therefore, high requirements are placed on the equipment of ventilation ducts.

The use of directional microphones for listening to conversations is currently widespread. In this case, the listening distance, depending on the real interference situation, can reach hundreds of meters.

Attackers can use as directional microphones:

microphones with a parabolic reflector;

resonant microphones;

slot microphones;

laser microphones.

Attackers also use so-called wired microphones to listen. Most often, microphones with specially laid wires for transmitting information are used, as well as microphones with information transfer via a 220 V network line.

It is not excluded that other types of communications (signaling wires, radio broadcasts, clocks, etc.) can be used for the transmission of eavesdropped information.

Therefore, when carrying out all kinds of repairs and reconstructions, it is necessary to pay special attention to this, because otherwise the possibility of introducing such listening devices is not excluded. Radio microphones are widely used by intruders to listen to conversations (conversations). Currently, there are more than 200 different types. The generalized characteristics of radio microphones are as follows:

Frequency range: 27 - 1500 MHz;

Weight: units of grams - hundreds of grams;

Range: 10 - 1600m;

Time continuous work: from several hours to several years (depending on the method of nutrition).

These devices pose a great threat to the security of negotiations (conversations). Therefore, it is necessary to do everything possible to exclude their presence in the meeting rooms.

In the last decade, intruders began to use devices that allow listening to conversations in premises at a considerable distance from them (from other districts, cities, etc.) using telephone lines.

Posted on http://www.allbest.ru/

Figure 5. Model of threats to information through an acoustic leak channel

2.4.2 Threat to information security due to high-frequency Imposition

The essence of listening to conversations with the help of high-frequency imposition is to connect a frequency generator to the telephone line and then receive the signal “reflected” from the telephone set modulated by the conversation in the room.

Thus, the analysis of threats to confidential information that are contained during negotiations (conversations) shows that if protection measures are not taken, then intruders can access its content.

Posted on http://www.allbest.ru/

Figure 6. Model of information threats due to high-frequency imposition

2.4.3 Threat to the security of information through the optical channel of leakage

If negotiations are conducted in a room where the windows are not equipped with curtains, blinds, then in this case the attacker has the opportunity to use optical instruments with high gain (binoculars, spyglasses) to view the room. See who is in it and what they are doing.

laser

Figure 7. Model of threats to information over an optical channel

2.4.4 Threat to information security through vibroacoustic leakage channel

Unauthorized access to the content of negotiations (conversations) by intruders can also be carried out (Figure 8) using stethoscopes and hydroacoustic sensors.

Posted on http://www.allbest.ru/

Figure 8. Model of information threats through vibroacoustic leakage channel

With the help of stethoscopes, it is possible to listen to negotiations (conversations) through walls up to 1 m 20 cm thick (depending on the material).

Depending on the type of information transmission channel from the vibration sensor itself, stethoscopes are divided into:

Wired ( wired channel transfers);

Radio (radio transmission channel);

Infrared (infrared transmission channel).

It is possible that intruders can also use hydroacoustic sensors that allow listening to conversations in rooms using water supply and heating pipes.

2.4.5 Threats to information security caused by intentional factors

Threats caused by intentional factors can come from both unscrupulous employees of the organization (persons with access to the computer equipment (CT) object, users), and from outsiders (intruders). Some types of intentional threats can be attributed to both signs, however, it is advisable to consider them separately.

Threats from users.

These types of threats include:

use of a regular method of access to the system in order to impose prohibited actions (abnormal change of access attributes);

use of one's official position to obtain privileged access to information (to the BT object) or to cancel restrictions due to information protection requirements;

physical destruction of the system or failure of its components;

shutdown or incapacitation of information security subsystems;

theft of storage media and their unauthorized copying;

reading residual information from RAM and from external storage devices (viewing "garbage");

the introduction of hardware and software "bookmarks", "viruses" and "Trojan" programs that allow you to covertly and illegally receive information from the VT object or gain access to the modification (destruction) of information processed at the VT object.

Threats emanating from outsiders (intruders).

disguise as a true user by imposing the characteristics of his authorization (using guessed or spy passwords, encryption keys, stolen identification cards, passes, etc.);

disguise as a true user after he gains access;

bribery or blackmail of personnel with certain powers;

theft of storage media;

the introduction of hardware and software "bookmarks", "viruses" and "Trojan" programs that allow you to covertly and illegally receive information from the VT object or gain access to the modification (destruction) of information processed at the VT object;

illegal connection to communication lines;

interception of data transmitted over communication channels;

interception of information due to embedded devices;

2.5 Implementation of technical measures to protect information at the BT facility

To implement primary technical protection measures, it is required to provide:

* blocking channels of information leakage and unauthorized access to its media;

* checking the serviceability and operability of the technical means of the VT object;

* install means of detection and indication of threats, check their performance;

* install secure information processing tools, information security tools and check their performance;

* apply security software in computer equipment, automated systems, carry out their functional testing and testing for compliance with security requirements;

* use special engineering structures and facilities (systems).

The choice of information security means is determined by a fragmented or complex method of information security.

Fragmented protection provides countermeasures against a specific threat.

Comprehensive protection provides simultaneous counteraction to many threats.

Information leakage channels can be blocked by:

* dismantling of technical means, communication lines, signaling and control, energy networks, the use of which is not related to the life support of the enterprise and information processing;

* removal of individual elements of technical means, which are the medium for the propagation of fields and signals, from the premises where information circulates;

* temporary disconnection of technical means that are not involved in the processing of information from communication lines, signaling, control and energy networks;

* the use of methods and circuit solutions for protecting information that do not violate the basic specifications means of providing information data.

Unauthorized access to information or its media can be blocked by:

* creation of working conditions within the established regulations;

* except for the possibility of using software, software and hardware that have not passed the test (test).

Means of detecting and indicating threats are used to signal and notify the owner (user, manager) of information about information leakage or violation of its integrity. Information security tools are used to passively or actively hide information.

For passive hiding, limiter filters are used, line filters, special subscriber devices protection and electromagnetic shields.

For active concealment, narrowband and broadband linear and spatial noise generators are used.

Software tools are used to provide:

* identification and authentication of users, personnel and resources of the information processing system;

* delimitation of user access to information, computer equipment and technical means of automated systems;

* integrity of information and configuration of automated systems;

* registration and accounting of user actions;

* masking of processed information;

* response (alarm, shutdown, suspension of work, denial of a request) to attempts of unauthorized actions.

Based on the results of the implementation of the recommendations of the survey report and the implementation of information protection measures, it should be drawn up in free form act of acceptance of work on information protection, which must be signed by the performer of work, the person responsible for information protection, and approved by the head of the enterprise.

To determine the completeness and quality of information protection work, certification should be carried out. Certification is carried out by organizations that have licenses for the right to work in the field of information security. The objects of certification are the components of the information system and their individual elements, in which information subject to technical protection circulates. The following is required during certification:

Establish compliance of the certified object with the information security requirements;

Assess the quality and reliability of information security measures;

Assess the completeness and sufficiency of technical documentation for the object of certification;

Determine the need for amendments and additions to organizational and administrative documents.

Technical measures to protect information at the BT facility should provide for:

Restricting access to the inside of the computer case by installing mechanical locking devices.

Destruction of all information on the computer's hard drive when it is sent for repair using low-level formatting tools.

Organization of computer power from a separate power source or from a common (city) power grid through a voltage stabilizer ( network filter) or motor-generator.

The use of liquid crystal or plasma displays for displaying information, and inkjet or laser printers for printing.

display placement, system block, keyboard and printer at a distance of at least 2.5-3.0 meters from lighting, air conditioning, communications (telephone), metal pipes, television and radio equipment, as well as other computers that are not used to process confidential information.

Disconnecting a computer from a local network or network remote access when processing confidential information on it, except for the case of transmission of this information over the network.

Installing the printer and keyboard on soft pads to reduce information leakage through the acoustic channel.

While processing valuable information on a computer, it is recommended to turn on devices that create additional background noise (air conditioners, fans), as well as process other information on nearby computers. These devices should be located at a distance of at least 2.5-3.0 meters.

Destruction of information immediately after its use.

3. MAIN MEASURES TO PROTECT INFORMATION AT THE ENTERPRISE

3.1 Tasks and principles of organizing the information security service

Many companies have security departments. The duties of such a service include organizing the protection of information directly related to state and commercial secrets, training employees to keep the secrets of their company, explaining the rules for compliance with information protection and the company's privacy policy, and creating methodological documents. The security service collects everything necessary about the availability of secret information, the terms of its storage, the trade secret of this enterprise, determines the circle of persons who have access to it and controls it so that access is provided only to those employees who need it directly in the service. Also, the security service is usually entrusted with such duties as tracking information about the state of the market, competitors, analyzing and controlling attempts by competing firms to gain access to protected information, and also being able to clearly and quickly eliminate shortcomings in the protection of trade secrets.

Organized special system access to confidential information - a whole complex of administrative and legal norms that organizes access to information by executors or the head of secret work. The purpose of this system is to secure work from unauthorized receipt of classified information. This system is divided into:

permitting system of access to secret documents;

a system of ciphers and passes for access to rooms where secret work is being carried out.

The security system ensures the physical safety of the carriers of classified information and prevents unauthorized access to the territory of secret work. Security system - a set of measures, means, forces and measures that block outsiders' access to protected information.

A set of measures aimed at protecting confidential information, carried out by the management, administration and security system, is:

daily monitoring of compliance by employees with information security rules;

compliance by all employees with internal regulations, fire safety, data protection instructions, etc.;

control over the passage of unauthorized persons into the territory and tracking their movements;

identification of channels of information leakage and measures to block them;

prevention of disclosure of protected information in open publications;

working with clients, negotiating with partners, etc., it is important to conclude mutually beneficial agreements, and not to receive information about protected information.

Legal protection of information.

Legal measures regulating the protection of secret and confidential information are divided into two groups:

regulations governing the rules and procedures for protecting information;

normative acts establishing liability for an attempt on information.

Criminal law in its content is, on the one hand, prohibitive, that is, under the fear of applying criminal penalties, they prohibit citizens from violating their duties and commit crimes, and on the other hand, they oblige the relevant state bodies (FSB, Ministry of Internal Affairs, prosecutor's office) bring the perpetrators of the crime to justice.
In addition, violations of the secrecy regime, the rules for maintaining state and commercial secrets, which are not a crime, may result in material, disciplinary or administrative penalties in accordance with applicable regulations: suspension from work related to secrets or transfer to another job that is less paid and also unrelated to classified information.

Organizational protection of information.

This group of measures pursues the goal of organizing work on the implementation of the rules, procedures and requirements for the protection of state and commercial secrets based on the rules statutory and by-laws (instructions, regulations, etc.).

Organizational measures to protect information imply, first of all, work with personnel who will carry out measures to protect information, training employees in the rules for protecting classified information. Regulatory organizational security measures are the basis for solving the issue of protecting information about compliance with the principle maximum limit the number of persons who have access to secret works and documents. Organizational measures to protect information require detailed compliance with the rules of secret office work in order to exclude or minimize the loss of classified documents. The main purpose of organizational information protection measures is to prevent unauthorized access to state or commercial secrets and leakage of protected information.

Engineering and technical protection of information.

This is a separate area of ​​information protection. The development of technical means of reconnaissance (TSR) required the state to create whole system measures to counteract the collection of intelligence information using TSR.

Engineering and technical information protection measures are a set of organizational and engineering measures aimed at eliminating or significantly hindering the acquisition of protected information using TCP. The main thing here is that every action requires a reaction. It is obviously not enough to resist the TSRs with the help of organizational security measures alone, since the TSRs do not know borders and their activities are not affected by weather conditions.

Engineering and technical information security measures are divided into three groups:

General preventive measures, including legal regulation use of technical means in the process of international relations; establishing and maintaining regimes aimed at preventing the leakage of protected information through channels available to TCP and others;

organizational measures include such activities as analysis and generalization of information about TCP and development of ways to protect these parameters;

technical measures include a set of engineering and technical means and measures used to hide protected information about the objects of protection and technical disinformation of the opponent from the TCP.

3.2 Protected information and enterprise information security objects

The purpose of information protection measures taken at the enterprise facilities is to reduce the risk of damage in the face of intentional and unintentional threats to information security. Achieving the required level of information security should be ensured by the systematic use of organizational, organizational, technical, technical, software and hardware measures at all stages of operation of enterprise facilities.

This goal is achieved by a rational and interconnected solution of the following tasks at the enterprise facilities, linked by a single plan:

a. determining the information, information resources and processes that need to be protected;

b. analysis of unmasking features that reveal protected information about protected objects, channels of leakage, theft, unauthorized access and impact on protected information;

c. assessing the capabilities of technical intelligence and criminal structures to obtain protected information, unauthorized access and impact on information resources and processes, assessments real danger information leakage, distortion, modification, destruction or blocking of information resources and processes;

d. development and implementation of technically and economically justified measures to protect information, taking into account the identified possible channels of its leakage, impact and access;

e. organizing and monitoring the effectiveness of information protection at the objects of informatization of the enterprise.

To protected information, protected information resources and processes at all stages life cycle enterprise facilities include:

a) Voice information containing information classified as a state secret.

b) Information resources containing information classified as state secrets, presented in the form of magnetic and optical media, informative electrical signals, electromagnetic fields, information arrays and databases.

When analyzing the security of protected information and information resources, all possible types of threats should be considered.

According to the information security requirements, the objects of enterprise informatization to be protected belong to one of three groups:

a. The first group - the main technical means and systems, as well as their components with the premises in which they are located.

b. The second group - allocated premises specially designed for holding closed events where information constituting a state secret is discussed, as well as equipped with government communications and other types of special communications

c. The third group is auxiliary technical means and systems installed in allocated premises.

The main technical means include:

a) Separate workstations of the structural divisions of the enterprise, designed to process information containing information constituting a state secret.

b) Means for processing speech, graphic, video information used to process classified information.

c) Facilities for the production and reproduction of classified documents.

d) Communication facilities and systems in which classified information circulates.

Dedicated premises of category III include office rooms and work rooms of the enterprise divisions, in which discussions and negotiations are held on issues with a degree of secrecy not higher than “secret”, as well as assembly halls intended for closed events.

Dedicated premises of category II include premises specially allocated for holding meetings on secret questions, as well as office rooms of the management of the enterprise and its main divisions in which discussions and negotiations on top secret issues can be conducted.

Auxiliary includes technical means and systems not intended for processing, transmitting and storing classified information, located in dedicated premises, as well as together with the main technical means and systems.

3.3 Organizational and technical measures to protect information

Protection of information at the facilities of the enterprise should be carried out through the implementation of a set of measures aimed at: hiding or significantly hindering the acquisition of protected information about protected objects using technical means of intelligence; prevention of information leakage or impact on information resources and processes through technical channels and due to unauthorized access to them; prevention of intentional software and hardware impacts with the aim of violating the integrity (destruction, distortion) of information (information technologies) in the process of its processing, transmission and storage, or disrupting the performance of technical means.

Based on the list of the main threats to information security, several areas can be distinguished in the complex of measures to protect information at enterprise facilities:

Protection against leakage through technical channels of secret speech (acoustic) information discussed in the premises of enterprise facilities.

Protection of the main technical means and systems from leakage of information constituting a state secret through the channels of spurious electromagnetic radiation and pickups

Protection of information from unauthorized access, including from computer viruses and other software and hardware impacts, from theft of technical means with information contained in them or individual information carriers.

Protection of information from the effects of sources of destabilizing (destructive) electromagnetic radiation, as well as from the destruction and distortion of information through specially implemented electronic and software tools (bookmarks).

The organization of protection against leakage through technical channels of secret speech (acoustic) information involves a set of organizational and technical measures aimed at eliminating acoustic and vibroacoustic channels of information leakage, as well as technical channels that arise during the operation of auxiliary technical means and through the introduction of electronic devices for intercepting information .

Carrying out a special inspection of allocated premises, as well as foreign-made technical means placed in them, in order to identify electronic devices for intercepting information (bookmarks) that may have been introduced into them.

Implementation of organizational and regime measures for the admission and protection of allocated premises.

Installation in allocated premises of technical means (terminals of telephone communication, radio broadcasting, signaling, electric clocking, etc.) certified according to information security requirements or protected by certified means of protection based on the results of special studies.

Exclusion of the use of radiotelephones, cellular communication terminals in allocated premises.

Fulfillment of the requirements for sound insulation and vibroacoustic protection of the enclosing structures of allocated premises, their ventilation and air conditioning systems. Increasing the sound insulation of building envelopes or installing active protective equipment is carried out based on the results of measurements of the informative signal/noise ratio in places where information can be intercepted.

Registration of technical passports on information security issues for allocated premises is carried out by the chief information security specialist of the enterprise with the involvement of units operating buildings, power supply systems, communications and technical means, as well as units located in allocated premises.

Organization and certification of allocated premises for information security requirements with the issuance of a "Certificate of Compliance". Certification is carried out by an organization that has the appropriate FSTEC license Russia.

In order to protect information processed by all types of basic technical means and systems, a set of organizational and technical measures is organized and carried out, aimed at eliminating or significantly reducing the level of spurious electromagnetic radiation and interference in communication lines and communications that go beyond the controlled zone of enterprise facilities.

These activities include:

Carrying out a special inspection of foreign-made fixed technical equipment in order to identify electronic devices for intercepting information (bookmarks) that may be embedded in them.

Carrying out special studies of the main technical means and systems and issuing instructions for operation.

Fulfillment of the requirements of the operating instructions for the placement of the main technical means and systems relative to the boundaries of the controlled zone.

Fulfillment of the requirements of the operating instructions for the placement of the main technical means and systems with respect to auxiliary technical means and systems that go beyond the controlled area.

Fulfillment of the requirements of the operating instructions for the protection of the power supply system of the main technical facilities and systems.

Fulfillment of the requirements of the operating instructions for the protection of the grounding system of the main technical facilities and systems.

Registration of technical passports on information security issues for the main technical means and systems is carried out by the chief information security specialist of the enterprise together with the unit operating these means.

In order to protect information and information processes(technologies) in informatization systems (automated systems), measures are taken to protect them from unauthorized access and software and hardware impacts, including computer viruses. Automated systems designed to process information constituting a state secret are subject to protection.

Measures to protect automated systems designed to process information constituting a state secret from unauthorized access to information are aimed at achieving three main properties of protected information: confidentiality, integrity, availability.

Measures to protect information when foreign representatives are at the facilities of the enterprise, the procedure for their implementation and the responsibility of officials for their implementation are determined separate instruction on the admission of foreign citizens.

Measures to ensure information security are carried out at all stages of the life cycle of enterprise facilities and are an integral part of the work on their creation and operation.

At the stage of operation of the enterprise object, informatization system and information protection means, it includes:

Administration of informatization and communication systems in order to ensure information security during their operation, including:

access control to the system and its elements;

formation and distribution of details of user powers in accordance with the established rules for access control;

formation and distribution of key and password information;

registration and accounting of actions in the system;

accounting of information carriers;

providing signaling about attempts to violate protection;

maintaining the functioning of the cryptographic information protection subsystem;

maintaining the functioning of hardware and software and information security systems in the modes established by the operational documentation;

monitoring the integrity of the software operated on computer equipment in order to detect unauthorized changes in it, as well as the implementation of measures for anti-virus protection of information carriers and messages received via communication channels;

instructing personnel and users of technical means of transmission, processing and storage of information on the rules for working with information security tools;

participation in internal investigations into violations or threats of violations of the security of protected information.

Organization and control of the operation of funds physical protection, excluding unauthorized access to protected objects and technical means, their theft and malfunction.

Periodic check of the premises for the absence of possibly embedded radio-electronic means of intercepting information.

Periodic inspection of allocated premises, means and informatization systems.

Periodic check of workstations for compliance with anti-virus protection requirements.

Periodic certification of objects of protection.

Control of repair and maintenance work in allocated premises, as well as on technical means and their communications

3.4 Software and hardware methods and means of protecting information from unauthorized access at the VT facility

The technical basis of the system for protecting information from unauthorized access are software and hardware methods and tools.

In order to form an optimal set of software and hardware methods and means of information protection, it is necessary to go through the following steps:

Definition of information and technical resources to be protected;

Identification of the full set of potential threats and leakage channels;

Conducting information vulnerability assessment for identified threats and leakage channels;

Determination of requirements for the information security system;

Implementation of the choice of information security tools and their characteristics;

Implementation and organization of the use of selected measures, methods and means of protection;

Implementation of integrity control and protection system management.

The set of protective methods and means includes:

Software tools and methods;

Hardware;

Protective (cryptographic) transformations;

Organizational events.

Software protection methods are a set of algorithms and programs that provide access control and exclusion of unauthorized use of information.

The essence of hardware or circuit protection is that devices and technical means of information processing provide for the presence of special technical solutions, providing protection and control of information, for example, shielding devices that localize electromagnetic radiation or parity check circuits that control the correctness of information transfer between various devices of an information system.

Similar Documents

Necessity and need for information protection. Types of threats to the security of information technology and information. Channels of leakage and unauthorized access to information. Principles of designing a protection system. Internal and external offenders AITU.

test, added 04/09/2011


The most common ways of unauthorized access to information, channels of its leakage. Methods for protecting information from threats of a natural (emergency) nature, from random threats. Cryptography as a means of protecting information. Industrial espionage.

abstract, added 06/04/2013


The main channels of information leakage. Main sources of confidential information. The main objects of information protection. The main work on the development and improvement of the information security system. Information security protection model of Russian Railways.

term paper, added 09/05/2013


Offline computer management options. Classification of security threats, information leakage channels. Hardware-software complexes and cryptographic methods for protecting information on a PC. Software system"Cobra", surveillance utilities.

test, added 11/20/2011


Ways of unauthorized access, classification of threats and objects of protection. Information security methods in production management systems. The main channels of information leakage when processing it on a computer. Information flows of the organization LLC "TD Iskra".

term paper, added 03/15/2016


Ways of unauthorized access, classification of methods and means of information protection. Information leakage channels. The main directions of information protection in the EMS. Measures of direct protection of PC. Analysis of the security of the nodes of the local network "Stroyproekt".

thesis, added 06/05/2011


Concept and types of mobile communication system. Features of construction and functioning. Information security system. Concept and classification of threats. Types of information presentation and possible channels of its leakage. Scenarios of unauthorized access.

term paper, added 11/23/2013


Modeling of information security objects. Structuring of protected information. Modeling of security threats: methods of physical penetration, technical channels of information leakage, threats from natural sources. Engineering activities.

term paper, added 07/13/2012


Analysis of information processed at the facility, and software and hardware for information processing. Organizational methods of access control. Software, hardware and technical protection devices, sensor control, video surveillance and alarm systems.

abstract, added 11/22/2014


External threats information security, forms of their manifestation. Methods and means of protection against industrial espionage, its goals: obtaining information about a competitor, destroying information. Ways of unauthorized access to confidential information.