(also information systems security, INFOSEC)
System security definition
System security is the practice of protecting information systems from unauthorized access, modification, or destruction. System security measures help organizations protect sensitive data and prevent cyber threats.
Common system security measures
- Authorization: Authorization measures ensure that users can only access the resources they need to do their jobs. Implementing proper authorization measures (like network segmentation) helps prevent lateral movement within the system.
- Authentication: Authentication measures aim to make sure that only those with proper clearance can access the system. Common authentication methods include passwords, biometrics, smart cards, and two-factor authentication tools.
- Firewalls: Firewalls control incoming and outgoing network traffic according to the organization’s security policies.
- Intrusion detection and prevention: Intrusion detection and prevention systems (IDPS) monitor activity on a given system for suspicious patterns — signs that a security breach may be in progress. Once a threat is detected, an IDPS automatically alerts the system administrator and takes immediate preventive action. IDPS measures can be either network-based (NIDPS) or host-based (HIDPS).
- Data encryption: Encryption ensures that the organization’s data is safe even if it is intercepted — without the proper decryption key, encrypted data will appear as gibberish to the attacker. Encryption may be used for both data transmission and data storage.
- User awareness and training: The weakest link in system security is the human user. Education on best security practices (like how to detect and avoid phishing attempts), regular training, and periodic checks help prepare employees for potential cyberattacks.