Security planning

System security exists at many levels, on desktop and laptop computers, as well as mobile devices.

Network security includes the provision of adequate infrastructure to protect the network and its resources from unauthorised access, such as hackers or malware attacks. Steps taken include authenticating each user with their own username and password (one factor authentication); using an external device, such as a security token or dongle (two factor authentication), or using biometric data, such as scanning their fingerprints / retinas (three factor authentication).

The system can also be protected using a firewall and an intrusion prevention system (IPS), which detects unexpected traffic. Sometimes decoy network-accessible resources, known as ‘honeypots’ are used as early-warning tools. Anti-virus and anti-spyware software should be run regularly.

Information can be protected during transmission by encrypting it prior to sending; it can then be decrypted by the recipient, who has the cryptographic key, but not by an unauthorised user who has intercepted it. Sometimes, data is stored on a system using its encrypted form, known as ‘disk encryption ’.

As well as making adjustments to software and hardware, security measures also extend to preventing theft, e.g. by restricting access to areas where equipment is stored, and ensuring that data will not be lost in the case of a natural disaster, e.g. by storing backups at a separate location. It is also crucial to ensure data protection to guarantee personal privacy.

The effectiveness of security measures taken should be consistently monitored, and adapted in the case of any intrusion. Various tools are available to test for vulnerabilities or security holes in a system.

Related methods include: Disk publishing.

tool: Subversion Version System (SVN)

An open source version control system that is used to manage multiple versions of data objects in a controlled environment. Access and revision to objects are carefully controlled, to prevent unauthorised access and alteration.
Methods relating to this toolCategory
DocumentationStrategy and project management
Security planningStrategy and project management
Lifecycle stage:
Alternate tool(s):


Syndicate content