Contacts
Go back to the previous page

Unauthorized access (UAI)

4
Unauthorized access (UAA) – access to employee data without authorization from management or an intruder. Also, in some cases, an NSD is defined as access to data by a person who has the right to access that data to a certain extent, but has exceeded it.

Causes and Consequences of NSD

. Among the main reasons for gaining unauthorized access to data are:

  • incorrect configuration of software: firewalls, access rights, restrictions on bulk requests to the database, etc.
  • minimal security of authorization tools (theft of logins and passwords, key cards, direct access to unprotected computer, etc.);
  • errors in the operation of security software;
  • abuse of authority (stealing data, transferring backups to external devices, etc.);
  • interception of information by malicious persons via unsecured data transmission channels;
  • application of malicious software, “keyboard viruses”, Trojans, etc.

    • .

As a result of unauthorized access to data, the company risks a data breach:

  • personal data of employees, partners, system users, customers, etc.
  • commercial secrets and secret developments of the company;
  • personal correspondence between officials;
  • publicly important information
  • publicly important information.

In any case, the security system of the entire company may be compromised during VAT, which can lead to very dire consequences.

Information security audit
Read more

Provision of protection against intrusion

Measures, the main task of which is to ensure information security, are conditionally divided into 2 groups of protection:

  1. Information arrays from access to them by intruders.
  2. Company employees from psychological influences from the outside.

The first group includes processes of the technical class. Among them the most active are considered:

  • protection of equipment from natural disasters (floods, fires), on which confidential data are stored and processed;
  • minimizing the risk of remote access to the information of an intruder;
  • protection of information from leakage through technical and network channels of data transmission, which includes both wired and wireless systems;
  • protection of electronic equipment, which is relevant for mobile operators, military units, etc.;
  • installation of special software on working machines that will protect computers from malicious applications, attempts to connect to the database of unauthorized users, etc.

    • .

In addition to the above, it is important to use simpler, but accessible to all employees of the company means of countering intrusion: complex passwords, data encryption, renaming of working directories, etc.

Rate this article
Previous article Previous article
Next article Next article
Our website uses cookies to improve your experience