7 Modules of Cybersecurity are designed to protect sensitive information from digital intruders while keeping it simple for users.
Identity Security
Identity security is a simple, but powerful, protocol made up of two components. Beginning with password security, this measure includes forced password setting after an initial log in, preventing access with default credentials after deployment. The second component is Digest Access Authentication, a credential exchange between device and client confirming user identity before sending ANY information.
Access Control
The second module, access control, automatically disables unsafe services, such as Telnet, SSH and FTP. HTTPS is supported for encrypted connection. Rights Management enables the administrator to limit the rights of each user according to need. Overall, this limits the vulnerability of a system by making highly-sensitive information available only to those who need to access it. Password anti-cracking actively monitors all log-in attempts, if the device detects cracking behaviors, the login request will be refused even if the credentials are correct. Packet Filtering is a firewall technique which monitors incoming and outgoing traffic and filters out unwanted payloads.
When understanding access control, think of it like shutting all of the doors and windows to a home and watching to see if someone tries to pick the only lock available. Even after the “door” is safely opened, the system scrutinizes everything that passes through that point of entry.
Session Security
Once access is granted the communication session between user and host is monitored by time and credentials. This means that every user has a session credential after log-in, used for subsequent authentications. If the session goes dormant, or if the user attempts to request an invalid session credential multiple times, the system will flag and end the session. All sessions related to that specific IP address will then be forcibly logged out until authentication is proven.
Data Security
Data security ensures all sensitive data is protected by an advanced cryptographic key mechanism, allowing only authorized recipients to send and receive data. Simply put, the “digital envelope” housing the sensitive data can only be opened using both keys, guaranteeing only approved recipients can “read” it.
Protocol Security
Protocol Security uses industry standard protocols, many of which are open-source. Using protocols that are peer reviewed upholds standards and improves quality.
Security Audit
Involving improvements to the systems log, the sixth module focuses on logging changes to a system. Every alteration made to the system by any user, is logged for security purposes. Permissions to delete or change logs are greatly restricted, meaning only verified admins have this ability.
Special Security
The seventh, and final module for cybersecurity is special security. This measure ensures the integrity of firmware upgrade packages, guarding against any unwanted payloads.
Source: https://us.dahuasecurity.com/?p=51501
