Like the development of information security, information security technology also shows different characteristics at different stages. At the stage of communication security, people's research and application of cryptography theory and technology have gradually matured in view of the confidentiality requirements of data communication. With the rapid development of computer and network technology, the technical requirements in the information security stage focus on various security mechanisms specified in ISO 7498-2 standard. The common feature of these security mechanisms is the static protection of confidentiality, integrity and availability of information systems. Today, the Internet has spread all over the world, and the standards and specifications represented by IATF (Information Assurance Technology Framework) outline a more comprehensive and extensive information security technology framework for us. At this time, the information security technology is no longer based on a single protection, but a complete system that combines key links such as protection, detection, response and recovery. In a word, typical information security technologies include:
1). Physical security technology: environmental security, equipment security, media security;
2). System security technology: the security of operating system and database system;
3). Network security technology: network isolation, access control, VPN, intrusion detection, scanning evaluation;
4) Application security technologies: e-mail security, network access security, content filtering and application system security;
5). Data encryption technology: software and hardware encryption to realize the identity authentication and CIA characteristics of data information;
6). Authentication and authorization technologies: password authentication, SSO authentication (such as Kerberos), certificate authentication, etc.
7). Access control technology: firewall, access control list, etc.
8). Audit tracking technology: intrusion detection, log audit, identification and evidence collection;
9) Anti-virus technology: stand-alone anti-virus technology has gradually developed into an overall anti-virus system;
10). Disaster recovery and backup technology: business continuity technology, on the premise of data backup.
Solving the security problem of information and information system is not limited to technology, but more importantly, management. Security technology is only a means of information security control. In order to play its due role, safety technology must be supported by corresponding management procedures. Otherwise, security technology can only become rigid and fail. If security technology is the building material of information security, then information security management is the real adhesive and catalyst. Only by implementing effective security management in all aspects of security construction from beginning to end can we ensure the long-term and stability of information security.
In the real world, most security incidents and security risks are caused by poor management rather than technical reasons. Understanding and attaching importance to the key role of management in information security is particularly important for achieving the goal of information security. We often say that information security is three-point technology and seven-point management, which shows the importance of management for information security.
Conceptually speaking, information security management, as an important part of an organization's complete management system, constitutes an active part of information security, and is a coordinated activity to guide and control the information security risks of an organization, and its goal is the organization's information assets.
Security management involves an organization's information evaluation, development and recording, as well as the implementation of policies, standards, procedures and guidelines to achieve confidentiality, integrity and availability. Security management needs to identify threats, classify assets, and effectively implement security control according to vulnerability classification.
Safety management, like other management problems, should also solve the problems of organization, system and personnel. Specifically, it is to establish the organization of information security management and clarify responsibilities, establish and improve the security management system, strengthen the safety awareness of personnel, and conduct safety training and education. Only in this way can information security management include security planning, risk management, emergency plan, awareness training, security assessment, security certification and other aspects.
It should be noted that people's understanding of information security management is gradually deepened and developed after information security technology, and there are not as many standards and norms about information security management as security technology. The most representative ones are BS 7799 and ISO 13335.