Analysis of corporate information systems vulnerability
DOI:
https://doi.org/10.18372/2410-7840.20.12453Keywords:
corporate information systems, computer networks, threats of information security, information protectionAbstract
For today, wireless corporate information systems are an integral part of the competitive functioning of a modern enterprise. Ease of use, almost unlimited functionality, not high cost system scan - these are the main advantages of this type of systems. Corporate information systems of large companies regularly undergo changes - the hardware configuration is updated, the network topology changes, new nodes and system targets are emerging. For most cor-porations with distributed infrastructure, the process of continuous provision of comprehensive protection of in-formation assets becomes a daunting task due to the high complexity of architecture and a large number of intercon-nections within individual subsystems. According to the re-sults of analytical studies of leading companies that deal with information security of enterprises in recent years, the tendency to increase the overall level of security of the net-work perimeter of corporate information systems. On av-erage, in 27% of cases, professionals can not overcome the network perimeter and access the resources of the internal local area network. Since enterprise confidential infor-mation (e-mail, account passwords, server access details, hash data user accounts, and other information that is not publicly accessible) is the goal for many cybercriminals, these technologies are often become a subject of attacks. Thus, the problem of identifying and analyzing vulnerabil-ities in information security in corporate information sys-tems is relevant to date. In conducting the analysis we re-lied on the study of foreign scientists and practitioners en-gaged in the study of threats and the development of their prevention systems. The study of this issue enables to iden-tify and classify possible threats and modernize existing or develop new effective methods and measures of infor-mation securityReferences
Е. Фролов, "Современные концепции управления в производственной логистике, MES для дискре-тного производства — метод вычисляемых прио-ритетов", САПР и графика, № 1, С. 71-75, 2011.
В. Базилевич, "Аналіз методів захисту від кіберза-гроз в бездротових мережах стандарту IEEE 802.11", Захист інформації, №3, С. 222-227, 2017.
Концепція технічного захисту інформації в галузі зв’язку України. [Електронний ресурс]. Режим доступу: http://zakon5.rada.gov.ua/laws/show/1126-97-%D0%BF
А. Корченко, Е. Иванченко, С. Казмирчук, "Ана-лиз и определение понятия риска для его интер-претации в области информационной безопас-ности", Защита информации, №3, 2010.
О. Корченко, Системи захисту інформації , моногра-фія, К.: НАУ, 2004, 264 с.
Практическая атака на беспроводную сеть с WEP шифрованием [Електронний ресурс]. Режим дос-тупу: http://habrahabr.ru/post/92681/
IBM 2015 Cyber Security Intelligence Index [Елект-ронний ресурс]. Режим доступу: http://public.dhe. ibm.com/common/ssi/ecm/se/en/sew03073usen/SEW03073USEN.PDF
Актуальные киберугрозы: III квартал 2017 года [Електронний ресурс]. Режим доступу до ресурсу: https://www.ptsecurity.com/ru-ru/research/analytics/
Downloads
Published
How to Cite
Issue
Section
License
The scientific journal adheres to the principles of Open Access and provides free, immediate, and permanent access to all published materials without financial, technical, or legal barriers for readers.
All articles are published in Open Access under the Creative Commons Attribution 4.0 International (CC BY 4.0) license.
Copyright
Authors who publish their works in the journal:
-
retain the copyright to their publications;
-
grant the journal the right of first publication of the article;
-
agree to the distribution of their materials under the CC BY 4.0 license;
-
have the right to reuse, archive, and distribute their works (including in institutional and subject repositories), provided that proper reference is made to the original publication in the journal.
