BAKU, Azerbaijan, Feb.10
By Sadraddin Aghjayev - Trend:
Specialists of Azerbaijan’s ULTRA Technologies Company in terms of cybersecurity pay special attention to the computing infrastructure on which its systems will operate when designing and implementing its software solutions through the customers’ order, Ruslan Romanenko, a consultant on innovative solutions at the company told Trend.
According to Romanenko, the specialists require their customers to have a permanent backup of all data, so that in the event of their loss or damage, they can be restored without problems.
"First of all, it’s necessary to analyze and classify the business and/or business tasks of the customer, in order to subsequently offer this or that solution/technology based on the received information," he said.
The consultant highlighted a number of solutions that in different scenarios can be combined or applied in a complex, where it is very important to build the correct architecture with the so-called ‘demilitarized zone’ - DMZ, using technologies such as:
- Network Router L3 - designed to cut off unwanted ‘guests’, which serves to be the first line of security, protecting the network from any attacks and intrusions;
- WAF (Web Application Firewall) - designed to detect and block network attacks on a web application;
- Next-Generation Firewall (NGFW). This class is capable of detecting and blocking sophisticated attacks by applying security policies at the application, port, and protocol levels.
Further Romanenko emphasized the following solutions to protect against encroachments of ‘internal’ ill-wishers or actions of unscrupulous employees, where it’s very important to introduce a control system over their actions:
- system of controlling privileged users (PAM - Privileged Access Management), which assists in tracking actions carried out under privileged accounts;
- various systems for auditing user actions, monitoring changes in the IT ecosystem, detailed analysis of incidents and receiving notifications of suspicious actions and events;
- SIEM (Security information and event management) systems, which provide real-time analysis of information security events emanating from network devices and applications, which makes it possible to respond to them even before significant damage occurs; and
- DLP (Data Loss Prevention), as the best full-fledged information security system, a software product created to prevent leaks of confidential information outside the corporate network, built on a set of rules, prohibitions, permissions and control over all employees of the organization.
"We insist that only licensed software (operating systems, databases) and its latest and updated versions are used to protect the system from vulnerabilities," he stressed.
As for other solutions purely specializing in the prevention of unauthorized intrusions, then, according to the innovation consultant, before implementing the company’s IT products, its specialists conduct a thorough analysis of the IT and information security of the customer's infrastructure and provide detailed recommendations, as with they can be used to defend against cyber attacks.
---