Critical infrastructures, endpoint protection

Cybersecurity is the new set of mechanisms aimed at securing our use of cyberspace. In contrast to the traditional security that is concerned with the medium (the network), cybersecurity extends to “things” and how to use them; Providing security not only to the means of transport, but also integrating users and components that make use of e-services.

From Acuntia we consider that the networks nowadays have stopped being mere mechanisms of transport of packages to fulfill the function of service providers. The technology associated to the networks must adapt to this new function, from being a mere byte transport agent, to an agent that is able to understand the information it transports and to ensure and protect its delivery at all levels: integrity, availability And confidentiality.

  • Critical infrastructures

    Within the infrastructures to be protected, critical infrastructures are one of the assets most likely to receive all kinds of new generation attacks. In order to provide a state-level response, a law (LPIC) has been developed with a regulation that develops it. This law establishes at national level a series of measures for the protection of critical infrastructures, providing adequate support on which is based an efficient coordination of the public administrations and the entities and organizations that manage or own these infrastructures, which provide services essential for society, in order to achieve better global security.

The new GDPR regulation obliges companies to guarantee the protection of data, even when such data is in the Cloud. A new figure is created in companies, that of the ‘Data Protection Delegate’, who will be in charge of demanding the protection of all sensitive data of the company, wherever they are.

The attacks against which companies must protect themselves include, among other things, the theft of personal information and bank data, using techniques such as phishing, pharming, e-mail Unwanted (spam) and malware designed for this purpose (programs that capture keystrokes or keyloggers, password collectors, …).

  • Endpoint Protection

In this environment, global protection, including the user’s post, is of great importance, through products that prevent the accidental or intentional dissemination of any type of information or data outside an organization.

It is necessary to avoid the leakage of information, or loss of sensitive information for the business of the company, through any means: email, instant messaging, file transfer through FTP, P2P networks, chat, blogs or external devices. Storage (eg USB), monitoring all types of communication channels, to and from the outside of the organization, avoiding information leakage and implementing sensitive information usage policies.