I is for…

Integrity

Along with confidentiality and availability, integrity makes up what is known as the CIA triad, the three main pillars that Information Security is built on.

Integrity is all about making sure that data has not been changed or tampered with by unauthorised people. For example, if someone was able to access a hospital’s systems and change a medicine dosage from 30mg of a drug to 3g, it could have potentially fatal consequences: that’s a change to the integrity of the data.

Internet

Ok, I know we all use it (at least to visit this website) but what exactly is the internet? It’s a group of computers which are all connected through a variety of technologies. Crucially, the Internet specifically refers to computers which are not on the same local network (your business computers within one office building are probably on the same local network) and are not within the same business.

The internet is the way that unrelated computers are connected to each other: it’s what allows you to browse to this website, to use Google or Bing (or other search engines) to find information that interests you not only in the Surface Web, but also in the Dark Web and the Deep Web.

Internet of Everything

The IoE, Internet of Everything, is exactly what it suggests. It’s used to refer to anything that is connected to the internet, irrespective of whether it’s a traditional computer, smartphone or one of the devices that make up the Internet of Things.

Internet of Things

There are many things other than your PC, laptop or server which are connected to the internet. Commonly referred to as the IoT, the Internet of Things is made up of all the other connected devices, such as your smart TV, your smart energy meter, some toys, perhaps your CCTV so you can check who’s in your house when you’re away, but also industrial control systems like the heating controls for office blocks, pumping stations on pipelines etc.

These are all connected so that people don’t physically have to be present to monitor and operate the controls: they connect to the Internet and make whatever changes are necessary remotely.

Intranet

An intranet is a network used to provide information within an organisation. It most likely include sections with HR documentation, IT support contacts, social events, marketing information, policies and procedures, health and safety and news about the company among other things. It’s not intended to be viewed by anyone other than employees, hence it is not available to the wider world.

iOS

This is the Operating System used by Apple mobile devices like iPads and iPhones. It’s the software that allows applications on the devices to “talk” to the device itself. It means that developers don’t have to write code to talk directly to the device, but instead use a common platform with a common set of instructions which talk to the device on their behalf.

D is for…

Dark Web

Most of us are familiar with the Internet, and using search engines such as Google and Bing to find information we need. Those operate in a part of the World Wide Web that is often called the Surface Web. It seems like we can find a huge amount of data on the surface web, but in actual fact it’s only about 5% of all material that is available online. A large portion of the remaining data is found on the Deep Web – see below – but there’s a very murky area which is hidden away and can only be accessed by using special web browser software, the most well known being The Onion Router, or ToR. Most users will never have cause to visit this area, because it’s where various illegal web sites / services are found, including drugs, stolen goods, child abuse, false identity documents, counterfeit money etc. It’s therefore an area where criminals globally congregate to deal in and share their services.

Data Centre

A data centre is typically a large room – or set of rooms – with multiple servers in it. It can vary in size from one room with a few racks of servers, to a site with many thousands of servers. Typically they will have redundant power supplies, some form of backup solution, and will often provide services to multiple companies at the same time. Some organisations will run their own data centres, some will outsource their services to a Third Party, and some will operate a mix.

Data centres are typically where cloud services live. Companies such as Microsoft, Google and Amazon offer multiple data centres across most of the continents.

DDoS

Distributed Denial of Services (DDoS) are a method of attack on a company’s services (typically internet based, like web sites or file sharing). They are carried out by multiple internet connected devices including PCs, laptops and IoT machines, often using botnets. The word Distributed is used to signify that the devices are spreads around, possibly even al over the globe.

When a DDoS attack is carried out, the target is overwhelmed by multiple messages being sent from all the devices in the botnet, to the extent that it is rendered unusable.

A way of thinking of this is if you have a crowd of people trying to get through a door. If they move one at a time through the door, there’s no problem. If everyone tries to get through the door at the same time, it will become blocked and take time to become unblocked.

Deep Web

As mentioned above in Dark Web, the Deep Web makes up a huge proportion of the World Wide Web. The sites in this area are not indexed, which means they can’t be found by search engines like Google and Bing, but that doesn’t mean that they are providing illegal services.

Deep Web sites are typically where you can find information that isn’t really for public consumption, but which is used by special interest groups. This will include research groups, academic communities, file sharing sites etc. Users access the sites only if they know the exact address, but can use standard browsers such as Internet Explorer and Chrome – other browsers are available.

Decryption

Decryption is how cryptography makes messages readable again after they have been encrypted. Depending on how data is encrypted, decryption may happen automatically, or you may have to carry out a specific routine using special software.

Disaster Recovery

Disaster Recovery (DR) is most commonly seen as the provision of the IT part of a Business Continuity Plan. It’s about getting your IT systems back up and running within set timescales in order to enable key resources to work as normal.

For example, if you’ve planned to move to an alternate location in the event of an outage with your business, your DR solution will probably include appropriate network connections, having enough desktop or laptop devices available and having the relevant data and software available from the alternate location.

It’s not uncommon for businesses to run tabletop exercises to work out who would do what in the event of a problem, but it’s also a good idea to actually test that the plan works. For example, if your DR plan is to have 20 people up and running within 4 hours at the alternate site, but there are only 10 devices available for them to use at the site, then your plan will fail.

It’s important to note that when testing your plan, things not working are good things to find. It’s better to find that out during a test than when you actually need it.

DOS

Denial of Service (DOS) is similar to DDoS, but instead of being based on multiple devices acting concurrently, is based on a single device. That single device will send multiple messages consecutively at a very high rate, with the aim of overloading the target device.

Tubes

This book by Andrew Blum is a fascinating insight into what the internet physically looks like. It starts with the author wondering where the wire goes from his house, how it joins other wires and how does data go round the world. He visits a site where an undersea cable is being brought ashore, and he gets as close as most people can to a Google data centre.

The journey takes in some of the history of the internet, how it started and where. The author even visits some of the first sites and machines which were connected as part of the nascent World Wide Web,

I appreciate that it’s a little bit nerdy, a little bit geeky, but I found it a really interesting read. I’d recommend it to anyone with a passing interest in how the world is connected now.