Examples of IT Detective Controls

Techwalla may earn compensation through affiliate links in this story. Learn more about our affiliate and product review process here.
IT security controls prevent disaster for small business computer systems.
Image Credit: Ryan McVay/Digital Vision/Getty Images

In the field of information security, a number of counter measures are used to protect information assets. The counter measures available to security administrators are classified as preventive, detective or corrective in function. A detective control is designed to detect attacks against information systems and prevent them from being successful. Detective controls are also designed to detect system or hardware failures and provide adequate warning to system administrators to prevent system interruptions.

Advertisement

Physical Security

Video of the Day

Physical security surrounding IT areas should have a number of access controls that are detective in nature, including video monitoring stations, door alarms, motion detectors, smoke and fire alarms. While these measures seem conventional and not part of IT infrastructure, they are integral to the protection of information assets and valid components of a layered approach to IT security. If IT resources are not manned on a 24-hour basis, alarms and detectors can be linked to reputable alarm services or local law enforcement when the small business is closed.

Advertisement

Video of the Day

Intrusion Detection Systems

Intrusion detection systems are a device or software application that monitors computer systems for malicious activity, policy violations or other prohibited usage. IDS can alert the system administrator on duty and automatically respond to prevent the intrusion. In addition, some IDS can capture and preserve information concerning the attempted attack or intrusion and provide identifying information on the attacker, such as IP and MAC addresses.

Advertisement

Antivirus Protection

Antivirus software is designed to monitor computer systems to identify computer viruses or malware of all types and prevent infections in real time. Antivirus software must be updated frequently to keep pace with new viruses, bots, Trojan horses and other exploits discovered daily. Some types of antivirus have the ability to test files for similarities to known viruses or run the files in a protected area to see if any malicious characteristics are found.

Advertisement

Advertisement

System Monitoring and Logging

System and network monitoring tools record log-ins and access to particular applications. These tools are used to monitor and preserve the activities of authorized users. System monitoring also alerts system administrators to violations of policy, such as unacceptable use of the Internet, company email and unauthorized access to protected areas of privileged access.

Advertisement

Advertisement