In opinion of experts on information computer technologies, the greatest threat to information systems and databases proceeds not from the super hackers pursuing bad purposes. The purposes, and more likely from sources to which we absolutely trust. The realistic estimation of threat with the subsequent development of corresponding security measures can provide effective protection against the majority of encroachments on information resources of the organization. And it does not demand excessive efforts.

Intellectual larceny a characteristic sign of time

Any company is not in full safety in the information attitude. Any of them can be robed and incur significant material and moral losses. One of the most valuable and convenient for plunder is the confidential information intellectual property of the organization.

Annually the world community as a result of economic espionage loses billions dollars of a national total product. So, the American department on a science and technologies at the White house estimates annual losses only the companies of the USA in $100 billion

Amazingly, but the fact: the majority of plunders of the valuable information is made by employees of the companies, instead of specially prepared external computer criminals.

Outflow of information technologies has reached the size of epidemic. All data, beginning from the order of the goods and finishing every possible financial calculation, in digital computers and systems are presented by elementary lines computer. To this so it is plain the presented information employees of firms have access.

Compactness of the information and wide use of network technologies have created a new problem for experts in the field of its protection: data can be stolen in the organization by its employees absolutely imperceptibly. Often the management learns about such outflow only after data about expensive researches of the company appear at the nearest competitor.

Experts on protection of the information manage to block rather reliably only physical access to sources of strategic materials. Thus protection of information resources against external encroachments is provided.

Thieves of the information who they?

Than thefts of intellectual property are caused? On the first place among thieves of the computer information _ the employees of own company dissatisfied with the service position. Then dishonest employees of the firm follow, trying to be enriched, having sold the information or having provided to it access to extraneous persons. Plunders are promoted also by acceptance for work of employees under the contract, on a time basis or in combination.

The reasons of theft can be the most different. Except for banal aspiration of direct enrichment it is possible to name creation of advantages to own companies or the companies of the relatives, a transfer of the information on a new place of work, creation of the firm.

Friends to employees of firm whom as the Grecian horse to reach information resources of the company much easier can hunt for valuable data, rather than to usual hackers also.

And what behind ocean?

The American society on industrial safety (ASIS) in the reports specifies, that within three years the quantity of intellectual thefts increases on 300_350 %. On the average daily occurs in one significant case of intellectual larceny. And it concerns only to the registered incidents. Actually it is much more than thefts. The organizations, as a rule, do not inform on them as value the reputation.

According to ASIS, 63 % from total of thefts of the information make plunders computerized the strategic plans, the given research and developmental works, and also industrial technologies.

In October 1996 the president of the USA has signed the decree on prevention of economic espionage according to which theft of industrial secrets in any form is a high treason. For the past four years this decree has shown the high efficiency in business of safety of intellectual property.

However mass media and large manufacturers audio-, movie- and a video production (in particular, Hollywood) continue to suffer from the massed attacks of computer burglars (hackers) and until now. And, as already it was spoken above, most dangerous of them are workers of the organizations. ASIS informs, that own employees, contractors or suppliers of production make 74 % of plunders of intellectual property.

During the interrogation lead by Michigan University, 58 % of respondents have declared chiefs of security services of corporations, that at their enterprises the employees working on the full rate, the valuable marketing information in great volumes was abducted.

Thus, the internal danger, which is starting with sources to which the management quite trusts, brings more damage, than intrusion into information networks from the outside.

Many cases looses the important information are connected with elementary carelessness of its owners. We shall result some examples confirming it.

The chief of an intelligence service in charge of whom there is a multistage branched out prospecting structure, not relying for memory, has attached a leaf on which the code and the password, and also detailed instructions on an input in system have been written down to the monitor of the computer. The part of the valuable information has been stolen.

Authorities of one of American states have created a site on the Internet, but have not taken care of protection of access. This very day the identifier of the user and passwords file have got in the order of hackers. The part of the strategic information has received wide publicity.

So, according to the American mass media, in FBI constantly is on investigation from 800 up to 1000 cases of economic espionage which integral part is theft of intellectual property.

In connection with the above-stated, on May, 22nd, 1998 in America the instruction of the president ? 63 where instructions are given to federal administrative bodies, to the state and private companies on carrying out of measures for good safety the most vulnerable objects of an infrastructure of the USA to which concern a communication facility and communications, a bank-financial system, power, transport and the basic public services (especially power character) is published. According to this instruction, by 2003 in the country the reliable, interconnected and safe information-system infrastructure should be created.

Already in it to year safety of public services for what the National center of reception of signals about information attacks and to reaction to them is created will be considerably strengthened. By 2003 the sufficient mental potential for protection of the important objects of an infrastructure against deliberate hostile actions will collect.

To this purpose there is an integration of efforts state and private concerns, and the emphasis is done on development of the last. It and is clear _ on creation of the certain perspective information technologies they advance official bodies for three-five years.

For coordination of efforts at FBI the National center on protection of objects of an infrastructure of the USA is created. Employees of FBI, the Ministry of Defense, Confidential service of the USA are included in it, CIA, the Ministries of power and transport, and also representatives of a private sector of economy.

The Pentagon does not doze

Recently protection of the information is one of the priorities problems of the American military department.

In army of the USA where since 1997 on each military man it is necessary more than one personal computer, information safety is connected by the closest image with battle readiness and management efficiency. Certainly, today in the Pentagon nobody will come in a head to entangle a wire and to seal up mass press of hundred thousand personal computers as all of them work both in local, and in the regional distributed networks (not speaking about an output in global), for connection to which it is not so obligatory to get into premises where computers are established.

In the future organizational-technical measures on protection of the information (check of the persons having access to confidential data, protection of premises, shielding of the equipment, etc.), as before, will be used. However, in opinion of the American experts, these measures do not become defining as the greatest threat for safety of information systems will be represented by external users, is casual or purposely connected to information resources by means of network services.

In recent times during peace-making operations of NATO in the Near East and last war on the Balkans it was evidently shown with actions of hundreds hackers which simultaneously attacked key information resources of military structure of NATO and the Pentagon, that for some time has paralyzed their work.

As believe in the Pentagon, large-scale integration of information systems of the Ministry of Defense of the USA on the basis of last achievements in the field of information technologies will allow the American military-political management to leave in the beginning of the third millennium on qualitatively new level of a control system of armed forces.

Against a breakage there are receptions

For safety of commercial and other information from encroachments of internal and external enemies of the organization should realize a complex of effective actions: to undertake the efforts coordinated at physical and program levels, to carry out the control of employees, to spend audits-inspections, carefully to check partners on business. Only in this case experts on problems of protection of the information of firms can successfully carry out the functional duties.

One of approaches to a problem of protection of the information is application of the concept of an establishment of risk (losses) at plunder of data of the certain thematic orientation and a category. For this purpose the management of the organization makes the closed list critical concerning risk of the moments during its ability to live.

The complex of measures on minimization of each of possible risks is underlined.