Today the use of computers has penetrated into all fields. The development of computer technology is very rapid to cause a variety the field depends on the computer, of course it is increasingly easy and speed up the work contained in the field. Use the computer also makes it easy to compile and store a database that is used as a reference in a program that is run. Moreover, computers currently in circulation can be connected or connected between devices with one another with the help of the network. That matter allows users to be able to exchange and access data from anywhere, regardless of remote location aspects.
Of course, the use of computers today which are almost certain to be used in conjunction with the network, must consider the security aspects. Because the security of a computer network is very closely related to the security of information exchanged within it. There are various kinds of facilities on computer services that get threats from various forms of attack. We need to know how to prevent this, so that the data we have remains in the proper state. Aspects that must be considered in a computer’s security system, namely confidentiality, integrity, availability, and authentication.
Now I want to tell you about Single point of failure, back-up, and penetration testing.
- Single point of failure
Single point of failure is a system dependence on just one point. This causes, if there is damage at that point the impact on the whole existing system. When a system is designed, a single point of failure can be prevented by multiplying components and duplicating several parts of the system. An example is when a system will implement storage high speed, it should use multiple disks, because if you only use one disk, and later the disk is damaged, the system will not work. On a larger scale, a website can duplicate a server, because if one server is damaged, the service will automatically switch to another server, and users can still use the website.
In the world of information security, back-up is a method used to back up data by copying data that already exists on the computer so that the data can then be searched and reused, if there is damage to the computer itself later. Damage that occurs can be sourced from the user, the network, and the computer itself. There are several reasons why a person or organization performs a back-up process, namely the desire to make a backup of the data so that later the data can be recovered again if there is damage later. Data back-up is the best solution for securing and backing up the data we have.
The basic steps for backing up data, namely:
1. Determine which files we want to back up, where the format can be various.
2. Copying files or data that has been determined into the back-up media, for example USB drives, cloud storage, external storage, and so forth.
- The methods mentioned above must be repeated in accordance with the frequency we scheduled, so that the stored data can be updated.
In backing up a file there are a number of things to consider, namely:
1. What type of files should be backed up, the intention is whether the file that we are going to save is in the form of a work, entertainment, or other file according to the needs that we need.
2. Scheduling back-ups on a regular basis because the data is stored and backed up regularly, later when restored can provide the latest data coverage, according to when was the last time the data was backed up.
3. Location or storage media, this is very important because it is the main point of backing up data. Media ones can be used online, offline, or both at the same time. This is done to prevent things that are not desirable, if only relying on one storage media.
Besides there are some things that must be considered, there are also methods used to back up a file or data.
1. Local-Managed Backup
This back-up method relies directly on the computer to back up data. We can adjust how often the back-up frequency will be performed.
2. Back up Destination Options
This back-up method gives us options. There are two ways, namely offline and online. Offline we can utilize external storage media, while online we can utilize cloud storage media.
3. Vendor-Managed Backup
The back-up method uses the services of a company that provides data back-up services. In general, the services offered are paid.
Penetration testing (pentest) is an activity carried out to test the security of a system. This test is carried out to find security holes in the system. The results of this test are used to improve the security side of the system. What is sought from this Pentest is whether there are security gaps that can be misused (exploitable vulnerability) (Julismail, 2014).
- Penetration Testing
The purpose of Penetration testing is to determine and find out attacks that can occur against vulnerabilities in the system and to know the business impacts resulting from the exploitation carried out by the attacker. The steps in doing a penetration testing, namely:
- Planning is the first step that must be done, where at this stage several things must be considered carefully. These things, namely the scope, estimated time, contract, number of people needed, and notification of penetration testing.
2. Information gathering and analysis is the second step. This second step is more convenient for gathering all information about the system to be tested. There are many tools that can be used. The information collected can be in the form of domain, server, IP address, host information, firewalls, and so on.
3. The third step, namely vulnerability detection or searching for loopholes in a security system.
4. The next step is to try an attack on a system to find out the extent of its security.
5. The final step, namely analysis and report generation. In general, reporting on security gaps that have been found and how to overcome these problems.