Implementación de controles de seguridad de la información mediante software open source.

Abstract

Nowadays, any type of business depends on the information technologies to be able to carry out its processes, these technologies generate data, these data after being organized and analyzed become information, this information can have a high value. Therefore, the application of certain controls that allow us to comply with the fundamental principles of information security is required in order to maintain integrity, availability and confidentiality. This work shows the implementation of certain security controls that will help us keep the information complete and always available. For this, due to its open source features, the CentOS 7 operating system was used, based on the Red Hat Enterprise Linux distribution. Through which, with the help of tools such as rsync and rsnapshot, a mirror server configuration was made between two nodes, each with the same services, thus performing the execution of automated security backups and the synchronization of specific folders. In addition, the replication of a website was executed, through the implementation of a cluster consisting of both nodes or servers. As a result, the objective of mitigating certain business information security risks was achieved, maintaining the availability of the information considered most important by the company, in several real-time sites and the continuity of the website against failures of any kind.