ITSM and ITIL

ITIL V3 Concept – Repression

One of the key processes in ITIL V3 is IT Information Security. This process is a part of Service Design phase. A technique used in countering basic hacks is the repressive/repression technique.

When a certain action is performed incorrectly multiple times, the system supporting the action represses it, thereby preventing potential hack.

I know whatever I stated above went right over your head. When I state it with an example, the aaah moment will follow.

Everybody I know who has an email account, has a gmail one. On the login page, when you enter wrong passwords multiple times, first a captcha phrase pops in – to test if the user keying the password is not a bot. Next, the account gets locked out, and the unlock process identifies the right owner through the registered cell phone number.

I am interested in the locking process rather than unlocking.

When wrong passwords are keyed in a number of times, to protect against a possible hack, the account getting locked is a repressive action. It ensures that the potential damage is minimized by repressing the threat.

In the gmail example, repression technique is two-fold. First is to check whether a script is trying to gain access by trying a number of permutations and combinations. Second control – locking the account is the second tier control which can protect against a person trying to gain access by manually trying out different passwords.

Generally financial institutions use the repression technique to protect against fraud. I have seen that a number of banks give three or five tries before locking the account.

If you have further questions on the repression concept in ITIL V3, comment below. Other techniques include detection, prevention and correction. I will pick the remaining in the near future.

Related posts

Role of Design in ITIL Process Development and Implementation

Abhinav Kaiser

How does DevOps Transform ITIL Configuration Management?

Abhinav Kaiser

KPIs for an Incident Manager

Abhinav Kaiser

Four Essential Qualities of an ITIL Change Manager

Abhinav Kaiser

Difference between Assets and Configuration Items – Post 2 of 2

Abhinav Kaiser

What is Service?

Abhinav Kaiser

1 comment

santu January 7, 2014 at 10:35 PM

What are the implementation challenges that you face when implementing ITSM/ITIL?

Please share your biggest obstacles of ITSM/ITIL implementations and provide guidance on how to tackle these by means of instruments, tips & tricks, etc. Kindly provide real time scenario.

Reply

Leave a Comment

This site uses Akismet to reduce spam. Learn how your comment data is processed.