ITSM and ITIL

ITIL V3 Concept – Repression

One of the key processes in ITIL V3 is IT Information Security. This process is a part of Service Design phase. A technique used in countering basic hacks is the repressive/repression technique.

When a certain action is performed incorrectly multiple times, the system supporting the action represses it, thereby preventing potential hack.

I know whatever I stated above went right over your head. When I state it with an example, the aaah moment will follow.

Everybody I know who has an email account, has a gmail one. On the login page, when you enter wrong passwords multiple times, first a captcha phrase pops in – to test if the user keying the password is not a bot. Next, the account gets locked out, and the unlock process identifies the right owner through the registered cell phone number.

I am interested in the locking process rather than unlocking.

When wrong passwords are keyed in a number of times, to protect against a possible hack, the account getting locked is a repressive action. It ensures that the potential damage is minimized by repressing the threat.

In the gmail example, repression technique is two-fold. First is to check whether a script is trying to gain access by trying a number of permutations and combinations. Second control – locking the account is the second tier control which can protect against a person trying to gain access by manually trying out different passwords.

Generally financial institutions use the repression technique to protect against fraud. I have seen that a number of banks give three or five tries before locking the account.

If you have further questions on the repression concept in ITIL V3, comment below. Other techniques include detection, prevention and correction. I will pick the remaining in the near future.

Related posts

Different Roles in ITIL Service Desk Management

Abhinav Kaiser

Reinventing ITIL in the Age of DevOps

Abhinav Kaiser

[ITIL] Change Management as a Service

Abhinav Kaiser

Introduction to Service Desk

Abhinav Kaiser

Criteria for Standard Changes

Abhinav Kaiser

Deming Cycle Explained [with an example]

Abhinav Kaiser

1 comment

santu January 7, 2014 at 10:35 PM

What are the implementation challenges that you face when implementing ITSM/ITIL?

Please share your biggest obstacles of ITSM/ITIL implementations and provide guidance on how to tackle these by means of instruments, tips & tricks, etc. Kindly provide real time scenario.

Reply

Leave a Comment

This site uses Akismet to reduce spam. Learn how your comment data is processed.