Also enables servers that disclose information to millions of users, allows hackers, crackers, criminals and other "bad guys" break into the same computer where web servers are running.

Companies, institutions and governments increasingly use the WWW (World Wide Web) to distribute important information and conduct commerce. Violating web servers can damage reputations and lose money

While the web is easy to use, the servers are extremely complicated software parts and have different potential security flaws.

It is much more expensive and time-consuming recovery of a security incident to implement preventive measures.

PUBLICIDAD: Web servers are the face that organizations have the public and the electronic world. A successful attack on any of them are public act that can be seen in a few hours by hundreds of thousands. The ataqes can jump on ideological or financial reasons, or be simple acts of vandalism wing random.

COMERCIO: Many web servers are related to trade and money. In fact the integrated cryptographic protocols to netscape browser and other browsers were originally included to allow users belonging send credit card numbers over the Internet without worrying that were intercepted. Thus, Web servers have become repositories of sensitive financial information, which becomes the attractive targets for attacks.

INFORMACION CONFIDENCIAL: For organizations, the web technology has convetido in a way to distribute inforación with great simplicity, both internally to its own members, and externally to partners worldwide. This confidential information is an attractive blacno for your competitors and enemies

ACCESO A LAS REDES: When used by people both inside and outside the organizations, web servers effectively serve as a bridge between the organization's internal network and external networks. Its privileged position as a web server can be used as a basis violated to attack from there to the computers of an organization.

EXTENSIBILIDAD EN LOS SERVIDORES: By its nature, the servers are designed to be extensible, or which makes it possible to connect to databases, legacy systems and other programs properly, the module that appends. If not implemented properly, the modules that are added to a server can compromise the security of the entire system.

INTERRUMPCION DEL SERVICIO: As the technology of the web is based on the family of TCP / IP protocols, is subject to service interruptions: already accidentally or intentionally through denial of service attacks. People who use this technology must be aware of their failures and prepare for major imterrupciones of sevice

SOPORTE COMPLICADO: Browsers need domestic services, such as DNS (Domain Name Service) and IP Routing Protocol were (internet protocol). To function well. The robustness and reliability of such services may be unknown and vulnerable to programming errors, accidents and subversion, subversion of a lower level of service can also cause problems to browsers

Objetivos

Information Security is the set of procedures, strategies and tools to ensure the integrity, availability and confidentiality of information of an entity.

INTEGRIDAD: It is necessary to ensure that data is safe from unauthorized changes, loss of integrity may end in fraud errones step decisions or other attacks. The system contains information that must be protected from unintended modification, unauthorized or accidental, such as information systems and financial census or transactions.

DISPONIBILIDAD: This refers to the operational continuity of the entity, the loss of availability may involve the loss of productivity or credibility of the institution. The system contains information or provides services that must be available in time to meet requirements or to avoid substantial losses, as safety critical systems and protection of life.

CONFIDENCIALIDAD: It refers to the protection of data against unauthorized dissemination, loss of business or credibility. The system contains information that requires protection against unauthorized disclosure, reporting partial information, proprietary business information.

These aspects also to deal with the risk posed by remote attackers, are also threatened by extinction risk for natural disasters, disloyal employees, viruses and sabotage, among others.