1 / 37

Chapter 12

Chapter 12. Information Security Management. Study Questions. Q1: What is the goal of information systems security? Q2: How big is the computer security problem? Q3: How should you respond to security threats? Q4: How should organizations respond to security threats?

casta
Télécharger la présentation

Chapter 12

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. Chapter 12 Information Security Management

  2. Study Questions Q1: What is the goal of information systems security? Q2: How big is the computer security problem? Q3: How should you respond to security threats? Q4: How should organizations respond to security threats? Q5: How can technical safeguards protect against security threats? Q6: How can data safeguards protect against security threats? Q7: How can human safeguards protect against security threats? Q8: How should organizations respond to security incidents?

  3. Q1: What Is the Goal of Information Systems Security?

  4. Examples of Threat/Loss

  5. What Are the Sources of Threats?

  6. Unauthorized Data Disclosure Unauthorized data disclosure—inadvertent release of data in violation of policy Pretexting—pretending to be someone else via phone call Phishing—pretexting using email; email spoofing Spoofing—disguising as a different IP address or different email sender, web spoofing IP spoofing—impersonating another computing system Drive-by Sniffing—intercepting computer communications Email spoofing—synonym for phishing Hacking, natural disasters, etc.

  7. Incorrect Data Modification • Procedures not followed or incorrectly designed procedures • Increasing a customer’s discount or incorrectly modifying employee’s salary • Placing incorrect data on company Web site • Improper internal controls on systems • System errors • Faulty recovery actions after a disaster

  8. Faulty Service • Incorrect data modification • Systems working incorrectly • Procedural mistakes • Programming errors • IT installation errors • Usurpation • Denial of service (unintentional) • Denial-of-service attacks(intentional)

  9. Loss of Infrastructure • Human accidents • Theft and terrorist events • Disgruntled or terminated employee • Natural disasters • Advanced Persistent Threat (APT) or cyberwarfare

  10. Mobile Security • 155% increase in mobile malware apps from 2010 to 2011 • Apps for snooping – track location, record phone calls, save and display chats and messages. • “jailbreak” targeted at App Store of iPhone • Sniffer programs to access Wi-Fi networks unauthorized. • Kaspersky, Lookout, DroidSecurity, Sandboxing • Performing a remote wipe of offending apps

  11. Q2: How Big Is the Computer SecurityProblem?

  12. Verizon–Secret Service Findings 2011 • Number of data-loss security incidents reached all-time high, but number of data records lost fell dramatically for second year in a row • Data theft most successful at small and medium-sized businesses

  13. Verizon–Secret Service Findings 2011 (cont'd) Four most frequent computer crimes • Criminal activity against servers • Viruses • Code insertion • Data loss on user computer

  14. Types of Attacks Experienced

  15. Intrusion Detection System (IDS) • Computer program that senses when another computer is attempting to scan disk or otherwise access a computer • “When I run an IDS on a computer on the public Internet,... I get more than 1,000 attempts, mostly from foreign countries. There is nothing you can do about it except use reasonable safeguards.”

  16. Q3: How Should You Respond to Security Threats?

  17. Q4: How Should Organizations Respond to Security Threats? • Establish a company-wide security policy • What sensitive data to store • How it will process that data • Will data be shared with other organizations • How employees and others can obtain copies of data stored about them

  18. Q4: How Should Organizations Respond to Security Threats? (cont'd) • How employees and others can request changes to inaccurate data • What employees can do with their own mobile devices at work • What non-organizational activities employees can take with employee-owned equipment

  19. Security Safeguards as They Relate to the Five IS Components

  20. Q5: How Can Technical Safeguards Protect Against Security Threats?

  21. Identification and Authentication (Access) Authentication methods • Password • Smart card • Biometric Smart cards • Microchip embedded with identifying data • Authentication by PIN Biometric authentication • Fingerprints, face scans, retina scans • See http://searchsecurity.techtarget.com Single sign-on for multiple systems • Authenticate to network and other servers

  22. Encryption Terminology Encryption algorithms (DES, 3DES, AES, blowfish, idea) Key—a number used to encrypt the data Symmetric encryption Asymmetric encryption—public/private key HTTPS (HTTP + SSL/TLS) Secure Sock Layer (SSL) (Predecessor of TLS) Transport Layer Security (TLS) (DC, Privacy, PKE)

  23. Encryption: Essence of HTTPS (SSL or TLS)

  24. Firewalls

  25. Malware Types and Spyware and Adware Symptoms • Viruses • Payload • Trojan horses • Worms • Beacons Spyware & Adware Symptoms

  26. Malware Safeguards • Install antivirus and antispyware programs • Scan frequently • Update malware definitions • Open email attachments only from known sources • Install software updates from legitimate sources • Browse only reputable Internet neighborhoods

  27. Q6: How Can Data Safeguards ProtectAgainst Security Threats?

  28. Q7: How can Human SafeguardsProtect Against Security Threats?

  29. Account Administration • Account Management • Standards for new user accounts, modification of account permissions, removal of unneeded accounts • Password Management • Users should change passwords frequently • Help Desk Policies

  30. Sample Account Acknowledgment Form

  31. Systems Procedures • Data recovery; online recovery - the process of salvaging data from damaged, failed, corrupted, or inaccessible secondary storage media when it cannot be accessed normally.

  32. Security Monitoring Functions Activity log analyses • Firewall logs • DBMS log-in records • Web server logs Security testing • In-house and external security professionals Investigation of incidents • How did the problem occur? Learn from incidences • Indication of potential vulnerability and needed corrective actions Review and update security and safeguard policies

  33. What Is Necessary for Disaster Preparedness? • Disaster • Substantial loss of infrastructure caused by acts of nature, crime, or terrorism • Appropriate location • Avoid places prone to floods, earthquakes, tornadoes, hurricanes, avalanches, car/truck accidents • Not in unobtrusive buildings, basements, backrooms, physical perimeter • Fire-resistant buildings

  34. Google’s Data Center in Finland • Hamina Data Center • http://www.google.com/about/datacenters/locations/hamina/ • http://www.youtube.com/watch?v=VChOEvKicQQ • High-tech cooling system

  35. What Is Necessary for Disaster preparedness? (cont’d) Backup processing centers in geographically removed site Create backups for critical resources Contract with “hot site” or “cold site” provider • Hot site provides all equipment needed to continue operations there • Cold site provides space but you set up and install equipment • www.ragingwire.com/managed_services?=recovery Periodically train and rehearse cutover of operations Cloud Backup: a service that provides users with a system for the backup and storage of computer files. A form of cloud computing

  36. Q8: How Should OrganizationsRespond to Security Incidents?

  37. How Does the Knowledge in thisChapter Help You? • Aware of threats to computer security as an individual, business professional and employee • Know trade-offs of loss risks and cost of safeguards • Ways to protect your computing devices and data • Understand technical, data, and human safeguards • Understand how organizations should respond to security incidents

More Related