UNIT V Security Management of Information Technology.

Slides:

Advertisements

Similar presentations

Intermediate 2 Computing

Advertisements

Networking at Home and Abroad

1 Chapter 8 Fundamentals of System Security. 2 Objectives In this chapter, you will: Understand the trade-offs among security, performance, and ease of.

1 MIS 2000 Class 22 System Security Update: Winter 2015.

Unit 9 Network Fundamentals. Describe a network Explain the benefits of a network Identify risks in computing Describe the roles of clients & servers.

Building Your Own Firewall Chapter 10. Learning Objectives List and define the two categories of firewalls Explain why desktop firewalls are used Explain.

8.1 © 2007 by Prentice Hall 8 Chapter Securing Information Systems.

Sixth Edition 1 M a n a g e m e n t I n f o r m a t i o n S y s t e m s M a n a g I n g I n f o r m a t i o n T e c h n o l o g y i n t h e E – B u s i.

ITS Offsite Workshop 2002 PolyU IT Security Policy PolyU IT/Computer Systems Security Policy (SSP) By Ken Chung Senior Computing Officer Information Technology.

Lesson 9-Securing a Network. Overview Identifying threats to the network security. Planning a secure network.

Fifth Edition 1 M a n a g e m e n t I n f o r m a t i o n S y s t e m s M a n a g I n g I n f o r m a t i o n T e c h n o l o g y i n t h e E – B u s i.

Security and Ethical Challenges

Eleventh Edition 1 Introduction to Information Systems Essentials for the Internetworked E-Business Enterprise Irwin/McGraw-Hill Copyright © 2002, The.

Presented by Manager, MIS.  GRIDCo’s intentions for publishing an Acceptable Use Policy are not to impose restrictions that are contrary to GRIDCo’s.

The Internet. What is the internet? a vast network designed to transfer data from one computer to another.

Security Measures Using IS to secure data. Security Equipment, Hardware Biometrics –Authentication based on what you are (Biometrics) –Biometrics, human.

Security Equipment Equipment for preventing unauthorised access to data & information.

McGraw-Hill/Irwin ©2008,The McGraw-Hill Companies, All Rights Reserved Chapter 11 Security and Ethical Challenges.

Unit 8 Network Fundamentals Describe a network Explain the benefits of a network Identify risks in computing Describe the roles of clients & servers.

PRELIM TOPICS. IS operations management is concerned with the use of hardware, software, network, and personnel resources in data centers Operational.

McGraw-Hill/Irwin Copyright © 2013 by The McGraw-Hill Companies, Inc. All rights reserved. Extended Learning Module E Network Basics.

Protecting ICT Systems

Securing Information Systems

Computer Networking Part 1 CS 1 Rick Graziani Cabrillo College Fall 2005.

1 Ethical Challenges in Management. 2 Ethical Responsibility  The use of IT presents major security challenges, poses serious ethical questions, and.

© 2007 Cisco Systems, Inc. All rights reserved.Cisco Public ITE PC v4.0 Chapter 1 1 ISP Responsibility Working at a Small-to-Medium Business or ISP – Chapter.

Copyright 2007 Jim Martin1 Broadband Internet Access Dr. Jim Martin

Environment for Information Security n Distributed computing n Decentralization of IS function n Outsourcing.

David Abarca, Instructor Del Mar College Computer Corner Internet Access Dialup, DSL, or Cable.

Firewalls Nathan Long Computer Science 481. What is a firewall? A firewall is a system or group of systems that enforces an access control policy between.

Chapter 7 Networks and the Internet Networks Sharing resources among multiple computers (workstations) Local Area Networks Wide Area Networks.

G061 - Network Security. Learning Objective: explain methods for combating ICT crime and protecting ICT systems.

Security and Ethics Privacy Employment Health Crime Working

ACM 511 Introduction to Computer Networks. Computer Networks.

Communication Systems The Internet The largest wide area network in the world. It is made up of thousands of linked networks. What.

McGraw-Hill/Irwin Copyright © 2008, The McGraw-Hill Companies, Inc. All rights reserved.McGraw-Hill/Irwin Copyright © 2008 The McGraw-Hill Companies, Inc.

Copyright © 2006, The McGraw-Hill Companies, Inc. All rights reserved. Developing Business/IT Strategies Chapter 11.

SESSION 14 INFORMATION SYSTEMS SECURITY AND CONTROL.

Chapter 2 Securing Network Server and User Workstations.

Copyright © 2006, The McGraw-Hill Companies, Inc. All rights reserved. Security and Ethical Challenges Chapter 13.

MIS 7003 MIS Core Course The MBA Program The University of Tulsa Professor: Akhilesh Bajaj Security: Personal & Business © Akhilesh Bajaj 2004,2005, 2007,

MBA 664 Database Management Dave Salisbury ( )

Security And EthicalChallenges of IT Oktalia Juwita, S.Kom., M.MT. Dasar-dasar Sistem Informasi – IKU1102.

Chapter 7 1Artificial Intelligent. OBJECTIVES Explain why information systems need special protection from destruction, error, and abuse Assess the business.

Higher Computing Networking. Networking – Local Area Networks.

Communications & Networks National 4 & 5 Computing Science.

Computer Security By Duncan Hall.

“Lines of Defense” against Malware.. Prevention: Keep Malware off your computer. Limit Damage: Stop Malware that gets onto your computer from doing any.

INFORMATION SECURITY AND CONTROL. SECURITY: l Deter l Detect l Minimize l Investigate l Recover.

11-1 McGraw-Hill/Irwin Copyright © 2007 by The McGraw-Hill Companies, Inc. All rights reserved.

1 Lesson 24 Network Fundamentals Computer Literacy BASICS: A Comprehensive Guide to IC 3, 3 rd Edition Morrison / Wells.

 client  client/server network  communication hardware  extranet  firewall  hacker  Internet  intranet  local area network (LAN)  Network 

Information Systems Design and Development Security Precautions Computing Science.

SemiCorp Inc. Presented by Danu Hunskunatai GGU ID #

INTRODUCTION TO INFORMATION SYSTEMS LECTURE 11: SECURITY & ETHICAL CHALLENGES أ/ غدير عاشور

Securing Information Systems

INFORMATION SYSTEMS SECURITY AND CONTROL.

(A CORPORATE NETWORK APPROACH)

CONNECTING TO THE INTERNET

INFORMATION SECURITY The protection of information from accidental or intentional misuse of a persons inside or outside an organization Comp 212 – Computer.

Unit 9 Network Fundamentals

Securing Information Systems

Security and Ethical Challenges

INFORMATION SYSTEMS SECURITY and CONTROL

Unit 4 IT Security Kerris Davies.

GETTING CONNECTED TO INTERNET

Networking at Home and Abroad

PLANNING A SECURE BASELINE INSTALLATION

G061 - Network Security.

Presentation transcript:

UNIT V Security Management of Information Technology

Security Management The goal of security management is the accuracy, integrity, and safety of all information system processes and resources. II MBA A.MIS.RR.2011 Batch 2

Tools of Security Management Internetworked Security Defenses Encryption Firewalls Denial of Service Defenses Monitoring Virus defenses Other security measures to protect systems and Network Security codes Back up files Security monitors Biometric security Computer Failure Controls Fault tolerant System Disaster Recovery

Internetworked Security Defenses Encryption Data is transmitted in scrambled form It is unscrambled by computer systems for authorized users only The most widely used method uses a pair of public and private keys unique to each individual Firewalls A gatekeeper system that protects a company’s intranets and other computer networks from intrusion Provides a filter and safe transfer point for access to/from the Internet and other networks Important for individuals who connect to the Internet with DSL or cable modems Can deter hacking, but cannot prevent it II MBA A.MIS.RR.2011 Batch 4

Public/Private Key Encryption II MBA A.MIS.RR.2011 Batch 5

Internet and Intranet Firewalls II MBA A.MIS.RR.2011 Batch 6

Denial of Service Defenses Steps the organisation’ s can take to protect themselves from DDOS attacks ( distributed denial of service ) At the zombie machines set and enforce security policies Scan for vulnerabilities At the ISP monitor and block traffic spikes At the victim’s website create backup servers and network connections II MBA A.MIS.RR.2011 Batch 7

Internetworked Security Defenses (contd..) Monitoring use of content monitoring software that scans for troublesome words that might compromise corporate security Virus Defenses centralize the distribution and updating of antivirus software Use a security suite that integrates virus protection with firewalls, Web security, and content blocking features II MBA A.MIS.RR.2011 Batch 8

Other Security Measures Security Codes multilevel password system used to gain access into the system Encrypted passwords Smart cards with microprocessors Backup Files duplicate files of data or programs Security Monitors software that monitors the use of computer systems and networks and protects them from unauthorized use, fraud, and destruction Biometrics computer devices that measure physical traits that make each individual unique Voice recognition, fingerprints, retina scan Computer Failure Controls devices used to prevent computer failure or minimize its effects Preventive maintenance Arrange backups with a disaster recovery organization II MBA A.MIS.RR.2011 Batch 9

Fault Tolerant Systems In the event of a system failure, fault-tolerant systems have redundant processors, peripherals, and software that provide Fail-over capability: shifts to back up components Fail-save capability: the system continues to operate at the same level Fail-soft capability: the system continues to operate at a reduced but acceptable level II MBA A.MIS.RR.2011 Batch 10

Disaster Recover A disaster recovery plan contains formalized procedures to follow in the event of a disaster Which employees will participate What their duties will be What hardware, software, and facilities will be used Priority of applications that will be processed Use of alternative facilities Offsite storage of databases II MBA A.MIS.RR.2011 Batch 11

Information System Controls Methods and devices that attempt to ensure the accuracy, validity, and propriety of information system activities

Auditing IT Security IT Security Audits Performed by internal or external auditors Review and evaluation of security measures and management policies Goal is to ensure that that proper and adequate measures and policies are in place II MBA A.MIS.RR.2011 Batch 13

Security Management for Internet Users II MBA A.MIS.RR.2011 Batch 14

II MBA A.MIS.RR.2011 Batch 15

II MBA A.MIS.RR.2011 Batch 16

DSL When you connect to the Internet, you might connect through a regular modem, through a local-area network connection in your office, through a cable modem or through a digital subscriber line(DSL) connection. DSL is a very high-speed connection that uses the same wires as a regulartelephone line.modemlocal-area networkcable modemtelephone line Here are some advantages of DSL: You can leave your Internet connection open and still use the phone line for voice calls. The speed is much higher than a regular modem DSL doesn't necessarily require new wiring; it can use the phone line you already have. The company that offers DSL will usually provide the modem as part of the installation. But there are disadvantages: A DSL connection works better when you are closer to the provider's central office. The farther away you get from the central office, the weaker the signal becomes. The connection is faster for receiving data than it is for sending data over the Internet. The service is not available everywhere.