Recommending a Security Strategy

Slides:

Advertisements

Similar presentations

Unit 1 Living in the Digital WorldChapter 1 Lets Communicate Internet Safety.

Advertisements

Ethics, Privacy and Information Security

CHAPTER OVERVIEW SECTION 4.1 – Ethics

McGraw-Hill/Irwin ©2009 The McGraw-Hill Companies, All Rights Reserved CHAPTER 4 ETHICS AND INFORMATION SECURITY Business Driven Information Systems 2e.

Chapter 4 McGraw-Hill/Irwin Copyright © 2011 by The McGraw-Hill Companies, Inc. All rights reserved. Ethics and Information Security.

Online Banking Fraud Prevention Recommendations and Best Practices This document provides you with fraud prevention best practices that every employee.

Copyright © 2015 McGraw-Hill Education. All rights reserved. No reproduction or distribution without the prior written consent of McGraw-Hill Education.

Secure Computing Network

Security Presented by : Qing Ma. Introduction Security overview security threats password security, encryption and network security as specific.

Developing Network Security Strategies Network Security D ESIGN Network Security M ECHANISMS.

McGraw-Hill/Irwin ©2008 The McGraw-Hill Companies, All Rights Reserved ETHICS SECTION 4.1.

McGraw-Hill © 2008 The McGraw-Hill Companies, Inc. All rights reserved. Chapter 8 Threats and Safeguards Chapter 8 PROTECTING PEOPLE AND INFORMATION Threats.

Sanjay Goel, School of Business/Center for Information Forensics and Assurance University at Albany Proprietary Information 1 Unit Outline Qualitative.

Security Management IACT 918 July 2004 Gene Awyzio SITACS University of Wollongong.

Brian Bradley.  Data is any type of stored digital information.  Security is about the protection of assets.  Prevention: measures taken to protect.

CHAPTER FOUR ETHICS AND INFORMATION SECURITY MIS BUSINESS CONCERNS

Security. If I get 7.5% interest on $5,349.44, how much do I get in a month? (.075/12) = * 5, = $ What happens to the.004? =

1 Title ECI: Anatomy of a Cyber Investigation Who Are the Actors.

Kittiphan Techakittiroj (04/09/58 19:56 น. 04/09/58 19:56 น. 04/09/58 19:56 น.) Network Security (the Internet Security) Kittiphan Techakittiroj

Copyright © 2012 by The McGraw-Hill Companies, Inc. All rights reserved. McGraw-Hill/Irwin CHAPTER FOUR ETHICS AND INFORMATION SECURITY: MIS BUSINESS CONCERNS.

UNDERSTANDING THE RISKS & CHALLENGES OF Cyber Security DAVID NIMMO InDepth IT Solutions DAVID HIGGINS WatchGuard NEIL PARKER BridgePoint Group A BridgePoint.

BUSINESS B1 Information Security.

Chapter 12 by Lisa Reeves Bertin Securing Information in a Network.

Security Professional Services. Security Assessments Vulnerability Assessment IT Security Assessment Firewall Migration Custom Professional Security Services.

Environment for Information Security n Distributed computing n Decentralization of IS function n Outsourcing.

General Awareness Training Security Awareness Module 3 Take Action! Where To Go for Help.

Information Security Awareness Training. Why Information Security? Information is a valuable asset for all kinds of business More and more information.

IS Network and Telecommunications Risks Chapter Six.

Security in ERP Systems By Jason Rhodewalt & Marcel Gibson.

1 Network and E-commerce Security Nungky Awang Chandra Fasilkom Mercu Buana University.

Module 11: Designing Security for Network Perimeters.

Module 12: Responding to Security Incidents. Overview Introduction to Auditing and Incident Response Designing an Audit Policy Designing an Incident Response.

Computer Security By Duncan Hall.

1 Figure 1-6: Attacks and Defenses (Study Figure) Access Control  Access control is the body of strategies and practices that a company uses to prevent.

Designed By: Jennifer Gohn.  “Getting people to do things they wouldn’t ordinarily do for a stranger” –Kevin Mitnick  There are several different.

Chapter 3 “A Case Study of Effectively Implemented Information Systems Security Policy[1]” John Doran, CST554, Spring 2008.

SemiCorp Inc. Presented by Danu Hunskunatai GGU ID #

USDA 2016 Financial Management Training Transforming Shared Services Cyber Security Presented by Jack Blount.

Documents. Process. Data. Payables

BUSINESS DRIVEN TECHNOLOGY

Network Security Presented by: JAISURYA BANERJEA MBA, 2ND Semester.

ISSeG Integrated Site Security for Grids WP2 - Methodology

Network Security (the Internet Security)

CHAPTER FOUR OVERVIEW SECTION ETHICS

Lesson Objectives Aims You should be able to:

Data Compromises: A Tax Practitioners “Nightmare”

Cyber Security By: Pratik Gandhi.

Lecture 14: Business Information Systems - ICT Security

BUILDING A PRIVACY AND SECURITY PROGRAM FOR YOUR NON-PROFIT

Business Risks of Insecure Networks

Cyber Attacks on Businesses 43% of cyber attacks target small business Only 14% of small business rate their ability to mitigate cyber risk highly.

Securing Information Systems

Forensics Week 11.

Tool Server Workstation Router Universal

Done BY: Zainab Sulaiman AL-Mandhari Under Supervisor: Dr.Tarek

Unit 7 – Organisational Systems Security

Call AVG Antivirus Support | Fix Your PC

Computer Security Firewalls November 19, 2018 ©2004, Bryan J. Higgs.

Cybersecurity Special Public Meeting/Commission Workshop for Natural Gas Utilities September 27, 2018.

برنامج أمن أنظمة الحاسب

Managing the Security Function

Information Security Awareness

Cybersecurity Am I concerned?

Implementing Client Security on Windows 2000 and Windows XP Level 150

Unit 4 IT Security Kerris Davies.

CHAPTER FOUR OVERVIEW SECTION ETHICS

Securing Windows 7 Lesson 10.

Drew Hunt Network Security Analyst Valley Medical Center

Chapter 7 – and 8 pp 155 – 202 of Web security by Lincoln D. Stein

Securing and Protecting Citizens' Data

Presentation transcript:

Recommending a Security Strategy Ideas for today and tomorrow

Industry breach discovery A few of our firm’s major competitors experienced a security data breach in its undisclosed cross-functional enterprise systems within a three-month timeframe. This event heightened the security awareness for our company.

Common Computer breaches Figure 1

Enterprise-level Security action plan IT Department Suppliers, Employees, and customers Implement the Security changes: For Suppliers Add a new Access Rule to Firewall Add certificate of Authority from a Third party [VeriSign] Add Public Key Encryption For Employees Add new Security Policies and train everyone in a Mandatory meeting Enforcement of Security Plan For Customers FAQ Best Practices with our software and hardware Internal Action Plan User Education and Training Develop FAQ from meetings Creation of a Honey Pot using Cisco Reviewing/Monitoring email data Study Pharming attacks Create Access rules for the Network firewall. Review Potential Vulnerabilities

IT Reviews these potential vulnerabilities Study Elevation of privilege Hoaxes Packet tampering Sniffer Spoofing Splogs Spyware Dumpster Diving Social engineering, hackers use their social skills to trick people into revealing access credentials or other valuable information.

Employees new security guidelines Mandatory Computer-Use Meetings & sign document Discuss new Security Policies Computer do’s and dont’s in simple language

Security for Supplier Connections The IT Teams will add specific computers from the Suppliers to have access to our network Set up a Certificate of Authority with a third party [VeriSign] Add Public Key Encryption

Security recommendations for customers Add related FAQs to Customer Access area Add other Security Tips and expectations from firm, if a Virus or Worm found when connecting,

Network Security Plan for internal use Certain file sharing applications are prohibited to be used on the corporate network. Kazaz, and IM software leaks cookies onto the network. Corporate laptops and computers can not be used for personal use. Virus protection scans every day with updates Authentication and authorization occurs by department only. New Information Security policies Requiring users to log off before leaving for lunch or meetings Never share passwords – and changing it every 30 days. Specific emails and links to not click on No social engineering sites utilized on work computers, except Linked-In

Bibliography Google Images( figure1). (n.d.). Retrieved December 05, 2016, from https://images.google.com/ Paige Baltzan. (2015). Business-Driven Technology. 6th Edition.