Operational procedures for preventing misuse

Slides:

Advertisements

Similar presentations

Unit 4- Assignment 3 P5, P6, M2 BTEC Business Level 3.

Advertisements

Auditing Computer-Based Information Systems

Ensuring Continuing Operations and Disaster Recovery By: Alyssa Gatrell Mike Harker Amy Shumway.

ITS Offsite Workshop 2002 PolyU IT Security Policy PolyU IT/Computer Systems Security Policy (SSP) By Ken Chung Senior Computing Officer Information Technology.

Managing Information Systems Information Systems Security and Control Part 2 Dr. Stephania Loizidou Himona ACSC 345.

Factors to be taken into account when designing ICT Security Policies

Hacking, Viruses and the Copyright Law. Learning Objectives  Describe what Hacking is and what Viruses are.  List what viruses can do and describe how.

The laws Organizations are covered by lots of different laws

Prepared by:Nahed AlSalah Data Security 2 Unit 19.

E-business Security Dana Vasiloaica Institute of Technology Sligo 22 April 2006.

Security The Kingsway School. Accidental Data Loss Data can be lost or damaged by: Hardware failure such as a failed disk drive Operator error e.g. accidental.

Protecting ICT Systems

Disaster Planning and Security Policies. Threats to data DeliberateTerrorism Criminal vandalism/sabotage White collar crime Accidental Floods and fire,

Overview of Systems Audit

Network Security Policy Anna Nash MBA 737. Agenda Overview Goals Components Success Factors Common Barriers Importance Questions.

GCSE ICT Viruses, Security & Hacking. Introduction to Viruses – what is a virus? Computer virus definition - Malicious code of computer programming How.

“ Technology Working For People” Intro to HIPAA and Small Practice Implementation.

What if you suspect a security incident or software vulnerability? What if you suspect a security incident at your site? DON’T PANIC Immediately inform:

Thomas Levy. Agenda 1.Aims: Reducing Cyber Risk 2.Information Risk Management 3.Secure Configuration 4.Network Security 5.Managing User Access 6.Education.

Chapter 16 Designing Effective Output. E – 2 Before H000 Produce Hardware Investment Report HI000 Produce Hardware Investment Lines H100 Read Hardware.

Cyber Security & Fraud – The impact on small businesses.

Backup Procedure  To prevent against data loss, computer users should have backup procedures  A backup is a copy of information stored on a computer.

Computer Security 2 Keeping your computer safe. Computer Security 2 Computer Security 2 includes two lessons:  Lesson 3: Protecting yourself and your.

G061 - Network Security. Learning Objective: explain methods for combating ICT crime and protecting ICT systems.

13.6 Legal Aspects Corporate IT Security Policy. Objectives Understand the need for a corporate information technology security policy and its role within.

Security PoliciesIT3 Security Policies. IT3 All companies adopt ICT Security Policies to protect themselves against:- Bad publicity Security threats Loss.

UNIT 15 WEEK 9 CLASS 1 LESSON OVERVIEW Pete Lawrence BTEC National Diploma Organisational System Security.

Lesson 9-Information Security Best Practices. Overview Understanding administrative security. Security project plans. Understanding technical security.

Appendix C: Designing an Operations Framework to Manage Security.

Note1 (Admi1) Overview of administering security.

Zulhizam Bin Ebrahim Mohd Shamir Bin Abd Azia Muhammad Salehin Bin Suhaimi

ICT in Healthcare. Electronic prescription service GPs and nurses can send electronic prescriptions to a dispenser (pharmacy) of the patients choice.

Network Security & Accounting

Lesson 19-E-Commerce Security Needs. Overview Understand e-commerce services. Understand the importance of availability. Implement client-side security.

HalFILE 2.1 Network Protection & Disaster Recovery.

A Computer Virus is a software program that is designed to copy itself over and over again and to attach itself to other programs. They don’t affect hardware,

ICT4 October Networks  Choosing a network for a company  cost of network  size of organisation  how the system will be used  existing systems.

Disaster Recovery: Can Your Business Survive Data Loss? DR Strategies for Today and Tomorrow.

Security and Ethics Safeguards and Codes of Conduct.

ICT Security Policies Security Policies What is Security?What is a policy? The aims or plan of action of a person or group. School OED Precaution against.

Welcome to the ICT Department Unit 3_4 Code of Conduct.

Organisational Systems Security Assignment 2 tips (available on Wiki also)

Objectives  Legislation:  Understand that implementation of legislation will impact on procedures within an organisation.  Describe.

1 AQA ICT AS Level © Nelson Thornes Firewalls and Virus Checkers.

Protecting Data. Privacy Everyone has a right to privacy Data is held by many organisations –Employers –Shops –Banks –Insurance companies –etc.

© 2003 McGraw-Hill Australia Pty Ltd, PPTs t/a Accounting Information & Reporting Systems by A. Aseervatham and D. Anandarajah. Slides prepared by Kaye.

Operational Issues. Operational Changes It is important to organisations to ensure that they abide by the Law when caring for the safety of their employees,

Security Issues and Ethics in Education Chapter 8 Brooke Blanscet, Morgan Chatman, Lynsey Turner, Bryan Howerton.

Page 1 Viruses. Page 2 What Is a Virus A virus is basically a computer program that has been written to perform a specific set of tasks. Unfortunately,

Computer Security Sample security policy Dr Alexei Vernitski.

MAC Internal Audit Dept.

SemiCorp Inc. Presented by Danu Hunskunatai GGU ID #

10 things you can do today to reduce your security risk.

Welcome to the ICT Department Unit 3_5 Security Policies.

Section 4 Policies and legislation AQA ICT A2 Level © Nelson Thornes Section 4: Policies and Legislation Legislation – practical implications.

Backdoor Attacks.

Footprinting (definition 1)

I S P S loss Prevention.

Data Compromises: A Tax Practitioners “Nightmare”

UNIT 19 Data Security 2.

Business Risks of Insecure Networks

Unit 7 – Organisational Systems Security

CYB 110 Competitive Success/snaptutorial.com

CYB 110 Education Begins / tutorialrank.com. CYB 110 All Assignments For more course tutorials visit CYB 110 Week 1 Individual Protecting.

Planning and Security Policies

County HIPAA Review All Rights Reserved 2002.

INFORMATION SYSTEMS SECURITY and CONTROL

Understanding the issues related to the use of information

How it affects policies and procedures

G061 - Network Security.

Presentation transcript:

Operational procedures for preventing misuse

Lesson Objectives To understand the operational procedures for preventing misuse and how they can be carried out.

Operational procedures for preventing misuse Screening potential employees Routines for distributing updated virus information and virus scanning procedures Define procedures for downloading from the Internet, use of floppy discs, personal backup procedures Establish security rights for updating web pages Establish a disaster recovery programme Set up auditing procedures (Audit trails) to detect misuse.

Operational Procedure How to carry out procedure Screening potential employees Ensure staff are controlled Fit employee to the task CRB checks Routines for distributing updated virus information and virus scanning procedures Ensuring virus signatures are updated daily and distributed around the network when a station logs in Establish firewalls Define procedures for downloading from the internet, use of removable media, personal backup procedures Staff code of conduct Penalties for misuse How often done, have they got to use special machines, off site etc

Operational Procedure How to carry out procedure Establish security rights for updating web pages Who/what/when Establish a disaster recovery programme Who does what and when, including checking the standby equipment Backup plans, i.e. how often NOT RISKS ANALYSIS Set up auditing procedures (Audit trails) to detect misuse Who/what when Contiguous investigation of regularities Query any transaction out of the ordinary

Past Questions Describe three operational procedures an organisation could put in place to prevent misuse of data. Use different examples to illustrate each procedure. [6]