Visit us at : www.nsdl.co.in 1 NSDL THREAT PERCEPTIONS & SECURITY MEASURES.

Slides:



Advertisements
Similar presentations
What you will get? Or what you like to know?
Advertisements

Firewalls By Tahaei Fall What is a firewall? a choke point of control and monitoring interconnects networks with differing trust imposes restrictions.
Guide to Network Defense and Countermeasures Second Edition
1 Defining System Security Policies. 2 Module - Defining System Security Policies ♦ Overview An important aspect of Network management is to protect your.
CSCI 530 Lab Firewalls. Overview Firewalls Capabilities Limitations What are we limiting with a firewall? General Network Security Strategies Packet Filtering.
IS Network and Telecommunications Risks
Lesson 18-Internet Architecture. Overview Internet services. Develop a communications architecture. Design a demilitarized zone. Understand network address.
Network Security Testing Techniques Presented By:- Sachin Vador.
Group Presentation Design and Implementation of a company- wide networking & communication technologies strategy 9 th December 2003 Prepared By: …………
Security Management IACT 918 July 2004 Gene Awyzio SITACS University of Wollongong.
ITS Offsite Workshop 2002 PolyU IT Security Policy PolyU IT/Computer Systems Security Policy (SSP) By Ken Chung Senior Computing Officer Information Technology.
Terri Lahey LCLS Facility Advisory Committee 20 April 2006 LCLS Network Security Terri Lahey.
Security Overview. 2 Objectives Understand network security Understand security threat trends and their ramifications Understand the goals of network.
Lesson 10 – SECURING YOUR NETWORK Security devices Internal security External security Viruses and other malicious software OVERVIEW.
Payment Card Industry (PCI) Data Security Standard
Alter – Information Systems 4th ed. © 2002 Prentice Hall 1 E-Business Security.
University of Missouri System 1 Security – Defending your Customers from Themselves StateNets Annual Meeting February, 2004.
Computerized Networking of HIV Providers Networking Fundamentals Presented by: Tom Lang – LCG Technologies Corp. May 8, 2003.
Security Measures Using IS to secure data. Security Equipment, Hardware Biometrics –Authentication based on what you are (Biometrics) –Biometrics, human.
Information Security Introduction to Information Security Michael Whitman and Herbert Mattord 14-1.
E-business Security Dana Vasiloaica Institute of Technology Sligo 22 April 2006.
Chapter 2 Information Security Overview The Executive Guide to Information Security manual.
Lesson 8-Information Security Process. Overview Introducing information security process. Conducting an assessment. Developing a policy. Implementing.
CHAPTER 2 PCs on the Internet Suraya Alias. The TCP/IP Suite of Protocols Internet applications – client/server applications The client requested data.
Surveillance Equipment For Internet Activities It is a Internet activities surveillance equipment designed for sniffer package from networking, converter.
COEN 252 Computer Forensics
Network Protocols. Why Protocols?  Rules and procedures to govern communication Some for transferring data Some for transferring data Some for route.
Securing Microsoft® Exchange Server 2010
Security Baseline. Definition A preliminary assessment of a newly implemented system Serves as a starting point to measure changes in configurations and.
Csci5233 Computer Security1 Bishop: Chapter 27 System Security.
蓄勢待發迎WebSAMS Preparation Forum for WebSAMS Implementation Document 12
COEN 252 Computer Forensics Collecting Network-based Evidence.
1 Chapter Overview Using the New Connection Wizard to configure network and Internet connections Using the New Connection Wizard to configure outbound.
Chapter 6 of the Executive Guide manual Technology.
Today’s Lecture Covers < Chapter 6 - IS Security
11 SECURING YOUR NETWORK PERIMETER Chapter 10. Chapter 10: SECURING YOUR NETWORK PERIMETER2 CHAPTER OBJECTIVES  Establish secure topologies.  Secure.
KAPLAN SCHOOL OF INFORMATION SYSTEMS AND TECHNOLOGY Unit 4 IT 484 Networking Security Course Name – IT Networking Security 1203C Term Instructor.
1 Introduction to Microsoft Windows 2000 Windows 2000 Overview Windows 2000 Architecture Overview Windows 2000 Directory Services Overview Logging On to.
Lesson 9-Information Security Best Practices. Overview Understanding administrative security. Security project plans. Understanding technical security.
© 2006 Cisco Systems, Inc. All rights reserved. Cisco IOS Threat Defense Features.
Note1 (Admi1) Overview of administering security.
An analysis of Skype protocol Presented by: Abdul Haleem.
Information System Audit : © South-Asian Management Technologies Foundation Chapter 10 Case Study: Conducting an Information Systems Audit.
Chapter 2 Securing Network Server and User Workstations.
Network Security & Accounting
Security and Firewalls Ref: Keeping Your Site Comfortably Secure: An Introduction to Firewalls John P. Wack and Lisa J. Carnahan NIST Special Publication.
IT Security. What is Information Security? Information security describes efforts to protect computer and non computer equipment, facilities, data, and.
Security fundamentals Topic 10 Securing the network perimeter.
Security fundamentals Topic 9 Securing internet messaging.
Information Security Measures Confidentiality IntegrityAccessibility Information cannot be available or disclosed to unauthorized persons, entities or.
Firewall Technology and InterCell Communication Peter T. Dinsmore Trusted Information Systems Network Associates Inc 3060 Washington Rd (Rt. 97) Glenwood,
Network HARDWARE What HARDWARE do you think you need to connect to a Local Area Network??
CPT 123 Internet Skills Class Notes Internet Security Session B.
“Lines of Defense” against Malware.. Prevention: Keep Malware off your computer. Limit Damage: Stop Malware that gets onto your computer from doing any.
SECURITY REQUIREMENTS AND MANAGEMENT: Presentation By: Guillermo Dijk.
Introduction to Networking. What is a Network? Discuss in groups.
By: Matt Winkeler.  PCI – Payment Card Industry  DSS – Data Security Standard  PAN – Primary Account Number.
SemiCorp Inc. Presented by Danu Hunskunatai GGU ID #
Firewalls. Overview of Firewalls As the name implies, a firewall acts to provide secured access between two networks A firewall may be implemented as.
Jeff Warnock COSC 352 Indiana University of Pennsylvania Spring 2010.
Security fundamentals
Secure Software Confidentiality Integrity Data Security Authentication
Securing the Network Perimeter with ISA 2004
Security of a Local Area Network
Unit 27: Network Operating Systems
An Introduction to Computer Networking
ISMS Information Security Management System
Firewalls Routers, Switches, Hubs VPNs
Firewalls Jiang Long Spring 2002.
Network hardening Chapter 14.
Presentation transcript:

Visit us at : 1 NSDL THREAT PERCEPTIONS & SECURITY MEASURES

Visit us at : 2 AGENDA Introduction to Depository NSDL System Overview Threat Perception Security Measures IT Audit Practices

Visit us at : 3 NSDL - Bank -- An Analogy BANKBANKNSDLNSDL

Visit us at : 4Legislation/Regulations Service only through Participants Depository to maintain client level data Daily Reconciliation Continuos Connectivity with Encryption Backup facility at an alternate site

Visit us at : 5 NSDL System Overview CLEARING CORP. REGISTRAR /ISSUERS DEPOSITORY PARTICIPANTS STAR NETWORK SWIFT MESSAGING CONVENTION ANOTHER DEPOSITORY CC - 2 CC - 3 DP - 3DP - 4DP - 5 DEPOSITORY NSDL SR-1 SR-2 SR-3 DP - 1DP - 2 CC -1

Visit us at : 6 NSDL Today Beneficiary Accounts : lac Positions : > 2 crore Custody : Rs. 9 lac crore Settlement thru Demat : 99.99% No. of Comp. / Securities : / Settlement value : > Rs cr. Bookings : 6-12 lacs SWIFT Messages : lacs

Visit us at : 7 Threat Perception Authenticity of Debit instruction Privacy of account holder’s information Disruption of Service Reconciliation Software Integrity

Visit us at : 8 Participants System Depository Network Depository Central System NSDL Internal Office Infrastructure Internet based Services Security Measures Scope

Visit us at : 9 Participants System Maker / Checker Implementation Audit Trails Inspection / Audit System Mandated Reconciliation Remote site backup + Log shipping Dial-up - Readiness Checks

Visit us at : 10 Depository Network Set-up Closed User Group (CUG) Network Hardware based Authentication Encryption - Dynamic Key change IP Filtering + Access List on Gateway Port Restriction Telnet / Direct Login / File Transfer prohibited Accepts only Message with valid format

Visit us at : 11 Depository System System Enforced Password Policy Failed Login Alerts Discretionary Access Control (DAC) Audit Trail De-activation of user-id with Direct Access rights MAC Address authentication for Access LAN Switch Port mapped to MAC address

Visit us at : 12 Depository Internal Office Infrastructure Office Systems –Switch based LAN / VLANs –Roving Port disabled on all LAN Switches –Local PC Data Protection Policy –Media Disposal Policy –Licensed Software Usage only

Visit us at : 13 Depository Internal Office Infrastructure - Cont. Internet Access –Governed by Internet Usage Policy –Access only through Proy Server –Firewall / IDS / URL Categorisation – send / receive to server hosted outside –Only HTTP / HTTPs ports allowed –ICMP blocked, No access from outside

Visit us at : 14 Depository Internal Office Infrastructure - Cont. Virus Protection Mechanism –Gateway Scanner – s / Attachments scanned on Mail Server –Desktop Anti Virus Protection Physical Access –Proximity Card –Video Surveillance –Asset Movement Monitoring

Visit us at : 15 Internet based Services SPEED-e SSL Authentication –Password –PKI / SMART Card 3 Tier architecture Clustering Firewall / IDS

Visit us at : 16 Internet based Services - Cont.

Visit us at : 17 Software Change Management SRC (Software Review Committee) SDLC approach with documentation Separate environments (Dev./ Test / Prod) Source management system (VSS / SCLM) Acceptance Testing Managed DPM software distribution Formal Software Release Reviews

Visit us at : 18 Business Continuity Planning Facilities Dual UPS with Battery Back-up Standby Diesel generator Fire/Smoke detector & FM 200 Sprinklers Standby Air Conditioners Periodic Drill

Visit us at : 19 Business Continuity Planning System and Data Processor/Disk Sparring Standby controller/Router Dual Logging Log file replication at another site Fire proof back-up storage Safe copy of software & critical documents Periodic Operations from DRS Facility

Visit us at : Business Continuity Planning Network NSE DRS HUB NSDL DRS NSE Primary HUB, Mumbai, Leased Line NSDLNET ISDN / PSTN NSDL NET Business Partners NSDL Primary Production Site Mumbai NSDL TC Fall Back X. 25 VSAT Cloud NSENET

Visit us at : 21 IT Audit Practices Security Committee Vulnerability Assessment Group Risk Analysis Group Security Audit and Penetration Testing Surprise audit by Security Officer Reporting to MD