Group: Anju, Ashok, Justin, Joe and Christina

Slides:



Advertisements
Similar presentations
Chapter ADCS CS262/0898/V1 Chapter 1 An Introduction To Computer Security TOPICS Introduction Threats to Computer Systems –Threats, Vulnerabilities.
Advertisements

Chapter 7: Physical & Environmental Security
INADEQUATE SECURITY POLICIES Each covered entity and business associate must have written polices that cover all the Required and Addressable HIPAA standards.
Information System protection and Security. Need for Information System Security §With the invent of computers and telecommunication systems, organizations.
1 Continuity Planning for transportation agencies.
INTRODUCTION AS (3.3) Apply business knowledge to address a complex problem in a given global business context.
Physical and Environmental Security Chapter 5 Part 1 Pages 427 to 456.
Security Controls – What Works
Security+ Guide to Network Security Fundamentals
1 Pertemuan 23 Contingency Planning Matakuliah:A0334/Pengendalian Lingkungan Online Tahun: 2005 Versi: 1/1.
8.1 © 2007 by Prentice Hall 8 Chapter Securing Information Systems.
Introduction Security is a major networking concern. 90% of the respondents to the 2004 Computer Security Institute/FBI Computer Crime and Security Survey.
Lesson 11-Virtual Private Networks. Overview Define Virtual Private Networks (VPNs). Deploy User VPNs. Deploy Site VPNs. Understand standard VPN techniques.
CMSC 414 Computer and Network Security Lecture 9 Jonathan Katz.
Session 131 Hazard Mapping and Modeling Supporting Emergency Response Operations using GIS and Modeling.
Managing Information Systems Information Systems Security and Control Part 2 Dr. Stephania Loizidou Himona ACSC 345.
Security Overview. 2 Objectives Understand network security Understand security threat trends and their ramifications Understand the goals of network.
1 Pertemuan 9 Network Security and E-Commerce Matakuliah: M0284/Teknologi & Infrastruktur E-Business Tahun: 2005 Versi: >
1 Disaster Recovery Planning & Cross-Border Backup of Data among AMEDA Members Vipin Mahabirsingh Managing Director, CDS Mauritius For Workgroup on Cross-Border.
Chapter 3.  Security Framework  Operational Security Lifecycle  Security Perimeter  Access Control  Social Engineering  Environmental Issues.
Cloud Computing How secure is it? Author: Marziyeh Arabnejad Revised/Edited: James Childress April 2014 Tandy School of Computer Science.
 2013, Infotecs ViPNet Technology Advantages.  2013, Infotecs GmbH In today’s market, along with the ViPNet technology, there are many other technologies.
UNIT 3C Security of Information. SECURITY OF INFORMATION Firms use passwords to prevent unauthorised access to computer files. They should be made up.
Principles of Computer Security: CompTIA Security + ® and Beyond, Third Edition © 2012 Principles of Computer Security: CompTIA Security+ ® and Beyond,
© 2012-Robert G Parker May 24, 2012 Page: 1 © 2012-Robert G Parker May 24, 2012 Page: 1 © 2012-Robert G Parker May 24, 2012 Page: 1 © 2012-Robert G Parker.
Disaster Planning and Security Policies. Threats to data DeliberateTerrorism Criminal vandalism/sabotage White collar crime Accidental Floods and fire,
Lesson 8-Information Security Process. Overview Introducing information security process. Conducting an assessment. Developing a policy. Implementing.
General Purpose Packages
MOBILE DEVICE SECURITY. WHAT IS MOBILE DEVICE SECURITY? Mobile Devices  Smartphones  Laptops  Tablets  USB Memory  Portable Media Player  Handheld.
Pre Incident Planning and Related Loss Reduction Strategies
Chapter 16 IT Controls, Asset Protection, and Security.
Security Baseline. Definition A preliminary assessment of a newly implemented system Serves as a starting point to measure changes in configurations and.
BUSINESS B1 Information Security.
Lecture 6: Cloud Computing By D. Najla Al-Nabhan 1.
Risk Management - the process of identifying and controlling hazards to protect the force.  It’s five steps represent a logical thought process from.
Managing and Securing Endpoints Bruce Hotte Chief Information Officer Jeff Swan Network Supervisor  The definition of “endpoint” used to be simple: a.
Module 7. Data Backups  Definitions: Protection vs. Backups vs. Archiving  Why plan for and execute data backups?  Considerations  Issues/Concerns.
How Hospitals Protect Your Health Information. Your Health Information Privacy Rights You can ask to see or get a copy of your medical record and other.
Computer Security “Measures and controls that ensure confidentiality, integrity, and availability of IS assets including hardware, software, firmware,
 FFC backs up all of its data each day. It stores its most recent daily backup once a week at a company owned offsite location. FFC also stores the most.
Unit 6b System Security Procedures and Standards Component 8 Installation and Maintenance of Health IT Systems This material was developed by Duke University,
E.Soundararajan R.Baskaran & M.Sai Baba Indira Gandhi Centre for Atomic Research, Kalpakkam.
Security in ERP Systems By Jason Rhodewalt & Marcel Gibson.
Analysis. Solution Requirements 1. Identify the functions and attributes of the website. 2. Write a problem statement. (What is the problem? What will.
PROTECTING AMERICA THROUGH PUBLIC ALERT & WARNING NATIONAL HURRICANE CONFERENCE APRIL 6, 2004 Kenneth B. Allen Executive Director Partnership for Public.
SECURITY OF DATA By: ADRIAN PERHAM. Issues of privacy; Threats to IT systems; Data integrity; Standard clerical procedures; Security measures taken to.
Data Security.
IT Risks and Controls Revised on Content Internal Control  What is internal control?  Objectives of internal controls  Types of internal controls.
What Can Go Wrong During a Pen-test? Effectively Engaging and Managing a Pen-test.
Institutional affiliation Date.  Security is very important as it keeps your secret from other know.  An insecure network exposes a business to various.
Security Administration. Links to Text Chapter 8 Parts of Chapter 5 Parts of Chapter 1.
Chap1: Is there a Security Problem in Computing?.
By Tyler Daniels.  Privacy  - Employers monitoring employees every move  - Can get employees fired for doing things they didn’t know were being monitored.
Systems Development The Kingsway School. Systems Development This is carried out when a company is having a problem. They usually employ an ICT Consultant.
November 17, 2008Pebble Project Agency Meetings Pebble Project Data Management Data Management Responsibilities Ensure complete and accurate field and.
The Importance of Proper Controls. 5 Network Controls Developing a secure network means developing mechanisms that reduce or eliminate the threats.
Erman Taşkın. Information security aspects of business continuity management Objective: To counteract interruptions to business activities and to protect.
Session 12 Information management and security. 1 Contents Part 1: Introduction Part 2: Legal and regulatory responsibilities Part 3: Our Procedures Part.
UR UMUC Healthy Fitness Center Business Solution Deanna Huntt December 1 st, 2013 University of Maryland University College.
Networks ∙ Services ∙ People Mark Johnston SIG ISM - Copenhagen Changing GÉANT’s Security Future GÉANT Feb 22, 2016 CNOO – Head of IIS Fotis.
Slide 11-1 Chapter 11 Terms Information Resource Management Strategies Introduction to Information Systems Judith C. Simon.
ANS File Security Chapter # 29 ( Prepared by : Mazhar Javed ) 1 Data Security “Protection against loss, corruption of, or unauthorized access of data”
The Best Fire Extinguishers in Milton Keynes to Secure Your Home.
EECS David C. Chan1 Computer Security Management Session 1 How IT Affects Risks and Assurance.
Chapter 40 Internet Security.
Risk management.
Security measures deployed by e-communication providers
Securing Information Systems
INFORMATION SYSTEMS SECURITY and CONTROL
Project Background What is your project? What sector?
Presentation transcript:

Group: Anju, Ashok, Justin, Joe and Christina WELCOME Chapter 11 Group: Anju, Ashok, Justin, Joe and Christina

Suppose your college or organization is considering a new project that would involve developing an information system that would allow all employees and students/customers to access and maintain their own human resources-related information, such as address, marital status, tax information, and so on. Identify positive and negative risks and strategies for addressing each risk. Exercise #1

Christina Negative Risk: Environmental threats such as a bursting pipe can quickly flood a computer room and cause damage to an organization’s IT assets and resources. Solution: Protect IT assets from fire damage (e.g., requirements and procedures for the use of fire extinguishers, tarpaulins, dry sprinkler systems, halon fire suppression system) Provide emergency power source (e.g., requirements for uninterruptible power supplies, on-site power generators) Positive Risk: Any sort of information is easily available on a single click via the various forms and built in software applications. Christina

Negative Risk: Not all stakeholders might be interested in managing their information. So, the new system might loose some potential data. Positive Risk: Users will feel more secure because they themselves can update their private information. Ashok

Negative Risk: When a person is allowed to provide their information, it is not necessary they will provide there real information. Solution: Some sort of authentication procedure should be implemented. Positive Risk: Most of the information are always updated. Anju

Justin Negative Risks: One negative risk would be in people posing as others in order to obtain or alter their information, either in specific cases or on a much wider scale.  Solution: One method of tackling such a risk would be in establishing a method of authentication that can ensure people are who they say they are. Positive Risk: One positive risk would be that information would be the most accurate and up to date with people having control over it, yet this can be a problem if many individuals either choose or forget to maintain this information. As a solution, the company can notify people in a rigorous effort to keep their information current and up to date along with why it is important to do so. Justin

Negative Risks: All data for each individual in the organization would be kept in one central location and, if maliciously accessed, could destroy internal processes and hinder work flow. Solution: Create several security barriers and properly encrypt data. Create secure platform for users to access and add data. Positive Risk: All data would be kept in one location and easily accessible by the HR staff. Data would also be more updated and allow HR staff to concentrate on other areas of operation. Joe

THANK YOU

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2025 SlidePlayer.com. Inc. All rights reserved.