Security Issues and Strategies Chapter 8 – Computers: Understanding Technology (Third edition)

Slides:

Advertisements

Similar presentations

INADEQUATE SECURITY POLICIES Each covered entity and business associate must have written polices that cover all the Required and Addressable HIPAA standards.

Advertisements

Lecture 6 User Authentication (cont)

4 Information Security.

BP5- METHODS BY WHICH PERSONAL DATA CAN BE PROTECTED Data Protection.

Networks. User access and levels Most network security involves users having different levels of user access to the network. The network manager will.

Information Security Jim Cusson, CISSP. Largest Breaches 110, NorthgateArinso, Verity Trustees 6, Aurora St. Luke's Medical.

E-Commerce Security Issues. General E-Business Security Issues Any E-Business needs to be concerned about network security. The Internet is a “ public.

Internet, Intranet and Extranets

Security: Playing in Safe By: Matt Hill Identification and Access Identification and Access | When Disaster Strikes | Disaster Recovery Plan | Software.

© Paradigm Publishing, Inc. 8-1 Chapter 8 Security Issues and Strategies Chapter 8 Security Issues and Strategies.

Security+ Guide to Network Security Fundamentals

Lecture 10 Security and Control.

8.1 © 2007 by Prentice Hall 8 Chapter Securing Information Systems.

Business Data Communications, Fourth Edition Chapter 10: Network Security.

Lesson 1-What Is Information Security?. Overview History of security. Security as a process.

Lesson 9-Securing a Network. Overview Identifying threats to the network security. Planning a secure network.

Security Overview. 2 Objectives Understand network security Understand security threat trends and their ramifications Understand the goals of network.

Alter – Information Systems 4th ed. © 2002 Prentice Hall 1 E-Business Security.

Security Measures Using IS to secure data. Security Equipment, Hardware Biometrics –Authentication based on what you are (Biometrics) –Biometrics, human.

Security Equipment Equipment for preventing unauthorised access to data & information.

1 Chapter 8 Securing Information Systems. Outline Security Threats (External: malware, spoofing/phishing, sniffing, & data theft: Internal: unauthorized.

E-business Security Dana Vasiloaica Institute of Technology Sligo 22 April 2006.

Security. If I get 7.5% interest on $5,349.44, how much do I get in a month? (.075/12) = * 5, = $ What happens to the.004? =

1 Pertemuan 10 Understanding Computers Security Matakuliah: J0282 / Pengantar Teknologi Informasi Tahun: 2005 Versi: 02/02.

Securing Information Systems

Chapter 10: Computer Controls for Organizations and Accounting Information Systems

CHAPTER 3 Information Privacy and Security. CHAPTER OUTLINE  Ethical Issues in Information Systems  Threats to Information Security  Protecting Information.

CHAPTER 4 Information Security. CHAPTER OUTLINE 4.1 Introduction to Information Security 4.2 Unintentional Threats to Information Security 4.3 Deliberate.

Defining Security Issues

AIS, Passwords Should not be shared Should be changed by user Should be changed frequently and upon compromise (suspected unauthorized disclosure)

Chapter 13 Security Strategies and Systems. Security Issues The Internet has opened up many new frontiers for everyone, including con artists and computer.

© Paradigm Publishing Inc. 8-1 Chapter 8 Security Issues and Strategies.

© Paradigm Publishing Inc. 8-1 Chapter 8 Security Issues and Strategies.

BUSINESS B1 Information Security.

Tutorial Chapter 5. 2 Question 1: What are some information technology tools that can affect privacy? How are these tools used to commit computer crimes?

Security Squad Keeping your Equipment and Information Safe Security Squad Keeping your Equipment and Information Safe Security Squad Video Series, Part.

Environment for Information Security n Distributed computing n Decentralization of IS function n Outsourcing.

 INADEQUATE SECURITY POLICIES ›Each covered entity and business associate must have written polices that cover all the Required and Addressable HIPAA.

Today’s Lecture Covers < Chapter 6 - IS Security

Caring for Technology Malware. Malware In this Topic we examine: v Viruses (or Malware) v Virus Detection Techniques v When a Virus is Detected v Updating.

PRIVACY, SECURITY & ID THEFT PREVENTION - TIPS FOR THE VIGILANT BUSINESS - SMALL BUSINESS & ECONOMIC DEVELOPMENT FORUM October 21, WITH THANKS TO.

Chapter 8 Computers and Society, Security, Privacy, and Ethics

Eng. Hector M Lugo-Cordero, MS CIS4361 Department of Electrical Engineering and Computer Science February, 2012 University of Central Florida.

Lecture 7 Page 1 CS 236 Online Challenge/Response Authentication Authentication by what questions you can answer correctly –Again, by what you know The.

G061 - Network Security. Learning Objective: explain methods for combating ICT crime and protecting ICT systems.

Networked Information Systems Network Security. Network Physical Security File server failure can severely affect network users. Server security: Locked.

Ch9QQ T F 1.Hacking is an example of unauthorized access. T F 2.A Trojan horse is a type of malware that masquerades as another type of program. T F 3.A.

Lecture 7 Page 1 CS 236, Spring 2008 Challenge/Response Authentication Authentication by what questions you can answer correctly –Again, by what you know.

Prepared by Natalie Rose1 Managing Information Resources, Control and Security Lecture 9.

McLean HIGHER COMPUTER NETWORKING Lesson 8 E-Commerce Explanation of ISP Description of E-commerce Description of E-sales.

McGraw-Hill/Irwin ©2008 The McGraw-Hill Companies, All Rights Reserved INFORMATION SECURITY SECTION 4.2.

Network Security & Accounting

1 UNIT 19 Data Security 2. Introduction 2 AGENDA Hardware and Software protect ion Network protect ion Some authentication technologies :smart card Storage.

1 UNIT 19 Data Security 2 Lecturer: Ghadah Aldehim.

Networking Network Classification, by there: 3 Security And Communications software.

Physical security By Ola Abd el-latif Abbass Hassan.

“Lines of Defense” against Malware.. Prevention: Keep Malware off your computer. Limit Damage: Stop Malware that gets onto your computer from doing any.

Lecture 7 Page 1 CS 236 Online Challenge/Response Authentication Authentication by what questions you can answer correctly –Again, by what you know The.

LEARNING AREA 1 : INFORMATION AND COMMUNICATION TECHNOLOGY PRIVACY AUTHENTICATION VERIFICATION.

Data Breach ALICAP, the District Insurance Provider, is Now Offering Data Breach Coverage as Part of Our Blanket Coverage Package 1.

Challenge/Response Authentication

Securing Information Systems

Challenge/Response Authentication

Chapter 17 Risks, Security and Disaster Recovery

UNIT 19 Data Security 2.

INFORMATION SECURITY The protection of information from accidental or intentional misuse of a persons inside or outside an organization Comp 212 – Computer.

Chapter 3: Protecting Your Data and Privacy

G061 - Network Security.

What is keystroke logging?

Presentation transcript:

Security Issues and Strategies Chapter 8 – Computers: Understanding Technology (Third edition)

Network and Internet Security Risks Unauthorized access –UserID is normally public, so password is the only secure part –System backdoor – created by the programmers of the system Denial of service (DoS) attacks Information theft –Users often do not enable security for wireless devices –Data Browsing – e.g IRS and tax returns

Hardware and Software Security Risks Power interruptions can damage computers – surge protectors Stolen hardware and software –Employee theft –Employee loss – e.g. laptops are more easily taken than traditional computers and this has led to some widely-publicized incidents of possible compromise of sensitive data

Recent Laptop Thefts that Exposed Large Amounts of Sensitive Data Personal data of 26.5 million U.S. veterans was on a laptop taken from the home of a U.S. Department of Veterans Affairs employee A laptop that belonged to an Ernst & Young employee was stolen from a vehicle. The computer contained personal information of 243,000 Hotels.com customers. An unencrypted hard drive containing names, addresses and Social Security numbers of American Institute of Certified Public Accountants (AICPA) members was lost when it was shipped back to the organization by a computer repair company. Potentially 330,000 members were affected. Source: Wikipedia, July 9, 2007

Security Strategies Physical security Firewalls – used on computers connected to internet, will allow web browsing but prohibit some other forms of communication Network sniffers – displays network traffic data Antivirus software Data backups – rotating backup allows one to keep several versions rather than a single one Disaster recovery plan – remotely located data backups and redundant systems

Security Strategies (cont.) Authentication –Personal identification numbers, usernames and passwords User IDs and Passwords – passwords must be easy to remember but hard to guess. The following also increase security –Longer passwords –Increase in number of choices for each keystroke – requirement for an uppercase letter, a lower case letter, and a number thus increases security of password –Changing passwords more often (maybe) –Smart cards

Security Strategies (cont.) Monitoring and auditing –Keystroke loggers and internet traffic trackers –Video surveillance Biometric authentication –Fingerprint –Hand geometry –Facial recognition –Voice –Signature –Iris and retinal –Keystroke dynamics – how an individual types

Security Strategies (cont.) Data encryption –Intelligence agencies want to limit use of encryption technology so it can decipher communications in particular instances –Secure Sockets Layer (SSL) protocol is used on sites where the URL starts with https rather than http