Download presentation
Presentation is loading. Please wait.
Published bySamson Miles Modified over 9 years ago
1
INFORMATION SECURITY AND CONTROL
2
SECURITY: l Deter l Detect l Minimize l Investigate l Recover
3
Security Risks Internal External
4
Threats l Disaster and breakdowns l Access and disclosure l Alteration or destruction l Improper use
5
RISK ASSESSMENT l P1Probability of attack l P2Probability of success l LCost of Loss Expected Loss = P1 * P2 * L Minimize Threat Categories
6
Administrative Controls Standards, rules, procedures and discipline to assure that personnel abide by established policies. Includes segregation of functions.
7
Security Policy Security is always a cost to efficiency. It must be promoted to be effective. l From the top l Before installing hardware l Politically charged
8
Writing a Security Policy l Assess the types of risks l Identify vulnerabilities l Analyze user needs l Write the policy l Develop change procedures l Plan implementation l Implement
9
Vulnerabilities l Servers Operating systems and applications l Networks Snooping, attacks, spoofing l Clients and modems PCAnywhere etc. l Viruses
10
Operating Systems l UNIX l Novell Netware l Windows and Windows NT
11
Administrative Controls l Security organization l Audits l Risk assessment l Administrative standards and procedures
12
Disaster Management l Redundancy and fault tolerant systems l Backups and off site storage l Hot and cold sites l Planning and procedures
13
Architectural Controls l Software controls Prevent unauthorized changes l Hardware controls Control access and use
14
Tools l Firewalls l Network partitioning and routers l Encryption l Testing tools l Consultants
15
Encryption l Keys and key length l Public key/private key l Processing problems l Location »Application »Network »Firewall »Link
16
Authentication l Passwords l Biometrics l Isolation l Remote location verification
17
SECURITY: l Deter l Detect l Minimize l Investigate l Recover
Similar presentations
© 2025 SlidePlayer.com. Inc.
All rights reserved.