Presentation is loading. Please wait.

Presentation is loading. Please wait.

Unit 5: Security LO1: P1, P2 + M1.

Published byLaurens Driessen Modified over 5 years ago

Similar presentations

Presentation on theme: "Unit 5: Security LO1: P1, P2 + M1."— Presentation transcript:

1 Unit 5: Security LO1: P1, P2 + M1

2 Unit Introduction Security is one of the most important challenges modern organisations face. Security is about protecting organisational assets, including personnel, data, equipment and networks from attack through the use of prevention techniques in the form of vulnerability testing/security policies and detection techniques, exposing breaches in security and implementing effective responses. The aim of this unit is to provide students with knowledge of security, associated risks and how security breaches impact on business continuity. Students will examine security measures involving access authorisation, regulation of use, implementing contingency plans and devising security policies and procedures.

3 Assessing risks to IT security IT security risks
“The wonderful thing about the Internet is that you’re connected to everyone else… The terrible thing about the Internet is that your connected to everyone else…” Dr. Vinton Cerf - co-designer of the TCP/IP protocols and the architecture of the Internet. Access to the information and services the Internet provides, comes risk. Risk of information loss, or corruption, of data theft and worse. These risks have to be mitigated with security solutions.

4 IT Threats A threat is an event that could exploit a vulnerability (an attack waiting to happen) and cause a negative impact on the network. Threats in the digital world typically mimic threats in the physical world. Theft, vandalism, eavesdropping are all threats that have moved from the real world into cyberspace, typically via the Internet. There are some significant differences however, in terms of the distance these attacks can be carried out, the automation involved, and the propagation(Spreading) of attack techniques.

5 IT security risks Risks: unauthorised use of a system
unauthorised removal or copying of data or code from a system damage to or destruction of physical system assets and environment damage to or destruction of data or code inside or outside the system naturally occurring risks.

6 Unauthorised use of a system
Software should be used only by those authorised to do so. Someone – a hacker – may access confidential data. The hacker may read the data or copy it, but do no damage to it. However, simply reading data can also cause damage to an organisation, even if that data is not deleted or altered. Obtaining personal details of an individual can lead to identity theft. If you become the victim of identity theft, you might have difficulty obtaining credit for a credit card, loan or mortgage until the confusion is resolved.

7 Unauthorised removal or copying of data or code from a system
Someone may pass data on to another person who is not authorised to read it; this is called data theft. Data related to new products or business plans of an organisation is sensitive. If this data fell into the wrong hands, e.g. a competitor, the organisation would lose any competitive edge that secrecy would have given them. The worst-case scenario is for the data to be removed altogether. Imagine the chaos if all the personnel records of an organisation – the contact details of all employees, their pay records and details of promotions, pensions, etc. – were removed.

8 Damage to or destruction of physical system assets and environment
Someone may damage the hardware in the ICT system. A hard disk holds a lot of data. If the disk was sabotaged, the data would become inaccessible. The hardware in an ICT system can be worth many hundreds of thousands of pounds. If any of it is damaged or stolen then it will take time to replace it. The cost of replacement is usually covered by insurance, so the main problem is the time delay in installing replacement equipment. This delay can result in lost business and, as a consequence, the organisation may lose money. Consequential loss may not be covered by insurance, so this is a ‘real’ loss. Damage to data or code Data or software should only be altered or deleted by someone who is authorised to do so. A hacker may damage – i.e. amend or delete – the data or software.

9 Damage to or destruction of data or code inside or outside the system
Data or software should only be altered or deleted by someone who is authorised to do so. A hacker may damage – i.e. amend or delete – the data or software. Data and software may also be damaged by virus attack. More on this later

10 Naturally occurring risks.
Human actions E.g. Human error, employee that disregards policy. Systems issues E.g. Out of date or incorrectly configured/installed anti virus and firewall, confusion over backup policy could result in accidental overwrite, poor group policy configuration, incorrect user access levels.

11 Organisational security
Business continuance(Maintain essential functions during/after an attack) Backup/restoration of data Audits Testing procedures e.g. data, network, systems, operational impact of security breaches, WANs, intranets, wireless access systems.

12 Organisational security: Business continuance
Training should be given so that employees know what to do, for example, if they suspect a virus attack: Who should they contact first? Should they turn their ICT system off? Employees also need to know what to do if they think their login ID is being used by someone else: Who should they inform of their fear? What methods might be used to trap the culprit? What procedures should be followed to prevent similar lapses in security in future. Organisational security: Business continuance While a security audit will identify weaknesses that ought to be addressed, and an organisation should make every effort to remedy any shortfall, there will always be a risk of a security breach. For this reason, an analysis of risks should be carried out and a contingency plan drawn up. This contingency plan should cover backup, offsite storage, data recovery procedures, access to immediate hardware replacement, plus insurance that covers replacement, loss of business and all the recovery work. Ability of an organization to maintain essential functions during, as well as after, a disaster has occurred.

13 Organisational security: Backup/restoration of data
Employees who are responsible for data recovery should also know the procedures to follow. The aim should be to plan ahead so that the whole system can be up and running again within a specified time- scale, e.g. 24 hours. Then, if the worst case scenario happens, disaster recovery should be as smooth as possible. The contingency plan has to be developed from a full risk analysis, so that every eventuality is taken into consideration.

14 Organisational security: Audits
Audits could include: Review and management eg access to systems. Establishment and review of personal, corporate and technical trust. Vetting of staff. Forensic analysis of systems Use of custom forensics or existing sysadmin tools. Organisational security: Audits An organisation that is unaware of how and where security breaches might occur could soon be faced with a situation that will be costly, and could be very embarrassing. Instead, a security audit should be conducted to check what might go wrong, and to plan improvements before a hacker – or some other individual – takes advantage of the situation.

15 Organisational security: Testing procedures
Network security: This involves looking for vulnerabilities in the network infrastructure (resources and policies). System software security: Asses weaknesses in software (operating system, database system, and other software) that are depended on. Client-side application security: Ensure that the client (browser or any such app/tool) cannot be manipulated. Server-side application security: Server code and its technologies are robust enough to fend off any intrusion.

16 Organisational security: Testing procedures - operational impact
Costs If data is lost, costs are incurred in recovering the data. If software is corrupted, a copy should be available, but the replacement will take time and incur staff costs. Depending on how serious a breach was experienced, there may be a need to consult specialists, and this too will incur extra costs Loss of business A security breach can result in the collapse of an ICT system. The time during which normal service is not available is called downtime. Organisations that rely on an ICT system to take orders will suffer a loss of business during the downtime. Some customers will come back later, but some will not; they will already have taken their business elsewhere. If a security breach causes data loss, and it proves difficult to recover that data, then the result can be disastrous for an organisation.

17 Proposing a method to assess and treat IT security risks. (M1)
Establish a risk management framework Outline how you would identify risks, who’s responsible, the impact to the business and how likely it is to occur. Baseline criteria, Scale of risk, Acceptable risk(Risk appetite) Identify risks Create a list of business assets such as files, media, portable devices as well as content such as Intellectual Property. Analyse risks Identify threats and vulnerabilities to each asset Evaluate risks Order security risks from high to low Select risk treatment options Define exactly who is going to implement each control, in which timeframe, with which budget, etc. Research: ISO risk assessments (ISO = International Organization for Standardization)

Download ppt "Unit 5: Security LO1: P1, P2 + M1."

Similar presentations

GCSE ICT Networks & Security..

GCSE ICT Networks & Security..
INADEQUATE SECURITY POLICIES Each covered entity and business associate must have written polices that cover all the Required and Addressable HIPAA standards.

INADEQUATE SECURITY POLICIES Each covered entity and business associate must have written polices that cover all the Required and Addressable HIPAA standards.
Backing up and Archiving Data Chapter 1. Introduction This presentation covers the following: – What is backing up – What is archiving – Why are both.

Backing up and Archiving Data Chapter 1. Introduction This presentation covers the following: – What is backing up – What is archiving – Why are both.
Information System Audit : © South-Asian Management Technologies Foundation Chapter 4: Information System Audit Requirements.

Information System Audit : © South-Asian Management Technologies Foundation Chapter 4: Information System Audit Requirements.
Backup and Disaster Recovery (BDR) A LOGICAL Alternative to costly Hosted BDR ELLEGENT SYSTEMS, Inc.

Backup and Disaster Recovery (BDR) A LOGICAL Alternative to costly Hosted BDR ELLEGENT SYSTEMS, Inc.
Security Controls – What Works

Security Controls – What Works
Course ILT Security overview Unit objectives Discuss network security Discuss security threat trends and their ramifications Determine the factors involved.

Course ILT Security overview Unit objectives Discuss network security Discuss security threat trends and their ramifications Determine the factors involved.
Introducing Computer and Network Security

Introducing Computer and Network Security
Exam ● On May 15, at 10:30am in this room ● Two hour exam ● Open Notes ● Will mostly cover material since Exam 2 ● No, You may not take it early.

Exam ● On May 15, at 10:30am in this room ● Two hour exam ● Open Notes ● Will mostly cover material since Exam 2 ● No, You may not take it early.
Computer Security: Principles and Practice

Computer Security: Principles and Practice
Security Overview. 2 Objectives Understand network security Understand security threat trends and their ramifications Understand the goals of network.

Security Overview. 2 Objectives Understand network security Understand security threat trends and their ramifications Understand the goals of network.
Sanjay Goel, School of Business/Center for Information Forensics and Assurance University at Albany Proprietary Information 1 Unit Outline Information.

Sanjay Goel, School of Business/Center for Information Forensics and Assurance University at Albany Proprietary Information 1 Unit Outline Information.
Term 2, 2011 Week 3. CONTENTS Network security Security threats – Accidental threats – Deliberate threats – Power surge Usernames and passwords Firewalls.

Term 2, 2011 Week 3. CONTENTS Network security Security threats – Accidental threats – Deliberate threats – Power surge Usernames and passwords Firewalls.
Network security policy: best practices

Network security policy: best practices
E-business Security Dana Vasiloaica Institute of Technology Sligo 22 April 2006.

E-business Security Dana Vasiloaica Institute of Technology Sligo 22 April 2006.
UNIT 3C Security of Information. SECURITY OF INFORMATION Firms use passwords to prevent unauthorised access to computer files. They should be made up.

UNIT 3C Security of Information. SECURITY OF INFORMATION Firms use passwords to prevent unauthorised access to computer files. They should be made up.
Data Security GCSE ICT.

Data Security GCSE ICT.
1 Managed Security. 2 Managed Security provides a comprehensive suite of security services to manage and protect your network assets –Managed Firewall.

1 Managed Security. 2 Managed Security provides a comprehensive suite of security services to manage and protect your network assets –Managed Firewall.
Information Systems Security Computer System Life Cycle Security.

Information Systems Security Computer System Life Cycle Security.
ISMS for Mobile Devices Page 1 ISO/IEC 27001 Information Security Management System (ISMS) for Mobile Devices Why apply ISMS to Mobile Devices? Overview.

ISMS for Mobile Devices Page 1 ISO/IEC Information Security Management System (ISMS) for Mobile Devices Why apply ISMS to Mobile Devices? Overview.

Similar presentations

Ads by Google