Download presentation
Presentation is loading. Please wait.
Published byHilda Francis Modified over 9 years ago
1
Information Security Principles Supervised By Ms. Eman El Ajramy Presented by Moamer.T.Sawafiri 120050144 5 Steps To Secure Your Data
2
Overview Identify your data Organize your data Secure your data Backup Recover
3
Identify your data The first step toward data security is to identify what your data is and where it is. What? Word Excel Email, etc… Where? Local Storage: Hard Drive Network Storage: Network Drive Removable Storage: Flash Drive, CD, Floppy
4
Organize your data Determine what data needs to be protected. Considerations FERPA – Family Educational Rights and Privacy Act Customer Confidentiality Agreements State Computing Policies
5
Group your data. Classify C1-Sensitive (FERPA) C2-Departmental (No personal data but sensitive to department or university) C3-Non-sensitive (Memo’s, Office hour, Public Information) All data should be considered sensitive until it has been verified to be non-sensitive. Everyone in the group should use the same system of classification to limit confusion. Make it the office standard.
6
Create a standard on where sensitive data should be stored. Make it a habit to automatically save/move sensitive data to the appropriate location. Audit your stored data to ensure the proper handling.
7
Secure your data Now that your sensitive data has been organized you need to protect it. Encrypt and Decrypt (EFS)
8
Encryption Does not need to be used on all data. Are you planning on sharing the data? Does it contain any sensitive information? What does encryption do to my data?
9
Windows Encryption (EFS) EFS: Encrypting File System Short for Encrypting File System, part of the Microsoft New Technology File System (NTFS) file system. EFS is a transparent public key encryption technology that works in conjunction with NTFS permissions to grant and deny users access to files and folders in Windows NT (excluding NT4), 2000 and XP (excluding XP Home Edition) operating systems. NOTE: You can encrypt files and folders only on volumes that use the NTFS file system.
10
EFS: Encrypting File System (cont’d) EFS uses a public key and a private key for encryption. If the user does not have one, the EFS generates the key pair automatically. Files can be encrypted individually, or a folder can be designated as encrypted, so that any file written to that folder is automatically encrypted. Because EFS encryption technology integrates into the file system, users can't access the hard disk without going through the file system.
11
Encrypting a folder in Windows XP Click Start, point to All Programs, point to Accessories, and then click Windows Explorer. Locate and right-click the folder that you want, and then click Properties. On the General tab, click Advanced. Under Compress or Encrypt attributes, select the Encrypt contents to secure data check box, and then click OK. Click OK. In the Confirm Attribute Changes dialog box that appears, use one of the following steps: If you want to encrypt only the folder, click Apply changes to this folder only, and then click OK. If you want to encrypt the existing folder contents along with the folder, click Apply changes to this folder, subfolders and files, and then click OK.
12
Backup No matter what you do to protect your data, without a backup all your hard work could be for naught. It isn't data if you can’t access it. Back up your security certificate Make sure you can access your data.
13
Backup – Windows XP Creating a folder backup using the Windows Backup utility. Easy to follow instructions: http://www.microsoft.com/windowsxp/using/setup/learnmore/bo tt_03july14.mspx http://www.microsoft.com/windowsxp/using/setup/learnmore/bo tt_03july14.mspx
14
Backup – Outlook 2003 Outlook 2003 data can easily backed up using an MS utility. Easy to follow instructions: http://www.microsoft.com/downloads/details.aspx?FamilyID=8b 081f3a-b7d0-4b16-b8af-5a6322f4fd01&DisplayLang=en http://www.microsoft.com/downloads/details.aspx?FamilyID=8b 081f3a-b7d0-4b16-b8af-5a6322f4fd01&DisplayLang=en
15
Disaster Recovery Disaster recovery is the ability to continue work after any number of catastrophic problems, ranging from a computer virus or hacker attack to a natural disaster such as flood, fire, or earthquake. Having a disaster recovery plan in place takes a little time and effort, but the peace of mind it brings and the ability to continue work after the unthinkable are well worth it.computerhackernatural disaster Computer Disaster Recovery Planning Checklist for Small Systems: First part of database disaster recovery is easy - backup database systems on a regular basis. You should maintain a minimum of 3 consecutive copies before overwriting. Consider doing a backup each day of the week and put Friday's backup off site. How: 1) Take a copy home 2) Send to a website located in another city/state 3) Regular courier to another corporate office 4) Establish an off site backup service with courier pickup (for more critical databases).
16
Recovery Practice Practice Make sure that you have gone though recovering data. Set up a practice schedule. New employees should get to practice as part of their welcome.
17
The End
Similar presentations
© 2024 SlidePlayer.com. Inc.
All rights reserved.