Presentation is loading. Please wait.

Presentation is loading. Please wait.

1 Introduction to Security Chapter 11 Information Technology (IT) Security.

Published byCharleen Reynolds Modified over 9 years ago

Similar presentations

Presentation on theme: "1 Introduction to Security Chapter 11 Information Technology (IT) Security."— Presentation transcript:

1

2 1 Introduction to Security Chapter 11 Information Technology (IT) Security

3 2 Information Technology Overview  This topic is very daunting for many security managers  FBI example – making upgrades to current equipment is akin to changing a tire on a speeding car – difficult to do, but you have no choice.  This example highlights the need for quality, fully integrated IT security.

4 3 New Technologies & Security  IP Video Surveillance – allows a company to use its existing network for video surveillance  Voice over Protocol (VoIP) – an underused technology that holds great promise  USB Technology – presents an easy way for people to steal data or engineer their way into corporate systems  Mesh Networks – a wireless communication system allowing both voice and data to be transmitted and received  CTI – allows interactions on a telephone and a PC to be integrated or coordinated

5 4 Common Equipment that Can Pose Security Threats  Laptops  Cell Phones  PDAs and smart phones  Fax machines  All other telecommunication devices

6 5 Tips for Information Asset Protection  Employees using equipment that can store info should sign a release any info on it is the employer’s property.  Use of mobile devices with cameras should be discouraged, especially around sensitive material and in locker rooms.

7 6 Tips for Information Asset Protection  Discourage employees from storing info such as social security numbers, credit card numbers, account numbers and passwords on any wireless device.  Be careful about posting cell numbers and email addresses

8 7 Tips for Information Asset Protection  Consider locking your phone when not using it, or installing software that allows you to lock it, in the event of loss/theft.  Do not follow links in emails or text messages.  Asset tag or engrave laptops  Be careful about logging onto wireless hotpots.

9 8 Other IT Security Threats:  Trojan horses install malicious software under the guise of doing something else  Viruses & worms An FBI survey revealed that despite protection programs, 82% of organizations have been infected by a virus.

10 9 Other IT Security Threats:  Spyware A dangerous, prolific code that logs a users activity and collects personnel information, which it then sends to a third party.  Adware A relative of spyware. Typically found with free software, they display advertisements when the program is running. They may also contain spyware.

11 10 Other IT Security Threats:  Bots A type of malware that allows an attacker to gain control over the infected computer (also called “zombie computers”) and allow them to use a company’s network to send spam, launch attacks and infect other computers.

12 11 Targets of attack Intellectual property Trade secrets Patented material Copyrighted Material

13 12 Piracy and Protection  $23 billion lost in 2004 as a result of digital piracy of music, movies, software and games  This piracy is accomplished through peer-to-peer sites, mass email, FTP and Web sites.  These groups can be very difficult to penetrate and prosecute.

14 13 Piracy and Protection Protection:  DRM (Digital Rights Management) Antipiracy technology used by digital copyright owners to control who has access to their work  Watermark Technology An evolution of watermarks on currency, it helps companies by embedding these watermarks into pictures of their property that are invisible to the human eye.

15 14 Threats to Proprietary Information  Employees – often have unrestricted access as part of their job which puts them in an ideal position to steal information  Vendors  Visitors  Discarded information and paper in trash containers

16 Competitive Intelligence  What is competitive intelligence?  Non-disclosure agreements  Common targets of CI.  What is cloaking? 15

17 16 Basic Principles of Information Asset Protection  Classifying & Labeling Information Unrestricted Internal Use Restricted Highly Restricted  Protocols for Distribution  Security Awareness Training  Audits

18 17 3 Security Measures against IT Threats 1. Logical Controls 2. Physical Access Controls 3. Administrative Controls

19 18 1. Logical Controls  Special programs written into the software  Most common are those that require a password for access  Data encryption

20 19 2. Physical Controls  Restrict actual physical access to computer terminals, equipment and software  Key and key card controls, ID badges, or biometrics are imperative  Hardening access points such as vents, doors and windows

21 20 3. Administrative Controls  Comprehensive background checks on all new employees  Stressing of security during management meetings  Having managers assume responsibility for security

22 Recommendations for IT Security Program  Deploy HTTP Scanning methods  Block unnecessary protocols  Deploy vulnerability scanning software  Do not give out administrator privileges to all users  Deploy corporate spyware scanning  Educate users, enforce strict security policy within the netwoork 21

Download ppt "1 Introduction to Security Chapter 11 Information Technology (IT) Security."

Similar presentations

Providing protection from potential security threats that exist for any internet-connected computer is termed e- security. It is important to be able to.

Providing protection from potential security threats that exist for any internet-connected computer is termed e- security. It is important to be able to.
Thank you to IT Training at Indiana University Computer Malware.

Thank you to IT Training at Indiana University Computer Malware.
1 Computer and Internet Security JCCAA Presentation 03/14/2009 Yu-Min (Phillip) Hsieh Sr. System Administrator Information Technology Rice University.

1 Computer and Internet Security JCCAA Presentation 03/14/2009 Yu-Min (Phillip) Hsieh Sr. System Administrator Information Technology Rice University.
1 MIS 2000 Class 22 System Security Update: Winter 2015.

1 MIS 2000 Class 22 System Security Update: Winter 2015.
Crime and Security in the Networked Economy Part 4.

Crime and Security in the Networked Economy Part 4.
Dr. John P. Abraham Professor UTPA 2 – Systems Threats and Risks.

Dr. John P. Abraham Professor UTPA 2 – Systems Threats and Risks.
CHAPTER 2 KNOW YOUR VILLAINS. Who writes it: Malware writers vary in age, income level, location, social/peer interaction, education level, likes, dislikes.

CHAPTER 2 KNOW YOUR VILLAINS. Who writes it: Malware writers vary in age, income level, location, social/peer interaction, education level, likes, dislikes.
Packet Analyzers, a Threat to Network Security. Agenda Introduction The background of packet analyzers LAN technologies & network protocols Communication.

Packet Analyzers, a Threat to Network Security. Agenda Introduction The background of packet analyzers LAN technologies & network protocols Communication.
Telnet and FTP. Telnet Lets you use the resources of some other computer on the Internet to access files, run programs, etc. Creates interactive connection.

Telnet and FTP. Telnet Lets you use the resources of some other computer on the Internet to access files, run programs, etc. Creates interactive connection.
Purdue University proudly presents www.purdue.edu/securepurdue Doug Couch & Nathan Heck, IT Security Analysts.

Purdue University proudly presents Doug Couch & Nathan Heck, IT Security Analysts.
Chapter 8 Chapter 8 Digital Defense: Securing Your Data and Privacy

Chapter 8 Chapter 8 Digital Defense: Securing Your Data and Privacy
Computer Security and Risks 11.  2001 Prentice Hall11.2 Chapter Outline On-line Outlaws: Computer Crime Computer Security: Reducing Risks Security, Privacy,

Computer Security and Risks 11.  2001 Prentice Hall11.2 Chapter Outline On-line Outlaws: Computer Crime Computer Security: Reducing Risks Security, Privacy,
Internet Safety Basics Never share names, schools, ages, phone numbers, or addresses. Never open an email from a stranger – it may contain viruses that.

Internet Safety Basics Never share names, schools, ages, phone numbers, or addresses. Never open an from a stranger – it may contain viruses that.
 ICT Security › If the firm is a victim of a computer crime, should they pursue prosecution of the criminals at all costs, should they maintain a low.

 ICT Security › If the firm is a victim of a computer crime, should they pursue prosecution of the criminals at all costs, should they maintain a low.
Security, Privacy, and Ethics Online Computer Crimes.

Security, Privacy, and Ethics Online Computer Crimes.
Presented by: Luke Speed Computer Security. Why is computer security important! Intruders hack into computers to steal personal information that the user.

Presented by: Luke Speed Computer Security. Why is computer security important! Intruders hack into computers to steal personal information that the user.
MIS PERSONAL, LEGAL, ETHICAL, AND ORGANIZATIONAL ISSUES OF INFORMATION SYSTEMS CHAPTER 4 Hossein BIDGOLI Phishing Email that bites Paying for Privacy Pirates.

MIS PERSONAL, LEGAL, ETHICAL, AND ORGANIZATIONAL ISSUES OF INFORMATION SYSTEMS CHAPTER 4 Hossein BIDGOLI Phishing that bites Paying for Privacy Pirates.
Threats To A Computer Network

Threats To A Computer Network
8.1 © 2007 by Prentice Hall 8 Chapter Securing Information Systems.

8.1 © 2007 by Prentice Hall 8 Chapter Securing Information Systems.
McGraw-Hill © 2008 The McGraw-Hill Companies, Inc. All rights reserved. Chapter 8 Threats and Safeguards Chapter 8 PROTECTING PEOPLE AND INFORMATION Threats.

McGraw-Hill © 2008 The McGraw-Hill Companies, Inc. All rights reserved. Chapter 8 Threats and Safeguards Chapter 8 PROTECTING PEOPLE AND INFORMATION Threats.

Similar presentations

Ads by Google