Presentation is loading. Please wait.

Presentation is loading. Please wait.

C HAPTER 4 A UTHENTICATION POLICY C YBER S ECURITY FOR E DUCATIONAL L EADERS : A G UIDE TO U NDERSTANDING AND I MPLEMENTING T ECHNOLOGY P OLICIES © Routledge.

Published byLeon Lawrence Modified over 9 years ago

Similar presentations

Presentation on theme: "C HAPTER 4 A UTHENTICATION POLICY C YBER S ECURITY FOR E DUCATIONAL L EADERS : A G UIDE TO U NDERSTANDING AND I MPLEMENTING T ECHNOLOGY P OLICIES © Routledge."— Presentation transcript:

1 C HAPTER 4 A UTHENTICATION POLICY C YBER S ECURITY FOR E DUCATIONAL L EADERS : A G UIDE TO U NDERSTANDING AND I MPLEMENTING T ECHNOLOGY P OLICIES © Routledge Richard Phillips and Rayton R. Sianjina

2 A UTHENTICATION P OLICY Authorization, identification, and authentication control ensures that only known users make use of information systems. Information systems could be accessed illicitly and the security of those information systems would be compromised. © Routledge

3 A UTHENTICATION P OLICY Ensure that only authorized users have access to specific computers. (Authorization, Identification, and Authentication Policy Template, 2011) © Routledge

4 A UTHENTICATION P OLICY Organization only allows access to certain users based on privileged information Organization protected from unauthorized access by establishing requirements for the authorization and management of user accounts, providing user authentication, and implementing access controls (Kobus 2007) © Routledge

5 A UTHENTICATION P OLICY Information will be managed and controlled through discretion access controls, identification and authentication, and audit trails. (Kobus, 2007) © Routledge

6 A UTHENTICATION P OLICY Confidential information includes: a username a password an answer to a pre-arranged security question the confirmation of the owner’s email address. (Authorization, Identification, and Authentication Policy Template, 2011) © Routledge

7 A UTHENTICATION P OLICY Employees and customers confidential information on file within their system. Every effort is made to avoid outside parties gaining access or breaching security. Otherwise any known or unknown information exploited shall be perceived as a security incident. © Routledge

8 A UTHENTICATION P OLICY Organizations handle the situation in accordance with established incident reporting guidelines and appropriate human resource policies and procedures. (Kobus, 2007) © Routledge

9 A UTHENTICATION P OLICY In some cases the authentication causes a pop-up window to appear to make sure that the end-user is legitimate. Can identify the user based on source IP (Internet protocol) address or identify the user according to credentials, by challenging the user to send the credentials. If user is already authenticated in the network, the end-user’s browser will automatically send the required credentials to the system. (Authorization, Identification, and Authentication Policy Template, 2007) © Routledge

10 A UTHENTICATION P OLICY The authentication is used when the user/domain information is obtained and validated. A dedicated authentication device has three main benefits: performance, security, and high availability (User Identification and Authentication, 2007). © Routledge

11 C ONCLUSION Policy implementation should be based upon the use of management-approved security standards, procedures, and organizational best practices. © Routledge

Download ppt "C HAPTER 4 A UTHENTICATION POLICY C YBER S ECURITY FOR E DUCATIONAL L EADERS : A G UIDE TO U NDERSTANDING AND I MPLEMENTING T ECHNOLOGY P OLICIES © Routledge."

Similar presentations

Enabling Secure Internet Access with ISA Server

Enabling Secure Internet Access with ISA Server
Health Insurance Portability and Accountability Act (HIPAA)HIPAA.

Health Insurance Portability and Accountability Act (HIPAA)HIPAA.
C HAPTER 3 A CCEPTABLE U SE P OLICY C YBER S ECURITY FOR E DUCATIONAL L EADERS : A G UIDE TO U NDERSTANDING AND I MPLEMENTING T ECHNOLOGY P OLICIES © Routledge.

C HAPTER 3 A CCEPTABLE U SE P OLICY C YBER S ECURITY FOR E DUCATIONAL L EADERS : A G UIDE TO U NDERSTANDING AND I MPLEMENTING T ECHNOLOGY P OLICIES © Routledge.
Information Security Confidential Two-Factor Authentication Solution Overview Shawn Fulton January 15th, 2015.

Information Security Confidential Two-Factor Authentication Solution Overview Shawn Fulton January 15th, 2015.
C YBER S ECURITY FOR E DUCATIONAL L EADERS : A G UIDE TO U NDERSTANDING AND I MPLEMENTING T ECHNOLOGY P OLICIES Chapter 10 Privacy Policy © Routledge Richard.

C YBER S ECURITY FOR E DUCATIONAL L EADERS : A G UIDE TO U NDERSTANDING AND I MPLEMENTING T ECHNOLOGY P OLICIES Chapter 10 Privacy Policy © Routledge Richard.
C YBER S ECURITY FOR E DUCATIONAL L EADERS : A G UIDE TO U NDERSTANDING AND I MPLEMENTING T ECHNOLOGY P OLICIES Chapter 12 Electronic Bullying © Routledge.

C YBER S ECURITY FOR E DUCATIONAL L EADERS : A G UIDE TO U NDERSTANDING AND I MPLEMENTING T ECHNOLOGY P OLICIES Chapter 12 Electronic Bullying © Routledge.
Online Banking Fraud Prevention Recommendations and Best Practices This document provides you with fraud prevention best practices that every employee.

Online Banking Fraud Prevention Recommendations and Best Practices This document provides you with fraud prevention best practices that every employee.
C YBER S ECURITY FOR E DUCATIONAL L EADERS : A G UIDE TO U NDERSTANDING AND I MPLEMENTING T ECHNOLOGY P OLICIES Chapter 6 Access Policy © Routledge Richard.

C YBER S ECURITY FOR E DUCATIONAL L EADERS : A G UIDE TO U NDERSTANDING AND I MPLEMENTING T ECHNOLOGY P OLICIES Chapter 6 Access Policy © Routledge Richard.
Information Security Policies and Standards

Information Security Policies and Standards
Social Engineering Jero-Jewo. Case study Social engineering is the act of manipulating people into performing actions or divulging confidential information.

Social Engineering Jero-Jewo. Case study Social engineering is the act of manipulating people into performing actions or divulging confidential information.
SOA Security Chapter 12 SOA for Dummies. Outline User Authentication/ authorization Authenticating Software and Data Auditing and the Enterprise Service.

SOA Security Chapter 12 SOA for Dummies. Outline User Authentication/ authorization Authenticating Software and Data Auditing and the Enterprise Service.
Lesson 19: Configuring Windows Firewall

Lesson 19: Configuring Windows Firewall
1 Pertemuan 9 Network Security and E-Commerce Matakuliah: M0284/Teknologi & Infrastruktur E-Business Tahun: 2005 Versi: >

1 Pertemuan 9 Network Security and E-Commerce Matakuliah: M0284/Teknologi & Infrastruktur E-Business Tahun: 2005 Versi: >
INTERNET and CODE OF CONDUCT

INTERNET and CODE OF CONDUCT
Session 3 – Information Security Policies

Session 3 – Information Security Policies
Installing and Maintaining ISA Server. Planning an ISA Server Deployment Understand the current network infrastructure Review company security policies.

Installing and Maintaining ISA Server. Planning an ISA Server Deployment Understand the current network infrastructure Review company security policies.
Network security policy: best practices

Network security policy: best practices
Database Auditing Models Dr. Gabriel. 2 Auditing Overview Audit examines: documentation that reflects (from business or individuals); actions, practices,

Database Auditing Models Dr. Gabriel. 2 Auditing Overview Audit examines: documentation that reflects (from business or individuals); actions, practices,
Chapter 7 Database Auditing Models

Chapter 7 Database Auditing Models
C YBER S ECURITY FOR E DUCATIONAL L EADERS : A G UIDE TO U NDERSTANDING AND I MPLEMENTING T ECHNOLOGY P OLICIES Chapter 2 Total Cost of Ownership © Routledge.

C YBER S ECURITY FOR E DUCATIONAL L EADERS : A G UIDE TO U NDERSTANDING AND I MPLEMENTING T ECHNOLOGY P OLICIES Chapter 2 Total Cost of Ownership © Routledge.

Similar presentations

Ads by Google