IS Security

Agenda
IS Security Managerial Techniques Security Threats and Technologies Tips to mitigate risk of security threats

Information System Security

IS Security Precautions taken to keep all aspects of information systems safe from unauthorized use access Managerial Methods Several techniques are commonly used to manage information systems security: Risk Assessment Controlling Access Organizational Policies and Procedures Backups and Recovery

Information System Security Managerial Techniques

Assessing Risk Security Audit identifies all aspects of information systems and business processes that use them Risk Analysis assesses the value of assets being protected Alternatives based on Risk Analysis: Risk Reduction implementing active counter measures to protect systems (e.g. firewalls) Risk Acceptance implementing no counter measures Risk Transference transferring riskbuying insurance Controlling Access Keeping information safe by only allowing access to those that require it to do their jobs Authentication verifying identity before granting access (e.g.passwords) Access Control Granting access to only those system areas where the user is authorized (e.g. accouting)

Information System Security Managerial Techniques

Organizational Policies and Procedures Acceptable Use Policies formally document how systems should be used, for what, and penalties for non-compliance Backups and Disaster Recovery Backups taking periodic snapshots of critical systems data and storing in a safe place or system (e.g. backup tape) Disaster Recovery Plans spell out detailed procedures to be used by the organization to restore access to critical business systems (e.g. viruses or fire) Disaster Recovery executing Disaster Recovery procedures using backups to restore the system to the last backup if it was totally lost

State of IS Security - Security Threats & Technologies

Security Threats Today we hear about many security breaches that affect organizations and individuals. Some recently in the news: Identity Theft gaining access to some ones personal information allowing them to imitate you (stolen laptop) Denial of Service attacks on websites using zombie computers that overwhelm the site and shuts it down Others: Spyware, Spam, Wireless Access, Viruses

Security Technologies Companies and research organizations continue to develop and refine technologies to prevent security breaches. Some Include: Firewalls Biometrics VPN and Encryption

IS Security: Technology
Firewalls A system of software, hardware or both designed to detect intrusion and prevent unauthorized access to or from a private network

Firewall Techniques Packet Filter examine each packet entering and leaving network and accept/reject based on rules Application Level Control Performs certain security measures based on a specific application (e.g. file transfer) Circuit Level Control detects certain types of connections or circuits on either side of the firewall

Security Technology: Firewall Architecture - Home

Security Technology: Firewall Architecture Enterprise

Security Threat: Spyware, Spam, and Cookies

Spyware Any software that covertly gathers information about a user through an Internet connection without the users knowledge Problems: uses memory resources, uses bandwidth, and can cause system instability Prevention: Firewalls and Spyware software Spam Electronic junk mail or junk newsgroup postings usually for purpose of advertising for some product and/or service Problems: nuisance, wastes time deleting, uses storage Prevention: Spam Blocker software Cookies A message passed to a browser from a Web server. Used by legitimate programs to store state and user information Problems: can be used to track user activities Prevention: browser settings, firewall

Security Technology: Biometrics

Biometrics A sophisticated authentication technique used to restrict access to systems, data and/or facilities Uses biological characteristics to identify individuals such as fingerprints, retinal patterns in the eye, etc. that are not easily counterfeited Has great promise in providing high security

Security Threat: Access to Wireless

Unauthorized Access to Wireless Networks With the prevalence in use of wireless networks this threat is increasing Problems - Drive-by hacking an attacker accesses the network, intercepts data from it, and can use network services and/or sends attack instructions without entering the building Prevention - Encryption between network and user devices

Security Technology: VPN and Encryption

VPN (Virtual Private Network) Called a secure tunnel Dynamically generated network connection to connect users or nodes This approach uses both authentication and encryption Used extensively for remote access by employees Encryption The process of encoding messages before they enter the network or airwaves, and then decoding at the receiving end Public Key - known and used to scramble messages (SSL) Private Key - not known and used by receiver to descramble Certificate Authority a third party that issues keys

How Encryption Works

Security Threat: Viruses

Viruses Programs that can attack a computer and/or a network and delete information, disable software, use up all system resources, etc.

Prevention Steps: AntiVirus software: install this software which is designed to block all known viruses and offers automatic or manual updates to virus patterns to block future viruses No Disk Sharing Viruses can be transferred to clean computers by inserting disks containing infected files Delete Suspicious Email Messages Do not open suspicious e-mail messagesDelete Only! Report Viruses If you get a virus, report it to you network administrator immediately!

Threats to Information Security

Viruses/Worms
Software programs designed to invade your computer, and copy, damage or delete your data

Trojan Horses
Viruses that pretend to be programs that help you while destroying your data and damaging your computer

Spyware
Software that secretly watches and records your online activities or send you endless pop-up ads

Slide 16 MH1 add in better images.

Michelle Hargarten, 5/9/2006

Steps to help Protect Information

Manage your business information carefully

Practice Internet behavior that lowers your risk

Use technology to reduce nuisances, and report security incidents when appropriate

Delete Spam mail without Opening It

Validate the sender ID before opening the mail Do not open any attachment or click on any link Permanently delete (Shift+Del) the SPAM mail (even from your sent items) If by mistake any attachment is opened or hyperlink clicked - Immediately disconnect system from network, contact local Enterprise IT Helpdesk for necessary action to be taken

Prevention is better than cure.

Slide 18 MH2 add in new image.

Michelle Hargarten, 5/9/2006

Four Steps To Protect Your Computer

Dont access unknown/non-business related sites

Dont open mails from unknown senders

Dont download movies, songs, & install freeware

Check for updates of anti-virus software on your systems