Upload File

1 introduction to security chapter 11 information technology (it) security

  • Home
  • Documents
  • 1 Introduction to Security Chapter 11 Information Technology (IT) Security
Download 1 Introduction to Security Chapter 11 Information Technology (IT) Security

If you can't read please download the document

Upload: charleen-reynolds

Post on 26-Dec-2015

214 views

Category:

Documents


1 download

Report

Tags:

TRANSCRIPT

  • Slide 1
  • Slide 2
  • 1 Introduction to Security Chapter 11 Information Technology (IT) Security
  • Slide 3
  • 2 Information Technology Overview This topic is very daunting for many security managers FBI example making upgrades to current equipment is akin to changing a tire on a speeding car difficult to do, but you have no choice. This example highlights the need for quality, fully integrated IT security.
  • Slide 4
  • 3 New Technologies & Security IP Video Surveillance allows a company to use its existing network for video surveillance Voice over Protocol (VoIP) an underused technology that holds great promise USB Technology presents an easy way for people to steal data or engineer their way into corporate systems Mesh Networks a wireless communication system allowing both voice and data to be transmitted and received CTI allows interactions on a telephone and a PC to be integrated or coordinated
  • Slide 5
  • 4 Common Equipment that Can Pose Security Threats Laptops Cell Phones PDAs and smart phones Fax machines All other telecommunication devices
  • Slide 6
  • 5 Tips for Information Asset Protection Employees using equipment that can store info should sign a release any info on it is the employers property. Use of mobile devices with cameras should be discouraged, especially around sensitive material and in locker rooms.
  • Slide 7
  • 6 Tips for Information Asset Protection Discourage employees from storing info such as social security numbers, credit card numbers, account numbers and passwords on any wireless device. Be careful about posting cell numbers and email addresses
  • Slide 8
  • 7 Tips for Information Asset Protection Consider locking your phone when not using it, or installing software that allows you to lock it, in the event of loss/theft. Do not follow links in emails or text messages. Asset tag or engrave laptops Be careful about logging onto wireless hotpots.
  • Slide 9
  • 8 Other IT Security Threats: Trojan horses install malicious software under the guise of doing something else Viruses & worms An FBI survey revealed that despite protection programs, 82% of organizations have been infected by a virus.
  • Slide 10
  • 9 Other IT Security Threats: Spyware A dangerous, prolific code that logs a users activity and collects personnel information, which it then sends to a third party. Adware A relative of spyware. Typically found with free software, they display advertisements when the program is running. They may also contain spyware.
  • Slide 11
  • 10 Other IT Security Threats: Bots A type of malware that allows an attacker to gain control over the infected computer (also called zombie computers) and allow them to use a companys network to send spam, launch attacks and infect other computers.
  • Slide 12
  • 11 Targets of attack Intellectual property Trade secrets Patented material Copyrighted Material
  • Slide 13
  • 12 Piracy and Protection $23 billion lost in 2004 as a result of digital piracy of music, movies, software and games This piracy is accomplished through peer-to-peer sites, mass email, FTP and Web sites. These groups can be very difficult to penetrate and prosecute.
  • Slide 14
  • 13 Piracy and Protection Protection: DRM (Digital Rights Management) Antipiracy technology used by digital copyright owners to control who has access to their work Watermark Technology An evolution of watermarks on currency, it helps companies by embedding these watermarks into pictures of their property that are invisible to the human eye.
  • Slide 15
  • 14 Threats to Proprietary Information Employees often have unrestricted access as part of their job which puts them in an ideal position to steal information Vendors Visitors Discarded information and paper in trash containers
  • Slide 16
  • Competitive Intelligence What is competitive intelligence? Non-disclosure agreements Common targets of CI. What is cloaking? 15
  • Slide 17
  • 16 Basic Principles of Information Asset Protection Classifying & Labeling Information Unrestricted Internal Use Restricted Highly Restricted Protocols for Distribution Security Awareness Training Audits
  • Slide 18
  • 17 3 Security Measures against IT Threats 1. Logical Controls 2. Physical Access Controls 3. Administrative Controls
  • Slide 19
  • 18 1. Logical Controls Special programs written into the software Most common are those that require a password for access Data encryption
  • Slide 20
  • 19 2. Physical Controls Restrict actual physical access to computer terminals, equipment and software Key and key card controls, ID badges, or biometrics are imperative Hardening access points such as vents, doors and windows
  • Slide 21
  • 20 3. Administrative Controls Comprehensive background checks on all new employees Stressing of security during management meetings Having managers assume responsibility for security
  • Slide 22
  • Recommendations for IT Security Program Deploy HTTP Scanning methods Block unnecessary protocols Deploy vulnerability scanning software Do not give out administrator privileges to all users Deploy corporate spyware scanning Educate users, enforce strict security policy within the netwoork 21

Chapter 14 – Security Engineering Lecture 1 Chapter 14 Security Engineering1

Principles of Information Security, Fourth Edition Chapter 7 Security Technology: Intrusion Detection and Prevention Systems, and Other Security Tools

Information technology - Security techniques - ... information security

Information Technology Foundations-BIT 112 CHAPTER 3 Ethics, Privacy and Information Security

Principals of Information Security, Fourth Edition Chapter 7 Security Technology: Intrusion Detection and Prevention Systems, and Other Security Tools,

Security Technology Chapter 8

Security Technology

Chapter 15 Network Security Information Technology in Theory By Pelin Aksoy and Laura DeNardis

Chapter 5: Mobile Security - Information Technology · PDF fileSubject: Mobile Computing (17632) Created By: Ms. M.S.Karande (Information Technology) Page 1 of 15 Chapter 5: Mobile

Information Technology Security Guideline Network Security

Module 2: Information Technology Architecture Chapter 7: Information Systems Security

Computer Networks with Internet Technology William Stallings Chapter 16 Network Security

The Social Security Administration and Information … Social Security Administration and Information Technology ... Chapter 6: Deepening Problems ... This choice has a bearing on

Department of Homeland Security Acquisition Manual · chapter 3038 federal supply schedule contracting (reserved) chapter 3039 acquisition of information technology. chapter 3040

Security Technology: Intrusion Detection, Access Control and Other Security Tools Chapter 7

AL-MAAREFA COLLEGE FOR SCIENCE AND TECHNOLOGY COMP 425: Information Security CHAPTER 8 Public Key Crypto (Chapter 4 in the textbook) INFORMATION SECURITY

National Security Through Technology · National Security Through Technology 1 National Security Through Technology: Technology, Equipment, and ... sized companies can continue to

Technology Solutions Conference School Security Technology Solutions Conference School Security

Physical Security Technology Intelligent Security Business Processes and Routines Information Security SERVICE TECHNOLOGY

Information technology — Security techniques — Security guidelines for design …ed1.0}en... · 2018. 11. 19. · Information technology — Security techniques — Security guidelines

Thomson Course Technology Security Issues, Ethics, and Emerging Technologies in Education Chapter 8

Introduction to Security Niken D Cahyani Gandeva Bayu Satrya Telkom Institute of Technology Chapter -1

CHAPTER 13, PART 1 - USDA · 2012. 11. 29. · CHAPTER 13, PART 1 ANNUAL SECURITY PLANS FOR INFORMATION TECHNOLOGY (IT) SYSTEMS 1 BACKGROUND Information security has escalated as

Tomorrow’s Technology and You Chapter 10 Computer Security

Security Awareness: Applying Practical Security in Your World Chapter 3: Chapter 3: Organizational Security

Security Chapter 8 Objectives Societal impact of information and information technology –Explain the meaning of terms related to computer security and

Information Technology Security Policybit.sd.gov/docs/Information Technology Security Policy - Contractor.p… · 01/03/2020  · Information Technology Security Policy CONTRACTOR

Slide 1 Tomorrow’s Technology and You Chapter 10 Computer Security

Information technology — Security techniques — Information security … · Information technology — Security techniques — Information security for supplier relationships —

Security Technology in Information Security

NEHES Fall Conference set for September 25 to 28, 2016 ... · information technology (Chapter 7), plumbing (Chapter 8), emergency management (Chapter 12), and security (Chapter 13)

Information Technology Security Standards and Protocols · Information Technology Security Standards and Protocols ... 2.1 General Network ... Information Technology Security Standards

Technology In Action Chapter 7 © 2006 Prentice-Hall, Inc.1 Technology In Action Chapter 7 Networking and Security: Connecting Computers and Keeping Them

Agent Technology for e-Commerce Chapter 12: Trust, Security and Legal Issues Maria Fasli

Principles of Information Security, Fifth Edition Chapter 7 Security Technology: Intrusion Detection and Prevention Systems, and Other Security Tools Do