threats to information security

Threats To Information

Security

By Swapneel

WHAT IS INFORMATION ?

• Information is a complete set of data.

• It can be called as processed data.

WHAT IS INFORMATION SECURITY ?

• It is protection of information systems and hardware that use, store and transit the information.

• Security is the quality or state of information

• Security is always multilayered : Physical Security

Personal Security

Operations Security

Communications Security

Network Security

THREATS TO INFORMATION SECURITY

• A threat is an object, person, or other entity that represents a constant danger to an asset.

• The Management should ensure that information is given sufficient protection through policies, proper training and proper equipment.

• Consistent reviews andBetter information security can be provided by recognizing and ranking the threats to the information.

• Checks also help and Surveys also help in keeping information safe

TYPES OF THREATS TO INFORMATION

• Inadvertent Acts

• Deliberate Acts

• Natural Disaster (Natural Forces)

• Technical Failures

• Management Failure

INADVERTENT ACTS

• These are the acts that happen by mistake. They are not deliberate

• The attacker does not have any ill will or malicious intent or his attack is not proven in categories of theft.

• Acts of Human error and failure, Deviation from service quality, communication error, are examples of inadvertent acts

DELIBERATE ACTS

• These acts are done by people of organizations to harm the information.

• The attackers have a malicious intent and wish to steal or destroy the data.

• Acts of espionage, Hacking, Cracking, come under deliberate acts.

NATURAL DISASTERS

• Forces of nature are dangerous because they are unexpected and come without very little warning.

• They disrupt lives of individuals but also causes damage to information that is stored within computers.

• These threats can be avoided but he management must have the necessary precautions.

TECHNICAL FAILURES

• Technical failures are classified into two types :

• Technical Hardware Failure

• Technical Software Failure

• Technical Hardware Failure: It occurs when manufacturer distributes equipment with flaws that may be known or unknown to the manufacturer

• Technical Software Failure: These can cause the system to perform in an undesirable or unexpected way. Some of these are unrecoverable while some occur periodically

MANAGEMENT FAILURE

•Management must always be updated about recent developments and technology.

•Proper planning must be done by the management for good protection of the information.

• IT professionals must help the management in protecting the information, by helping the management upgrade to the latest technology.

MALWARE

• It is any malicious software designed to harm a computer without the user’s consent.

• Eg. VIRUS, Worm, Trojan, Spyware

VIRUS (VITAL INFORMATION RESOURCE UNDER SIEGE )

• It is a computer program designed to copy itself and attach itself to other files stored on a computer.

• It moves from computer to computer through by attaching itself to files or boot records of disks.

• It can be sent through a network or a removable storage device.

WORM

• Worm is a self replicating computer program that uses a network to send copies of itself to other computers on the network.

• It replicates ad eats up the computer storage.

• An example is Voyager Worm

TROJAN HORSE• They appear to be harmless but secretly

gather information about the user.

• They upload hidden and malicious programs on the computer without the user’s knowledge.

• It does not attempt to inject itself into other files unlike computer virus.

SPYWARE• It secretly monitors internet surfing habits

without user’s knowledge.

• They perform actions like advertising vague products and changing computer configurations. These actions are very troublesome.

• They usually do not replicate themselves.

PROTECTION AGAINST MALWARE

• Make sure that you have updated operating system and antivirus software. Eg. McAfee

• Do not use pirated software, or download files from unreliable sources.

• Perform regular hard drive scans.

• Use licensed software

HACKING

• Hacking means finding out weaknesses in a computer or a network and exploiting them.

• Hackers are usually motivated by profit, protest or challenge.

HACKER

• He/She is a person who enjoys the challenge of breaking into computers without the knowledge of the user.

• Their main aim might be to know the detail of a programmable system and how it works.

• Hackers are experts who see new ways to use computers.

CRACKER

• These people crack or remove the protection mechanism of a computer system.

• Their main aim is to steal or destroy information without the users consent

• They are much more dangerous than hackers.

ANTIVIRUS

• It is a software used to prevent, detect and remove malware.

• It runs in the background at all times.

• It should be kept updated.

• It runs computer disk scans periodically.

• Eg. McAfee, Norton, Kaspersky.

THANK YOU !!!!HOPE YOU LIKED THE PRESENTATION.

YOU MAY START CHATTING NOW.