Download - IDB Capital Limited
-
8/6/2019 IDB Capital Limited
1/20
COMPUTER,INFORMATIONAND NETWORK SECURITY
-
8/6/2019 IDB Capital Limited
2/20
-
8/6/2019 IDB Capital Limited
3/20
SECURITY THREATS
A computer virus is a program written to alter the way a computer operates, without the permission
or knowledge of the user. A virus replicates and executes itself, usually doing damage to your
computer in the process
Computer Virus and Worms
Is any program that monitors your online activities or installs programs without your consent for
profit or to capture personal information
Spyware
Hackers are programmers who victimize others for their own gain by breaking into computer systems
to steal, change or destroy information as a form of cyber-terrorism.
Hackers
Masquerading as a trustworthy person or business, phishers attempt to steal sensitive financial or
personal information through fraudulent email or instant messages.
Phishing
-
8/6/2019 IDB Capital Limited
4/20
Prevention Measures.
Use of Computer and Internetsecurity softwares.e.g antivirus
Using Firewalls.
Passwords and data encryption.
|4
-
8/6/2019 IDB Capital Limited
5/20
Never use a computer which has no antivirus installed.
Always run the Company standard, supported anti-virussoftware . Download and run the current version;
download and install anti-virus software updates as theybecome available.
Never download files from unknown or suspicioussources.
Back-up critical data and system configurations on aregular basis and store the data in a safe place.
ANTIVIRUSGUIDELINES
-
8/6/2019 IDB Capital Limited
6/20
Antivirus guidelines (contd...)
6
New viruses are discovered almost every day.
Periodically check the antivirus update databaseandprocesses list for updates.
Always scan a removable disks from an unknown sourcefor viruses before using it.
Never download files from unknown or suspicioussources.
Periodically scan your computer fully for viruses, worms,Trojan horses e.t.c
-
8/6/2019 IDB Capital Limited
7/20
FIREWALLSDefinition:
Is a device or set of devices designed to permit
or deny network transmissions based upona set of rules and is frequently used toprotect networks from unauthorized accesswhile permitting legitimate
communications to pass.
7
-
8/6/2019 IDB Capital Limited
8/20
Firewalls (contd)Basic example:
-
8/6/2019 IDB Capital Limited
9/20
F
irewalls (contd)Windows security centre
-
8/6/2019 IDB Capital Limited
10/20
PASSWORDS POLICY
The purpose of this policy is to establish a standard forcreation of strong passwords, the protection of thosepasswords, and the frequency of change.
General:All user-level passwords (e.g., email, web, desktop computer,
etc.) must be changed at least every six months.
-
8/6/2019 IDB Capital Limited
11/20
GeneralPassword ConstructionGuidelines
Strong passwords have the following characteristics:
Contain at least three of the five following character classes:
Lower case characters
Upper case characters
Numbers
Punctuation
Special characters (e.g. @#$%^&*()_+|~-=\`{}[]:";'/ etc)
Contain at least fifteen alphanumeric characters.
Passwords (contd)
-
8/6/2019 IDB Capital Limited
12/20
Weak passwords :
The password contains less than fifteen characters
The password is a word found in a dictionary (English or foreign)
The password is a common usage word such as:
Names of, friends, co-workers, etc. family, pets
Computer terms and names, commands, sites, companies, hardware,software.
The words "", safaricom", safcom" or any derivation.
Birthdays and other personal information such as addresses and phonenumbers.
Passwords (contd)
-
8/6/2019 IDB Capital Limited
13/20
Passwords (contd)Password ProtectionStandards:
Always use different passwords for different accounts (e.g.,
email, facebook, bank ATM, phone, etc.).
Do not share company passwords with anyone, includingadministrative assistants or secretaries. All passwords are tobe treated as sensitive, confidential company information.
Do not hint at the format of a password (e.g., "my family
name")
Always decline the use of the "Remember Password" featureof applications (e.g., Firefox, Outlook, internet explorer).
-
8/6/2019 IDB Capital Limited
14/20
E-MAIL POLICYPurpose:
To prevent tarnishing the public image of a company.When email goes out from a company the general
public will tend to view that message as an officialpolicy statement from the company.
Caution:
NEVER open any files or macros attached to an emailfrom an unknown, suspicious or untrustworthy source.Delete these attachments immediately, then "double
delete" them by emptying your Trash.
14
-
8/6/2019 IDB Capital Limited
15/20
E-mails (contd)
Delete spam, chain, and other junk email without
forwarding, in with company'sA
cceptableU
se Policy.
Never download files from unknown or suspicious
sources.
-
8/6/2019 IDB Capital Limited
16/20
Using secure networks and wirelessconnections.
Disabling and/or deleting browsercookies and avoiding the rememberpassword on this site and rememberme features.
Use of proxy servers.
Other Security measures
-
8/6/2019 IDB Capital Limited
17/20
HOME PC SECURITY Install and Use Anti-Virus Programs
Use Care When Reading Email with Attachments
Install and Use a Firewall Program
Make Backups of Important Files and Folders
Use Strong Passwords
Use Care When Downloading and Installing Programs
Install and Use a Hardware or software Firewall
Install and Use a File Encryption Program and Access
Controls
-
8/6/2019 IDB Capital Limited
18/20
SECURITY RISKS FOR MOBILE
DEVICES
-
8/6/2019 IDB Capital Limited
19/20
ENHANCING COMPUTER
SECURITYOWASP
-Web Application
S
ecurity Project- is an open-source application security
project.
OP
EN SOURCE/LINUX
- Guaranteed security/no using antivirus e.t.c
-
8/6/2019 IDB Capital Limited
20/20
Q & A
page 20
THANK YOU