mis presentation by suraj vaidya
DESCRIPTION
TRANSCRIPT
![Page 1: Mis presentation by suraj vaidya](https://reader034.vdocuments.us/reader034/viewer/2022051314/54bdf1a34a7959ff518b4580/html5/thumbnails/1.jpg)
INFORMATION SECURITYSubmitted to Prof. Sandeep PondeBy Suraj ShwetaShreesha KhusbooPoojaPradeep
![Page 2: Mis presentation by suraj vaidya](https://reader034.vdocuments.us/reader034/viewer/2022051314/54bdf1a34a7959ff518b4580/html5/thumbnails/2.jpg)
Contents
Information Security
-Concept
Principles of Information Security
-Confidentiality
-Integrity
-Availability
Types of threats
Types of Risks
![Page 3: Mis presentation by suraj vaidya](https://reader034.vdocuments.us/reader034/viewer/2022051314/54bdf1a34a7959ff518b4580/html5/thumbnails/3.jpg)
Information Security
Information security means protecting information and information systems from unauthorized access, use, disclosure, disruption, modification or destruction.
![Page 4: Mis presentation by suraj vaidya](https://reader034.vdocuments.us/reader034/viewer/2022051314/54bdf1a34a7959ff518b4580/html5/thumbnails/4.jpg)
Need of Information Security
Why
For Managing Information System performance and security
How
Controls
![Page 5: Mis presentation by suraj vaidya](https://reader034.vdocuments.us/reader034/viewer/2022051314/54bdf1a34a7959ff518b4580/html5/thumbnails/5.jpg)
Information Security Attributes
![Page 6: Mis presentation by suraj vaidya](https://reader034.vdocuments.us/reader034/viewer/2022051314/54bdf1a34a7959ff518b4580/html5/thumbnails/6.jpg)
Principles of Information security
Principles
Confidentiality Integrity Availability
Preventing Disclosure of Information to Unauthorized Users
To ensure that information will not change when transmitted
Data is accessible to Authorized Users when they need it
![Page 7: Mis presentation by suraj vaidya](https://reader034.vdocuments.us/reader034/viewer/2022051314/54bdf1a34a7959ff518b4580/html5/thumbnails/7.jpg)
Controls
Control is a constraint applied to a system to ensure proper use and security standards.
To minimise errors, fraud and destruction
Categories
Controls
CommonInformation
System Procedural Facility
![Page 8: Mis presentation by suraj vaidya](https://reader034.vdocuments.us/reader034/viewer/2022051314/54bdf1a34a7959ff518b4580/html5/thumbnails/8.jpg)
Common controls
• Free from bugs
• Handle unforeseen situations
Robustness
• To protect against loss of data caused by- natural disasters, computer virus or human errors
Back up
• Access to Authorised users
Access control
![Page 9: Mis presentation by suraj vaidya](https://reader034.vdocuments.us/reader034/viewer/2022051314/54bdf1a34a7959ff518b4580/html5/thumbnails/9.jpg)
Common controls
• A single entry is recorded in different files for different purposes
Atomic transactions
• Documenting facts like who, what, which transactions by whose Approval
Audit trial
![Page 10: Mis presentation by suraj vaidya](https://reader034.vdocuments.us/reader034/viewer/2022051314/54bdf1a34a7959ff518b4580/html5/thumbnails/10.jpg)
Information System Controls
Input
Controls:
• Encryption
• Data Entry Screens
• Error Signals
• Control totals
Processing
Controls
• Software
• Hardware
• Firewalls
• Check Points
Output
Controls
• Encryption
• Control totals
• Control Listings
• End user feedback
Storage
Controls:EncryptionLibrary ProceduresDatabase administration
![Page 11: Mis presentation by suraj vaidya](https://reader034.vdocuments.us/reader034/viewer/2022051314/54bdf1a34a7959ff518b4580/html5/thumbnails/11.jpg)
Processing Controls
Processing
Controls
Hardware Controls Software Controls
Special Checks built into hardware to verify the accuracy of computer processing
Ensure that the right Data are being processed
![Page 12: Mis presentation by suraj vaidya](https://reader034.vdocuments.us/reader034/viewer/2022051314/54bdf1a34a7959ff518b4580/html5/thumbnails/12.jpg)
Hardware Controls
•Malfunction Detection Circuit
•Redundant Components
•(multiple read write heads on magnetic tape and disk)
•Special Purpose microprocessors and associated circuitry
•To support remote and diagnostic maintenance
![Page 13: Mis presentation by suraj vaidya](https://reader034.vdocuments.us/reader034/viewer/2022051314/54bdf1a34a7959ff518b4580/html5/thumbnails/13.jpg)
Software Controls
E.g. The operating system or other software checks the internal file labels at the beginning and end of magnetic disk and tape files.
Establishments of checkpoints during the processing of a program
![Page 14: Mis presentation by suraj vaidya](https://reader034.vdocuments.us/reader034/viewer/2022051314/54bdf1a34a7959ff518b4580/html5/thumbnails/14.jpg)
Storage Controls
Files of Computer Program,
organizational database
Data centre specialists, database
administrators
For maintenance and controlling access to the program libraries and databases of the organization
![Page 15: Mis presentation by suraj vaidya](https://reader034.vdocuments.us/reader034/viewer/2022051314/54bdf1a34a7959ff518b4580/html5/thumbnails/15.jpg)
Storage Controls
Database & File Protection
Unauthorised or accidental use by
security programgs
Account codes, passwords and other security codes
Used to allow access to authorised users only with the help of digital Catalog
Operation systems or security monitors protect the databases of real-time processing systems
![Page 16: Mis presentation by suraj vaidya](https://reader034.vdocuments.us/reader034/viewer/2022051314/54bdf1a34a7959ff518b4580/html5/thumbnails/16.jpg)
Facility Controls
Facility controls are methods that protect an organizations computing and network facilities and their contents from loss or destruction.
Facility Controls
Network Security
Physical Protection
Biometric Controls
Computer failure
![Page 17: Mis presentation by suraj vaidya](https://reader034.vdocuments.us/reader034/viewer/2022051314/54bdf1a34a7959ff518b4580/html5/thumbnails/17.jpg)
Facility Controls
Network Security
Security may be provided by specialised system software packages ‘System Security
Monitors’
![Page 18: Mis presentation by suraj vaidya](https://reader034.vdocuments.us/reader034/viewer/2022051314/54bdf1a34a7959ff518b4580/html5/thumbnails/18.jpg)
Facility Controls
Physical Protection Controls
Includes
Door locks
Burglar alarms
Closed circuit TV,
Fire detectors and extinguishers
Dust controls
![Page 19: Mis presentation by suraj vaidya](https://reader034.vdocuments.us/reader034/viewer/2022051314/54bdf1a34a7959ff518b4580/html5/thumbnails/19.jpg)
Facility Controls
Biometric Controls
It is an automated method of verifying the identify of a person, based on physiological or behavioural characteristics.
E.g., Photo of face, Fingerprints etc.
![Page 20: Mis presentation by suraj vaidya](https://reader034.vdocuments.us/reader034/viewer/2022051314/54bdf1a34a7959ff518b4580/html5/thumbnails/20.jpg)
Facility Controls
Computer Failure Controls
The information services department takes steps to prevent computer failure.
Computer with maintenance capability are brought in. Hardware and software changes are carefully made
![Page 21: Mis presentation by suraj vaidya](https://reader034.vdocuments.us/reader034/viewer/2022051314/54bdf1a34a7959ff518b4580/html5/thumbnails/21.jpg)
Threats to Information security
Threats
Human Errors Environmental Hazards Computer Crimes
E.g. Design of H/W & of Information Sys.
E.g. Earthquakes,Floods,TornadoSmoke, heat ETC.
Computer Abuse- Crime in which computer is based as tool.
![Page 22: Mis presentation by suraj vaidya](https://reader034.vdocuments.us/reader034/viewer/2022051314/54bdf1a34a7959ff518b4580/html5/thumbnails/22.jpg)
Risks to Information security
Risks
Hardware Application & Data Online Operations
![Page 23: Mis presentation by suraj vaidya](https://reader034.vdocuments.us/reader034/viewer/2022051314/54bdf1a34a7959ff518b4580/html5/thumbnails/23.jpg)
Conclusion
“It used to be expensive to make things publicand cheap to make them private. Now it’sexpensive to make things private and cheapto make them public.” — Clay Shirky, Internetscholar and professor at N.Y.U.
![Page 24: Mis presentation by suraj vaidya](https://reader034.vdocuments.us/reader034/viewer/2022051314/54bdf1a34a7959ff518b4580/html5/thumbnails/24.jpg)
DA
NK
ET
ha
nk
Yo
u