Lecture 15 & 16

Views:
 
Category: Entertainment
     
 

Presentation Description

IT for Managers

Comments

Presentation Transcript

Information Security & Disaster Recovery :

Information Security & Disaster Recovery Unit – IV By Arun Mishra

Introduction:

Introduction IS security refers to Policies, procedures and technical measures used to prevent unauthorized access, alteration, theft, or physical damage to information systems. Controls: Methods, policies, and organizational procedures that ensure safety of organization’s assets; accuracy and reliability of its accounting records; and operational adherence to management standards. Organizations need to understand the potential threats/risks to IS & must define strategies to manage those risks.

IS Security Threats:

IS Security Threats Human errors or failures Manipulation of data/systems Theft of data/system - Hacking Destruction from virus Technical failure/errors of systems Natural disasters like flood, fire, earthquake, etc.

CONTEMPORARY SECURITY CHALLENGES AND VULNERABILITIES:

CONTEMPORARY SECURITY CHALLENGES AND VULNERABILITIES The architecture of a Web-based application typically includes a Web client, a server, and corporate information systems linked to databases. Each of these components presents security challenges and vulnerabilities. Floods, fires, power failures, and other electrical problems can cause disruptions at any point in the network.

System Vulnerability and Abuse:

System Vulnerability and Abuse Internet vulnerabilities Network open to anyone Size of Internet means abuses can have wide impact Use of fixed Internet addresses with cable or DSL modems creates fixed targets hackers Unencrypted VOIP E-mail, Interception Attachments with malicious software Transmitting trade secrets

System Vulnerability and Abuse:

System Vulnerability and Abuse Malware (malicious software) Viruses Software program that attaches itself to other software programs or data files in order to be executed Worms Independent computer programs that copy themselves from one computer to other computers over a network. Trojan horses Software program that appears to be benign but then does something other than expected.

System Vulnerability and Abuse:

System Vulnerability and Abuse Malware (cont.) SQL injection attacks Hackers submit data to Web forms that exploits site’s unprotected software and sends fack SQL query to database Spyware Small programs install themselves secretly on computers to monitor user Web surfing activity and serve up advertising Key loggers Record every keystroke on computer to steal serial numbers, passwords, launch Internet attacks

System Vulnerability and Abuse:

System Vulnerability and Abuse Hackers and computer crime Hackers vs. crackers Activities include System intrusion System damage Cybervandalism Intentional disruption, defacement, destruction of Web site or corporate information system

System Vulnerability and Abuse:

System Vulnerability and Abuse Spoofing Misrepresenting oneself by using fake e-mail addresses or masquerading as someone else Redirecting Web link to address different from intended one, with site masquerading as intended destination Sniffer Eavesdropping program that monitors information traveling over network Enables hackers to steal proprietary information such as e-mail, company files, etc.

Business Value of IS Security:

Business Value of IS Security Failed computer systems can lead to significant or total loss of business function Firms now more vulnerable than ever Confidential personal and financial data Trade secrets, new products, strategies A security breach may cut into firm’s market value almost immediately Inadequate security and controls also bring forth issues of liability

Business Value of IS Security:

Business Value of IS Security Electronic evidence Evidence for white collar crimes often in digital form Data on computers, e-mail, instant messages, e-commerce transactions Proper control of data can save time and money when responding to legal discovery request Computer forensics: Scientific collection, examination, authentication, preservation, and analysis of data from computer storage media for use as evidence in court of law Includes recovery of ambient and hidden data

Protecting Information System:

Protecting Information System IS Strategies Preventive strategy Detection Strategy Minimum Loss Strategy Recovery Strategy Corrective Action Strategy

Protecting Information System:

Protecting Information System IS Controls Physical Control: Protecting computer H/W, S/W, database, networks etc. Computer center should be water proof & fire proof. Should have emergency power system, backup system, AC system, extinguishing system etc. Technical Controls: Implemented in the application of IS itself. It include access controls, data security controls, communication controls, etc.

Protecting Information System:

Protecting Information System IS Controls (Conti..) Administrative controls: include clear guidelines & policies of organisation with regards to the use & deployment if IS. Email policy, access policy, internet use policy, access privilege of employees, etc. General Controls: for example, system development controls like budgeting, schedule, quality etc. to ensure the deployment of quality system. Application Controls: embedded within application itself and are usually written as validation rules. Popularly known as input controls, processing controls & output controls.

IS Security Technology:

IS Security Technology Firewall: A protection device that selectively discriminates against data flow out or into the organization based on the pre defined rules. Combination of hardware and software that prevents unauthorized users from accessing private networks Technologies include: Static packet filtering Network address translation (NAT) Application proxy filtering

IS Security Technology:

IS Security Technology A CORPORATE FIREWALL The firewall is placed between the firm’s private network and the public Internet or another distrusted network to protect against unauthorized traffic.

IS Security Technology:

IS Security Technology Proxy Servers: Acts as a representative of the true server of an organization. Protects the IS by restricting the direct contact with the true server. When any person from outside requests a particular web page, the proxy server receives the requests, and asks the information from true server, and then responds to the request of a person as a proxy for true web server.

IS Security Technology:

IS Security Technology Digital certificate: Data file used to establish the identity of users and electronic assets for protection of online transactions Uses a trusted third party, certification authority (CA), to validate a user’s identity CA verifies user’s identity, stores information in CA server, which generates encrypted digital certificate containing owner ID information and copy of owner’s public key

IS Security Technology:

IS Security Technology DIGITAL CERTIFICATES Digital certificates help establish the identity of people or electronic assets. They protect online transactions by providing secure, encrypted, online communication.

IS Security Technology:

IS Security Technology Intrusion detection systems: Monitor hot spots on corporate networks to detect and deter intruders Examines events as they are happening to discover attacks in progress Antivirus and antispyware software: Checks computers for presence of malware and can often eliminate it as well Require continual updating

IS Security Technology:

IS Security Technology Authentication : Validation of users identity. For an authorized access, a user is given a password or a personal identification number, which is a private word or combination of characters. In bio-metric access control, unique human characteristics are used to recognize a person, such as, fingerprints and retina of the eye. Some other examples are Tokens & Smart cards

IS Security Technology:

IS Security Technology Encryption: Transforming text or data into cipher text that cannot be read by unintended recipients Two methods for encryption on networks Secure Sockets Layer (SSL) and successor Transport Layer Security (TLS) Secure Hypertext Transfer Protocol (S-HTTP) Two methods of encryption Symmetric key encryption Sender and receiver use single, shared key Public key encryption Uses two, mathematically related keys: Public key and private key Sender encrypts message with recipient’s public key & Recipient decrypts with private key

IS Security Technology:

IS Security Technology Digital Signature : Analogous to physical signature used to authenticate the identity of the sender and also guarantees that the sent message is not been modified. They are encrypted messages that are verified as authentic. Created in two phases: First, message digest is created using mathematical algorithm/formula. Then, the software used the private (secret) key to encrypt the message digest.

Disaster Recovery Plan:

Disaster Recovery Plan In view of the unauthorized & destructive activities on the internet, organisations need to protect themselves against such attacks. The disaster recovery plan is a well documented programme that provides detailed guidance & procedures to execute during & after disaster. It also lists the role & responsibilities of person(s) involved in recovery.

Disaster Recovery Plan:

Disaster Recovery Plan A disaster recovery plan contains formalized procedures to follow in the event of a disaster Which employees will participate What their duties will be What hardware, software, and facilities will be used Priority of applications that will be processed Use of alternative facilities Offsite storage of databases

Disaster Recovery Plan:

Disaster Recovery Plan A disaster recovery plan involves following steps: Commitment of the top management. Sensitisation of all the employees. Appointment of business recovery coordinator. Establishment of priorities. Selection of recovery plan. Execution of recovery plan. Review & Updation of the disaster recovery plan.

authorStream Live Help