Presentation on theme: "Chapter 2 Information Security Overview The Executive Guide to Information Security manual."— Presentation transcript:
Chapter 2 Information Security Overview The Executive Guide to Information Security manual
Introduction Infor Security Programs requires solutions from: People Process Technology People administers security programs & processes to ensure info are protected Using Technology, Layered Security (defense in depth) can be develop to protect information assets.
Overview Information Security Principles & components of Info Sec program for Enterprises Review of major security technologies & best practices Foundation for more in-depth security review in subsequent classes. Information Security Principles & components of Info Sec program for Enterprises Review of major security technologies & best practices Foundation for more in-depth security review in subsequent classes.
3 Major components of Info. Sec. Program People play a critical role in Information Security. Processes provides guidelines for securing information assets Technology enables security programs to be executed. What is the weakest link in Info Sec.?
People Having the right people in Key positions is paramount to a successful Security Program. WHY??? Skills Change management SOD Many other reasons
Process Provides a framework/standards for People to execute security operations What are some of the processes? – Policies – Procedures – Guidelines – Work Aids – Training – Risks & Security Assessments Access on the Principle of Lease Privilege (Need-to-Know) – Others Process serves as the “glue” bwt PEOPLE & TECH to ensure Security Programs are operating effectively
The most vast and complicated component of the Security Program. Why is Technology the most complicated components? Variety of products currently in market Products don’t all work in sync together Need special knowledge to run different security applications. Constant upgrades/maintenance to ensure product operates in an optimal manner
Defense – in – Depth Layer security for – Gateway – entryway btw 1 part of the environment to another (internet to network) – Server – PCs that performs shared functions (ERP, SAP, PeopleSoft) – Client – desktops, laptops, PDAs, others that employees used daily 4 Major zones for defense 1.External (internet) 2.Extranet 3.Intranet 4.Missions Critical systems
Authentication, Authorization & Accounting (AAA) What are some examples of Security tools? Access Control List (ACL) RSA tokens Smart cards Biometric What is a 2 factor authentication? Something you know Something you have
Privilege Access What is privilege access? – Admin, Super user, sys admin, utility, etc. How should privilege access be controlled? – Limit access, daily/wkly/monthly monitoring, mandatory access change control, etc. What is Single Sign on (SSO) & how should this be controlled? – Access on the concept of Lease privilege – Monitor & timely removal of access when not in use for 30 days. – Periodic password change
Firewalls What is a firewall? – Filters electronic traffics to allow only certain types of information to flow to the CO’s network What are the 3 type of firewalls? – Packet Filtering – reviews the header/address – Statefull Inspection- verify the inbound packet matches the outbound request (identifies legitimacy of source ie addresses on a letter) – Proxy firewall-read & rewrite ea. packet to only allow valid messages to pass to the network. More secure at a slower speed.
Virtual Private Networks (VPN) What is VPN? – Tool that enables secure connection the network when using public network (internet) – Use encryption to protect data (tunnel) – Uses hardware & software combo to secure access
Anti-Virus Software Why should you install updated anti-virus? – Prevent pc infection from virus, worms, Trojan horse, malware in general – Virus vs Worms- what is the difference? Signature vs Heuristic virus – Signature relays on know pattern – Heuristic looks for pattern of potential virus (lots of false positives)
Vulnerability Management Network based & Host based – Network base identify know vulnerabilities on the network – Host based scan physical devices ( servers) Patch management Intrusion Detection System (IDS) Intrusion Prevention System (IPS) Content Filtering Encryption (symmetric & asymetric)
Summary Key Points Effective info sec program use a combination of People, Process & Technology People are the weakest link, therefore, it is the most important aspect of the program Process is the gel that binds People & Technology to effectively protect information assets Technology can be use to layer security for Defense –in-Depth approach to protect information asset.