Unit 32 – Networked Systems Security

Slides:

Advertisements

Similar presentations

GCSE ICT Networks & Security..

Advertisements

BP5- METHODS BY WHICH PERSONAL DATA CAN BE PROTECTED Data Protection.

Mr C Johnston ICT Teacher

Online Banking Fraud Prevention Recommendations and Best Practices This document provides you with fraud prevention best practices that every employee.

Security Week 10 Lecture 1. Why do we need security? Identify and authenticate people wanting to use the system Prevent unauthorised persons from accessing.

Security Management IACT 918 July 2004 Gene Awyzio SITACS University of Wollongong.

Security Management IACT 418/918 Autumn 2005 Gene Awyzio SITACS University of Wollongong.

Lesson 9-Securing a Network. Overview Identifying threats to the network security. Planning a secure network.

Wonga example Register Question- What risks do you think businesses face due to IT developments?

Factors to be taken into account when designing ICT Security Policies

Computer Networks IGCSE ICT Section 4.

Security-Authentication

Administrative Practices Outcome 1

Security Measures Using IS to secure data. Security Equipment, Hardware Biometrics –Authentication based on what you are (Biometrics) –Biometrics, human.

E-business Security Dana Vasiloaica Institute of Technology Sligo 22 April 2006.

ICT at Work Global Communication.

General Purpose Packages

G041: Lecture 16 Section B Revision Questions

Networks and Hackers Copyright © Texas Education Agency, All rights reserved. 1.

1.1 System Performance Security Module 1 Version 5.

Tutorial Chapter 5. 2 Question 1: What are some information technology tools that can affect privacy? How are these tools used to commit computer crimes?

Business Computing 550 Lesson 6. 2 Security Threats on Web Sites Issues and vulnerabilities 1.Illegal Access and Use (Hacking the system or users exposing.

Environment for Information Security n Distributed computing n Decentralization of IS function n Outsourcing.

Today’s Lecture Covers < Chapter 6 - IS Security

Encryption Objective 1: Explain data encryption procedures.

G061 - Network Security. Learning Objective: explain methods for combating ICT crime and protecting ICT systems.

Physical ways of keeping your system secure. Unit 7 – Assignment 2. (Task1) By, Rachel Fiveash.

By Kim Young Jun IGCSE1.  Computer network  Common types of network  Ring, bus, star and tree  Local are networks  Wide are networks  Wireless LANs.

ICT Infrastructure Used By Organisations Additional Exercise ANSWERS.

SECURITY OF DATA By: ADRIAN PERHAM. Issues of privacy; Threats to IT systems; Data integrity; Standard clerical procedures; Security measures taken to.

1.1 1 Purpose of firewall : –Control access to or from a protected network; –Implements network access policy connections pass through firewall and are.

Last Minute Security Compliance - Tips for Those Just Starting 10 th National HIPAA Summit April 7, 2005 Chris Apgar, CISSP – President Apgar &

Network Security & Accounting

Power Point Project Michael Bennett CST 105Y01 ONLINE Course Editor-Paulette Gannett.

Access Method. “ ” A key is usually intended to operate one specific lock or a small number of locks that are keyed alike, so each lock requires a unique.

Biometric Technologies

NETWORKING FUNDAMENTALS. Network+ Guide to Networks, 4e2.

Mohammed F & Aya. Peer-to-peer network are usually common in homes and small businesses and are not necessarily expensive. On a peer-to-peer network each.

Mr C Johnston ICT Teacher G055 - Lecture 03 Local and Wide Area Networks.

G041: Lecture 08 ICT Infrastructure Used By Organisations Mr C Johnston ICT Teacher

LESSON 5-2 Protecting Your Computer Lesson Contents Protecting Your Computer Best Practices for Securing Online and Network Transactions Measures for Securing.

 List as many websites as you can think of  E-commerce is short for ‘electronic commerce’  It means buying and selling goods using the Internet.

Physical security By Ola Abd el-latif Abbass Hassan.

Don’t Log in!. Recap on the previous units I’ve tried to make it as concise as possible but there is a bit of writing, to ensure that you have some notes.

Computer Networks. Computer Network ► A computer network is a group of computers that are linked together.

Computer Laws Data Protection Act 1998 Computer Misuse Act 1990.

NETWORKS (2) Mr Conti Lesson 2. Learning Objectives  By the end of this presentation we will have learned:  what a network is  the advantages and disadvantages.

Activity 1 5 minutes to discuss and feedback on the following:

Policies and Security for Internet Access

ICT Legislation  Copyright, Designs and Patents Act (1988);  Computer Misuse Act (1990);  Health and Safety at Work Act (1974);  EU Health and Safety.

Mr C Johnston ICT Teacher BTEC IT Unit 09 - Lesson 11 Network Security.

1 Lesson 24 Network Fundamentals Computer Literacy BASICS: A Comprehensive Guide to IC 3, 3 rd Edition Morrison / Wells.

BOPS – Biometric Open Protocol Standard Emilio J. Sanchez-Sierra.

Computer Security Sample security policy Dr Alexei Vernitski.

Chapter 3.  Help you understand what hardware is required to allow networks to work including: ◦ Repeaters ◦ Hub ◦ Switch ◦ Bridge ◦ Gateway (not needed.

Information Systems Design and Development Security Precautions Computing Science.

SemiCorp Inc. Presented by Danu Hunskunatai GGU ID #

Primary/secondary data sources Health and safety Security of Data Data Protection Act.

Physical Security at Data Center: A survey. Objective of the Survey  1. To identify the current physical security in data centre.  2.To analyse the.

Network System Security - Task 2. Russell Johnston.

UNIT V Security Management of Information Technology.

Hardware and software that can provide a good level of security In this presentation I am going to provide advices on hardware and software that needs.

Administrative Practices Outcome 1

Business Risks of Insecure Networks

Module 2 OBJECTIVE 14: Compare various security mechanisms.

G061 - Network Security.

Presentation transcript:

Unit 32 – Networked Systems Security

Recap - Sources of Network Attacks Internal Disaffected Staff External Internet Connections Unsecured Wireless Point Viruses introduce by email Recap - Sources of Network Attacks

Summarise different emerging technologies that are used for Security Examine different security systems used in Organisations Evaluate the security measures that are used to protect networks Learning Objectives

Considerations We know about hacking and external attacks But more sinister are internal attacks People can perform an attack/exploit better when within the network infrastructure. Being inside brings you closer to the target. Obviously try and prevent unauthorised access: Accounts, User Files and Security Logs. Balance the need to remain secure internally with the need for day to day access by authorised staff. Considerations

Locks Servers and mass storage should be kept under lock and key. Accessed by authorised staff only. Racks containing: Hubs, Switches, Routers and associated monitoring equipment also need to be locked Administrative workstations also need high security – why? There are a large range of suitable locks for these purposes. Locks

Where have you come across physical security? “Lockdown”

Physical Locks include... Latch Locks. Key Code Locks. Magnetic Locks. Day Cards - temporary passes. Swipe Cards. Biometric Locks. Iris Retina Fingerprint Face Physical Locks include...

Biometrics Systems that use a measure of an individual’s biology! Increasingly used in ICT locations. Fingerprint recognition to DNA sampling. Biometrics

The main advantage is that they give a secure “test”: They provide a link to an actual person (who may already be known to the police enforcement). Advantage - Biometrics’ users do not have to remember any code or pin – they are the pin. Advantage - Once setup, it remains easy to use and inexpensive to maintain.

Eye Scanning There are 2 main types: Iris scans Retinal scans Iris scans the structures, topology and colours of the iris to create a digital file. Retinal scans use low intensity lasers to scan the blood vessels behind the pupil of the eye – a unique map better than a fingerprint. Both of the above systems are very favourable, as the eye changes very little over a lifetime. Couple this with fingerprint scanning and you have a very secure entry point system. Eye Scanning

Emerging Technologies Homomorphic Encryption - Homomorphic encryption is a method of performing calculations on encrypted information without decrypting it first. Biometrics - Hand Geometry, Face recognition, Voice recognition, Typing recognition Enhanced video imaging - Capture more detail Emerging Technologies

Task Look into the following emerging technologies: Enhanced video imaging - http://www.securitynewsdesk.com/could-thermal-imaging-enhance-security-productivity/ http://www.silentsentinel.com/thermal-imaging-cameras.html http://www.blackhawkenterprises.com/cctvemergingtechnologies.pdf Homomorphic Encryption Biometrics Produce a short (3-4 slides) presentation on these emerging technologies. You will be selling this to a potential client Explain the technology Discuss the benefits, how will it help security? Are there any drawbacks? Which would you suggest would be best to keep a network secure? Explain your answer. Task

Email Systems - Email security is a multi-layered discipline which can involve using several types of security software and security technology. Wireless systems - Wireless networks transmit data through radio frequencies, and are open to intruders unless protected. Networked Devices - minimum security standards are needed to help protect not only the individual device, but other devices connected to the electronic communications network. Security Measures

Look into different security measures: Email Systems (Secure MIME, Relay agents), Wireless systems (Security features: Site Surveys, MAC association, WEP/WPA keys, TKIP), Networked Devices (Security features - router, switch, wireless access points) Produce a table. Brief explanation, what is it, how it’s used Why it is used in securing a Network? Web links to good websites

Banks & Government Organisations What are the threats? Organisations

Banks have always needed secure areas such as vaults protected by security codes, locks and keys, and have been concerned with the authorisation and identification of staff empowered to carry out certain activities. The honesty of staff is an important issue and careful selection and screening procedures are needed. At the appointment stage references are usually requested and other checks made on potential employees Security

In terms of day-to-day activities, a need-to-know policy might be followed to ensure that information is not needlessly disseminated within the organisation, and that sensitive paperwork such as drawings, reports and accounts is securely locked up to minimise risk. Customers, too, could present security concerns. Banks need to assess security threats arising from customer interactions, and government departments involved in taxation and benefits will have similar concerns. Security

Task Using the Internet, research the following: What fundamental security measures have been traditionally used in organisations such as banks? Produce a table showing; The systems in use. What technology they use. How are they ensuring security of the network. Are they using emerging technologies? Evaluate the use of the security measures, are they still doing the job effectively? Task

Websites: https://www.giac.org/paper/gsec/3145/alarm-cctv-unified-systems-physical-security-options-mexican-banks/105232 http://www.securitymagazine.com/articles/85356-banking-battlegrounds-cyber-and-physical-security-risks-today http://www.cisco.com/web/strategy/docs/finance/solution_overview_c22-550743.pdf http://www.professionalsecurity.co.uk/news/interviews/a-future-for-physical-security-at-banks/

Summarise different emerging technologies that are used for Security Examine different security systems used in Organisations Evaluate the physical security measures that are used to protect networks Learning Objectives