Policies and Security for Internet Access

Slides:



Advertisements
Similar presentations
Unit 1 Living in the Digital WorldChapter 1 Lets Communicate Internet Safety.
Advertisements

Networks. User access and levels Most network security involves users having different levels of user access to the network. The network manager will.
Two-Factor Authentication & Tools for Password Management August 29, 2014 Pang Chamreth, IT Development Innovations 1.
Mr C Johnston ICT Teacher
Online Banking Fraud Prevention Recommendations and Best Practices This document provides you with fraud prevention best practices that every employee.
Lesson 11-Virtual Private Networks. Overview Define Virtual Private Networks (VPNs). Deploy User VPNs. Deploy Site VPNs. Understand standard VPN techniques.
Factors to be taken into account when designing ICT Security Policies
Title: The Internet LO: Security risks. Security risks Types of risks: 1.Phishing 2.Pharming 3.Spamming 4.Spyware 5.Cookies 6.Virus.
Quiz Review.
New Data Regulation Law 201 CMR TJX Video.
Threats to I.T Internet security By Cameron Mundy.
Information Security Information Technology and Computing Services Information Technology and Computing Services
Internet Safety By Megan Wilkinson. Viruses If your computer haves a viruses on it, it will show one of them or a different one. All commuters have different.
Internet safety By Lydia Snowden.
E-business Security Dana Vasiloaica Institute of Technology Sligo 22 April 2006.
Data Security GCSE ICT.
CHC DI Group. What We Will Cover Securing your devices and computers. Passwords. s. Safe browsing for shopping and online banks. Social media.
GOLD UNIT 4 - IT SECURITY FOR USERS (2 CREDITS) Cameron Simpson.
© 2007 Cisco Systems, Inc. All rights reserved.Cisco Public ITE PC v4.0 Chapter 1 1 Basic Security Networking for Home and Small Businesses – Chapter 8.
1.1 System Performance Security Module 1 Version 5.
Section 6 Theory Software Copyright, Viruses and Hacking.
IT security By Tilly Gerlack.
Adam Soph, Alexandra Smith, Landon Peterson. Phishing is a way of attempting to acquire information such as usernames, passwords, and credit card details.
GOLD UNIT 4 - IT SECURITY FOR USERS (2 CREDITS) Thomas Jenkins.
Malicious Attack Corporate Awareness and Walk through Date 29 September 2011.
PLUG IT IN 7 Protecting Your Information Assets. 1.How to Protect Your Assets: The Basics 2.Behavioral Actions to Protect Your Information Assets 3.Computer-Based.
Chapter 13 Understanding E-Security. 2 OBJECTIVES What are security concerns (examples)? What are two types of threats (client/server) Virus – Computer.
TECHNOLOGY GUIDE THREE Protecting Your Information Assets.
Starter How many methods of keeping data secure can you think of… Username and Password Biometrics Digital Signature Encryption Access Levels Physical.
 A computer virus is a program or piece of code that is loaded onto your computer without your knowledge and runs against your wishes. It is deliberately.
GOLD UNIT 4 - IT SECURITY FOR USERS (2 CREDITS) Rebecca Pritchard.
Types of Electronic Infection
Internet and Social Media Security. Outline Statistics Facebook Hacking and Security Data Encryption Cell Phone Hacking.
PLUG IT IN SIX Protecting Your Information Assets.
G061 - Network Security. Learning Objective: explain methods for combating ICT crime and protecting ICT systems.
Information Systems Security
Data Security Overview. Data Security Periphery –Firewalls –Web Filtering –Intrusion Detection & Prevention Internal –Virus Protection –Anti Spy-ware.
Data protection This means ensuring that stored data does not get changed, removed or accessed accidentally or by unauthorised people. Data can be corrupted,
GOLD UNIT 4 - IT SECURITY FOR USERS (2 CREDITS) Kamran Didcote.
Network Security & Accounting
Chapter 12: How Private are Web Interactions?. Why we care? How much of your personal info was released to the Internet each time you view a Web page?
GOLD UNIT 4 - IT SECURITY FOR USERS (2 CREDITS) Cameron Simpson.
Cyber Safety Mohammad Abbas Alamdar Teacher of ICT STS Ajman – Boys School.
LESSON 5-2 Protecting Your Computer Lesson Contents Protecting Your Computer Best Practices for Securing Online and Network Transactions Measures for Securing.
Web 2.0 Technologies Photocopiable/digital resources may only be copied by the purchasing institution on a single site and for their own use.
Wireless Technologies
Communication Methods
Unit 1 Understanding computer systems: How legal, ethical, safety and security issues affect how computers should be used OCR Cambridge Nationals in ICT.
Mr C Johnston ICT Teacher BTEC IT Unit 09 - Lesson 11 Network Security.
Foundation year Lec.4: Lec.4: Communication Software Internet & Security Lecturer: Dalia Mirghani Year : 2014/2015.
Blogs How to use the bog safely and secure? Create new username. Create a strong password to your account. Create the password to your uploaded files.
By: Jasmin Smith  ability to control what information one reveals about one’s self over the Internet.
ONLINE SECURITY Tips 1 Online Security Online Security Tips.
Animation The rapid display of a sequence of images of 2-D or 3-D artwork/model positions, in order to create an illusion of movement.
Computer Security Sample security policy Dr Alexei Vernitski.
Ethical, Safety and other issues when using the Internet Displays a knowledge of networking in terms of user- access Demonstrates responsible.
Security issues regarding data transfer
By: Matt Winkeler.  PCI – Payment Card Industry  DSS – Data Security Standard  PAN – Primary Account Number.
SAP – our anti-hacking software. Banking customers can do most transactions, payments and transfer online, through very secure encrypted connections.
Information Systems Design and Development Security Precautions Computing Science.
Outline of this module By the end of this module, you will be able to: Understand the benefits that internet banking provides; Name the different dangers.
Personal spaces.
Fun gym Cambridge Nationals R001.
Fun gym Cambridge Nationals R001.
Data Security GCSE ICT.
Computer Security.
G061 - Network Security.
Presentation transcript:

Policies and Security for Internet Access Photocopiable/digital resources may only be copied by the purchasing institution on a single site and for their own use

Links to Progress Leisure Pre-Release From Progress Leisure pre-release material: Security methods, including two-factor authentication Policies and procedures for Internet access ‘Customers log on to the website through a web browser or smartphone app using two-factor authentication.’ ‘Before using the wireless network, customers must agree to the Progress Leisure Acceptable Use Policy.’

Policy and Security – Single-factor Authentication Single-factor authentication (SFA) is where the user can obtain access to an account or service using one factor such as a password. Risky if same password used for many applications Recommend using unique password for each application

Policy and Security – Two-factor Authentication Two-factor authentication is a security method by which users obtain access by providing two separate factors to identify themselves. Three different types of factors that can be used for authentication are: Knowledge factor – knowing a password / PIN number Possession factor – owning a membership card / mobile Biometric factor – human characteristic fingerprint/DNA

Policy and Security – Two-factor Authentication Bank card reader example Customer needs: PIN number (knowledge) and Debit card (possession) to log in to their account Customer places card in reader and enters PIN number. The passcode displayed on the card reader is entered into a web login page to allow the customer account access.

Policy and Security – Two-factor Authentication Mobile transaction numbers (mTANs) example Member needs: Password (knowledge) Mobile phone (possession) This simple method of two-factor authentication would be suitable for Progress Leisure, as members only need knowledge of their password and possession of one of the following: Their laptop/tablet computer and their mobile phone Their smartphone for direct login Member enters username and password into Progress Leisure login page Progress Leisure receives login request from member and texts security code to member’s mobile phone Member then enters the security code to log in to the website

Policy and Security – Two-factor Authentication Two-factor authentication benefits Greater security than simply password protection Deterrent as hackers are likely to avoid this more secure system Two-factor authentication limitations Phone or card/reader needed to log on Customers dislike the extra time taken to log on

Policy and Security – Further Security Methods Password advice Use strong passwords with a mixture of numbers, letters, symbols and lower/upper case Change passwords regularly Access rights – set up by system administrator to limit network access to relevant files only for a user Encryption – used to make stored data more secure, by making it unreadable to people who do not have the key to decode it

Policy and Security – Hacking Firewall Firewall designed to check the integrity of incoming messages and requests for service from the system Suspicious messages or requests can be rerouted temporarily until the legitimacy has been established Intrusion detection systems (IDS) Designed to monitor the network or computer system for malicious activities If an incident is detected, a report is sent to the network management Further action taken if necessary to prevent any risks to the system

Policy and Security – Virus Protection Antivirus software Used to minimise the risk to data from viruses This software searches the computer system for viruses and deletes them once detected Treat files and attached email files from unknown sources with caution to avoid viruses getting into the system Spyware Spyware can be loaded into a computer system as a software virus Important to run an anti-spyware program which will prevent and detect spyware from being installed To remove any spyware that has previously been installed

Policy and Security – Acceptable Use Policy Progress Leisure has produced an acceptable use policy (AUP) for members who use their wireless network; it should contain the following sections: Purpose: to ensure that members of the centre understand what is appropriate browsing behavior, and to specify the directives necessary to protect the IT network infrastructure Acceptable Internet usage: Should include information on what members are encouraged to use Wi-Fi for, and that members must comply with current legislation. Unacceptable behaviour: Unacceptable behaviour to be listed in detail under the following headings: General and System Activities Progress Leisure Interactive Services Email and Communication Activities User Compliance: members need to sign and date that they have understood the acceptable use policy before using the system

Policy and Security: Questions Explain the following terms: (a) Single-factor authentication (2 marks) (b) Two-factor authentication, with examples of different types of factors (6 marks) Outline the process of two-factor authentication that Progress Leisure could use with a mobile transaction number approach. (6 marks) List two benefits and one limitation of using two-factor authentication. (3 marks) How might encryption be used to improve data security? (2 marks) Describe two techniques that can be used to prevent hacking of the system. (4 marks) Describe the purpose of the Progress Leisure Internet acceptable use policy. (2 marks) List three unacceptable behaviour issues with messages sent to the Progress Leisure social media site. (3 marks) Explain why Progress Leisure would make use of web monitoring software. (4 marks)

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2024 SlidePlayer.com Inc. All rights reserved.