Presentation is loading. Please wait.

Presentation is loading. Please wait.

Recommending a Security Strategy

Published byJonas Payne Modified over 5 years ago

Similar presentations

Presentation on theme: "Recommending a Security Strategy"— Presentation transcript:

1 Recommending a Security Strategy
Ideas for today and tomorrow

2 Industry breach discovery
A few of our firm’s major competitors experienced a security data breach in its undisclosed cross-functional enterprise systems within a three-month timeframe. This event heightened the security awareness for our company.

3 Common Computer breaches
Figure 1

4 Enterprise-level Security action plan
IT Department Suppliers, Employees, and customers Implement the Security changes: For Suppliers Add a new Access Rule to Firewall Add certificate of Authority from a Third party [VeriSign] Add Public Key Encryption For Employees Add new Security Policies and train everyone in a Mandatory meeting Enforcement of Security Plan For Customers FAQ Best Practices with our software and hardware Internal Action Plan User Education and Training Develop FAQ from meetings Creation of a Honey Pot using Cisco Reviewing/Monitoring data Study Pharming attacks Create Access rules for the Network firewall. Review Potential Vulnerabilities

5 IT Reviews these potential vulnerabilities
Study Elevation of privilege Hoaxes Packet tampering Sniffer Spoofing Splogs Spyware Dumpster Diving Social engineering, hackers use their social skills to trick people into revealing access credentials or other valuable information.

6 Employees new security guidelines
Mandatory Computer-Use Meetings & sign document Discuss new Security Policies Computer do’s and dont’s in simple language

7 Security for Supplier Connections
The IT Teams will add specific computers from the Suppliers to have access to our network Set up a Certificate of Authority with a third party [VeriSign] Add Public Key Encryption

8 Security recommendations for customers
Add related FAQs to Customer Access area Add other Security Tips and expectations from firm, if a Virus or Worm found when connecting,

9 Network Security Plan for internal use
Certain file sharing applications are prohibited to be used on the corporate network. Kazaz, and IM software leaks cookies onto the network. Corporate laptops and computers can not be used for personal use. Virus protection scans every day with updates Authentication and authorization occurs by department only. New Information Security policies Requiring users to log off before leaving for lunch or meetings Never share passwords – and changing it every 30 days. Specific s and links to not click on No social engineering sites utilized on work computers, except Linked-In

10 Bibliography Google Images( figure1). (n.d.). Retrieved December 05, 2016, from Paige Baltzan. (2015). Business-Driven Technology. 6th Edition.

Download ppt "Recommending a Security Strategy"

Similar presentations

Unit 1 Living in the Digital WorldChapter 1 Lets Communicate Internet Safety.

Unit 1 Living in the Digital WorldChapter 1 Lets Communicate Internet Safety.
Ethics, Privacy and Information Security

Ethics, Privacy and Information Security
CHAPTER OVERVIEW SECTION 4.1 – Ethics

CHAPTER OVERVIEW SECTION 4.1 – Ethics
McGraw-Hill/Irwin ©2009 The McGraw-Hill Companies, All Rights Reserved CHAPTER 4 ETHICS AND INFORMATION SECURITY Business Driven Information Systems 2e.

McGraw-Hill/Irwin ©2009 The McGraw-Hill Companies, All Rights Reserved CHAPTER 4 ETHICS AND INFORMATION SECURITY Business Driven Information Systems 2e.
Chapter 4 McGraw-Hill/Irwin Copyright © 2011 by The McGraw-Hill Companies, Inc. All rights reserved. Ethics and Information Security.

Chapter 4 McGraw-Hill/Irwin Copyright © 2011 by The McGraw-Hill Companies, Inc. All rights reserved. Ethics and Information Security.
Online Banking Fraud Prevention Recommendations and Best Practices This document provides you with fraud prevention best practices that every employee.

Online Banking Fraud Prevention Recommendations and Best Practices This document provides you with fraud prevention best practices that every employee.
Copyright © 2015 McGraw-Hill Education. All rights reserved. No reproduction or distribution without the prior written consent of McGraw-Hill Education.

Copyright © 2015 McGraw-Hill Education. All rights reserved. No reproduction or distribution without the prior written consent of McGraw-Hill Education.
Secure Computing Network

Secure Computing Network
Security Presented by : Qing Ma. Introduction Security overview security threats password security, encryption and network security as specific.

Security Presented by : Qing Ma. Introduction Security overview security threats password security, encryption and network security as specific.
Developing Network Security Strategies Network Security D ESIGN Network Security M ECHANISMS.

Developing Network Security Strategies Network Security D ESIGN Network Security M ECHANISMS.
McGraw-Hill/Irwin ©2008 The McGraw-Hill Companies, All Rights Reserved ETHICS SECTION 4.1.

McGraw-Hill/Irwin ©2008 The McGraw-Hill Companies, All Rights Reserved ETHICS SECTION 4.1.
McGraw-Hill © 2008 The McGraw-Hill Companies, Inc. All rights reserved. Chapter 8 Threats and Safeguards Chapter 8 PROTECTING PEOPLE AND INFORMATION Threats.

McGraw-Hill © 2008 The McGraw-Hill Companies, Inc. All rights reserved. Chapter 8 Threats and Safeguards Chapter 8 PROTECTING PEOPLE AND INFORMATION Threats.
Sanjay Goel, School of Business/Center for Information Forensics and Assurance University at Albany Proprietary Information 1 Unit Outline Qualitative.

Sanjay Goel, School of Business/Center for Information Forensics and Assurance University at Albany Proprietary Information 1 Unit Outline Qualitative.
Security Management IACT 918 July 2004 Gene Awyzio SITACS University of Wollongong.

Security Management IACT 918 July 2004 Gene Awyzio SITACS University of Wollongong.
Brian Bradley.  Data is any type of stored digital information.  Security is about the protection of assets.  Prevention: measures taken to protect.

Brian Bradley.  Data is any type of stored digital information.  Security is about the protection of assets.  Prevention: measures taken to protect.
CHAPTER FOUR ETHICS AND INFORMATION SECURITY MIS BUSINESS CONCERNS

CHAPTER FOUR ETHICS AND INFORMATION SECURITY MIS BUSINESS CONCERNS
Security. If I get 7.5% interest on $5,349.44, how much do I get in a month? (.075/12) =.00625 * 5,349.44 = $33.434 What happens to the.004?.004+.004+.004=.012.004.

Security. If I get 7.5% interest on $5,349.44, how much do I get in a month? (.075/12) = * 5, = $ What happens to the.004? =
1 Title ECI: Anatomy of a Cyber Investigation Who Are the Actors.

1 Title ECI: Anatomy of a Cyber Investigation Who Are the Actors.
Kittiphan Techakittiroj (04/09/58 19:56 น. 04/09/58 19:56 น. 04/09/58 19:56 น.) Network Security (the Internet Security) Kittiphan Techakittiroj

Kittiphan Techakittiroj (04/09/58 19:56 น. 04/09/58 19:56 น. 04/09/58 19:56 น.) Network Security (the Internet Security) Kittiphan Techakittiroj
Copyright © 2012 by The McGraw-Hill Companies, Inc. All rights reserved. McGraw-Hill/Irwin CHAPTER FOUR ETHICS AND INFORMATION SECURITY: MIS BUSINESS CONCERNS.

Copyright © 2012 by The McGraw-Hill Companies, Inc. All rights reserved. McGraw-Hill/Irwin CHAPTER FOUR ETHICS AND INFORMATION SECURITY: MIS BUSINESS CONCERNS.

Similar presentations

Ads by Google