Presentation is loading. Please wait.

Presentation is loading. Please wait.

INFORMATION SECURITY The protection of information from accidental or intentional misuse of a persons inside or outside an organization Comp 212 – Computer.

Published byChad Oliver Modified over 5 years ago

Similar presentations

Presentation on theme: "INFORMATION SECURITY The protection of information from accidental or intentional misuse of a persons inside or outside an organization Comp 212 – Computer."— Presentation transcript:

1 INFORMATION SECURITY The protection of information from accidental or intentional misuse of a persons inside or outside an organization Comp 212 – Computer Fundamentals and Programming I

2 Protecting Intellectual Assets
Organizational information is intellectual capital and must be protected Health Insurance Portability Act (HIPA) is one example of information security in action

3 People are the first line of defense
Insiders account for 33% of security incidents in an organization Information security policies – identify the rules required to maintain information security Information security plan – details how an organization will implement the information security policies.

4 Steps for creating an Information Security Plan
Develop the information security policies Designate responsibility and accountability to individual to follow the security plans 2. Communicate the information security policies Training employees to follow security policies and communicate consequences for not following those policies.

5 Steps for creating an Information Security Plan
3. Identify critical information assets and risks Require user IDs, passwords and anti-virus software. Implement firewalls and Intrusion Detection Software. 4. Test and reevaluate risks Continually perform security reviews, audits, background checks, and security assessments.

6 Steps for creating an Information Security Plan
Obtain Stakeholder support Gain the approval and support of the board of directors and stakeholders concerning the security

7 Second line of Defense-Technology
Authentication and Authorization Prevention and Resistance Detection and Response

8 Authentication and Authorization
Authentication – method for confirming users identities Authorization – process of giving someone permission to do or have something

9 Authentication and Authorization
Something the user knows – user IDs and passwords. Identity theft – forging of someone’s identity for the purpose of fraud. Phishing – an online form of identity theft, commonly through . B. Something the user has – Smart Card – a device the size of a credit card that can store small amount of information. Tokens – small electronic devices that change user passwords automatically.

10 Authentication and Authorization
C. Something that is part of the user – fingerprint or voice signature 1. Biometrics – the identification of a user based on a physical characteristics, such as finger print, iris, face, voice or handwriting.

11 Prevention and Resistance
Content filtering – occurs when software is used that filters content to prevent the transmission of unauthorized information. Encryption – scrambles information into an alternative form that requires a key or password to decrypt the information. Firewall – hardware and/or software that guards a private network by analyzing the information leaving and entering the network.

12 Detection and Response
If prevention and resistance strategies fail an organization can use detection and response technologies to minimize and correct any damage. The most common being anti virus software, software that scans the system for potential threats to that system.

13 Detection and Response
Hacker – people very knowledgeable about computers who use their knowledge to invade other people’s computers. White-hat hacker Black-hat hacker Hactivists Script kiddies or Script bunnies Cracker Cyberterrorists

14 Detection and Response
Virus – software written with malicious intent to cause annoyance or damage. Worm Denial-of-service Attack (DoS) Distributed Denial-of-service Attack (DDoS) Trojan horse virus Backdoor program Polymorphic virus and worm

15 END

Download ppt "INFORMATION SECURITY The protection of information from accidental or intentional misuse of a persons inside or outside an organization Comp 212 – Computer."

Similar presentations

2 Issues of the information age Computer _______ and mistakes –Preventing computer related waste & mistakes Computer crime –Computer as tool to commit.

2 Issues of the information age Computer _______ and mistakes –Preventing computer related waste & mistakes Computer crime –Computer as tool to commit.
E-Commerce Security Issues. General E-Business Security Issues Any E-Business needs to be concerned about network security. The Internet is a “ public.

E-Commerce Security Issues. General E-Business Security Issues Any E-Business needs to be concerned about network security. The Internet is a “ public.
CHAPTER OVERVIEW SECTION 4.1 – Ethics

CHAPTER OVERVIEW SECTION 4.1 – Ethics
McGraw-Hill/Irwin ©2009 The McGraw-Hill Companies, All Rights Reserved CHAPTER 4 ETHICS AND INFORMATION SECURITY Business Driven Information Systems 2e.

McGraw-Hill/Irwin ©2009 The McGraw-Hill Companies, All Rights Reserved CHAPTER 4 ETHICS AND INFORMATION SECURITY Business Driven Information Systems 2e.
Chapter 4 McGraw-Hill/Irwin Copyright © 2011 by The McGraw-Hill Companies, Inc. All rights reserved. Ethics and Information Security.

Chapter 4 McGraw-Hill/Irwin Copyright © 2011 by The McGraw-Hill Companies, Inc. All rights reserved. Ethics and Information Security.
Chapter 9: Privacy, Crime, and Security

Chapter 9: Privacy, Crime, and Security
Sarbanes-Oxley: Where Information Technology, Finance, and Ethics Meet

Sarbanes-Oxley: Where Information Technology, Finance, and Ethics Meet
BUSINESS PLUG-IN B6 Information Security.

BUSINESS PLUG-IN B6 Information Security.
McGraw-Hill/Irwin ©2009 The McGraw-Hill Companies, All Rights Reserved CHAPTER 4 ETHICS AND INFORMATION SECURITY Business Driven Information Systems 2e.

McGraw-Hill/Irwin ©2009 The McGraw-Hill Companies, All Rights Reserved CHAPTER 4 ETHICS AND INFORMATION SECURITY Business Driven Information Systems 2e.
McGraw-Hill/Irwin © 2008 The McGraw-Hill Companies, All Rights Reserved Business Plug-In B6 Information Security.

McGraw-Hill/Irwin © 2008 The McGraw-Hill Companies, All Rights Reserved Business Plug-In B6 Information Security.
Copyright © 2015 McGraw-Hill Education. All rights reserved. No reproduction or distribution without the prior written consent of McGraw-Hill Education.

Copyright © 2015 McGraw-Hill Education. All rights reserved. No reproduction or distribution without the prior written consent of McGraw-Hill Education.
ETHICS AND INFORMATION SECURITY: MIS BUSINESS CONCERNS

ETHICS AND INFORMATION SECURITY: MIS BUSINESS CONCERNS
Security+ Guide to Network Security Fundamentals

Security+ Guide to Network Security Fundamentals
McGraw-Hill/Irwin ©2008 The McGraw-Hill Companies, All Rights Reserved ETHICS SECTION 4.1.

McGraw-Hill/Irwin ©2008 The McGraw-Hill Companies, All Rights Reserved ETHICS SECTION 4.1.
4-1 Chapter Four Overview SECTION 4.1 - ETHICS –Ethics –Information Ethics –Developing Information Management Policies –Ethics in the Workplace SECTION.

4-1 Chapter Four Overview SECTION ETHICS –Ethics –Information Ethics –Developing Information Management Policies –Ethics in the Workplace SECTION.
Lesson 9-Securing a Network. Overview Identifying threats to the network security. Planning a secure network.

Lesson 9-Securing a Network. Overview Identifying threats to the network security. Planning a secure network.
Security Overview. 2 Objectives Understand network security Understand security threat trends and their ramifications Understand the goals of network.

Security Overview. 2 Objectives Understand network security Understand security threat trends and their ramifications Understand the goals of network.
CSUN Information Systems IS312 Information Systems for Business Lecture 9 Ethic & Information Security.

CSUN Information Systems IS312 Information Systems for Business Lecture 9 Ethic & Information Security.
CHAPTER FOUR ETHICS AND INFORMATION SECURITY MIS BUSINESS CONCERNS

CHAPTER FOUR ETHICS AND INFORMATION SECURITY MIS BUSINESS CONCERNS
Security. If I get 7.5% interest on $5,349.44, how much do I get in a month? (.075/12) =.00625 * 5,349.44 = $33.434 What happens to the.004?.004+.004+.004=.012.004.

Security. If I get 7.5% interest on $5,349.44, how much do I get in a month? (.075/12) = * 5, = $ What happens to the.004? =

Similar presentations

Ads by Google