Presentation is loading. Please wait.

Presentation is loading. Please wait.

Security strategy. What is security strategy? How an organisation plans to protect and respond to security attacks on their information technology assets.

Published by Modified over 9 years ago

Similar presentations

Presentation on theme: "Security strategy. What is security strategy? How an organisation plans to protect and respond to security attacks on their information technology assets."— Presentation transcript:

1 Security strategy

2 What is security strategy? How an organisation plans to protect and respond to security attacks on their information technology assets. This will cover the physical configuration, software, and information handling and user practices. How an organisation plans to protect and respond to security attacks on their information technology assets. This will cover the physical configuration, software, and information handling and user practices. All organisations suffer from breaches of security. These can range from innocent attempts to access restricted resources to deliberate and prolonged attempts on computer systems and networks. All organisations suffer from breaches of security. These can range from innocent attempts to access restricted resources to deliberate and prolonged attempts on computer systems and networks.

3 Privacy of Data Privacy is an individual’s right to be secure from unauthorised disclosure of information about them stored in documents and computer files. Organisations have a duty to protect the privacy of data which they hold about members of the public and their staff, and to process this data only in the manner for which it was intended. Privacy is an individual’s right to be secure from unauthorised disclosure of information about them stored in documents and computer files. Organisations have a duty to protect the privacy of data which they hold about members of the public and their staff, and to process this data only in the manner for which it was intended.

4 Viruses, Trojans, Worms Virus A virus is a program or piece of code that, without your knowledge, is loaded and run on your computer. Viruses can also replicate themselves, normally by attaching themselves to existing program files. A virus is a program or piece of code that, without your knowledge, is loaded and run on your computer. Viruses can also replicate themselves, normally by attaching themselves to existing program files. Trojan horse A Trojan horse is a destructive program that pretends to be a helpful application of file. Unlike viruses, Trojan horses do not replicate themselves but they can be just as destructive. A Trojan horse is a destructive program that pretends to be a helpful application of file. Unlike viruses, Trojan horses do not replicate themselves but they can be just as destructive.

5 Worm A worm is a self-replicating program that reproduces itself over a network, using the resources on one machine (processor time, memory, hard disk, network connection, etc.) to attack other machines. A worm is not quite the same as a virus, which is normally a piece of program code that inserts itself into other programs. A worm is a self-replicating program that reproduces itself over a network, using the resources on one machine (processor time, memory, hard disk, network connection, etc.) to attack other machines. A worm is not quite the same as a virus, which is normally a piece of program code that inserts itself into other programs. Anti-virus software An antivirus utility searches a hard disk for viruses and removes any that are found. Most antivirus programs also offer a level of protection against Trojans and worms. An antivirus utility searches a hard disk for viruses and removes any that are found. Most antivirus programs also offer a level of protection against Trojans and worms.

6 Data Security Refers to the level of protection data stored within the organisation has from unauthorised access, and potential data loss due to failure of hardware and/or software. Refers to the level of protection data stored within the organisation has from unauthorised access, and potential data loss due to failure of hardware and/or software. Unauthorised access can be within or from outside the organisation, intentional or unintentional. There are a number of methods which can be used to prevent or reduce the risk of unauthorised access. Unauthorised access can be within or from outside the organisation, intentional or unintentional. There are a number of methods which can be used to prevent or reduce the risk of unauthorised access.

7 Access rights An organisation can protect sensitive data from unauthorised access using a system of security access rights or privileges which are allocated to users. Access to data is then restricted to only those users who have been allocated the appropriate security access rights An organisation can protect sensitive data from unauthorised access using a system of security access rights or privileges which are allocated to users. Access to data is then restricted to only those users who have been allocated the appropriate security access rights Access rights can be allocated to specific network devices which limits access to sensitive data from those devices regardless of the access rights of the individual user Access rights can be allocated to specific network devices which limits access to sensitive data from those devices regardless of the access rights of the individual user

8 These access rights differ depending on the operating system being used, but of the rights involve: Read – authority to read specific data Read – authority to read specific data Write – authority to write data (i.e. create, modify and delete) Write – authority to write data (i.e. create, modify and delete) Create – authority to create data but not to modify or delete it Create – authority to create data but not to modify or delete it Delete – authority to delete data Delete – authority to delete data Modify – authority to make changes to data Modify – authority to make changes to data Execute – authority to run programs on a particular computer. Execute – authority to run programs on a particular computer.

9 Encryption The process of changing data into a form that can be read only by the intended receiver. To decipher the message, the receiver of the encrypted data must have the proper decryption key. In traditional schemes, the sender and the receiver use the same key to encrypt and decrypt data. The process of changing data into a form that can be read only by the intended receiver. To decipher the message, the receiver of the encrypted data must have the proper decryption key. In traditional schemes, the sender and the receiver use the same key to encrypt and decrypt data.

10 Firewall The original meaning of firewall was ‘a wall constructed to prevent the spread of fire’. Computer firewalls are constructed to prevent unwanted intrusions from the Internet or other network into a PC or network. A firewall is required because threats arise when an attacker exploits a combination of PC’s unique IP address and one or more of the thousands of CP and UDP ports that are used for communications over the network. The original meaning of firewall was ‘a wall constructed to prevent the spread of fire’. Computer firewalls are constructed to prevent unwanted intrusions from the Internet or other network into a PC or network. A firewall is required because threats arise when an attacker exploits a combination of PC’s unique IP address and one or more of the thousands of CP and UDP ports that are used for communications over the network.

Download ppt "Security strategy. What is security strategy? How an organisation plans to protect and respond to security attacks on their information technology assets."

Similar presentations

IS 376 NOVEMBER 5, 2013 2013 DATA BREACH INVESTIGATIONS REPORT By The Verizon RISK Team Research Investigations Solutions Knowledge.

IS 376 NOVEMBER 5, DATA BREACH INVESTIGATIONS REPORT By The Verizon RISK Team Research Investigations Solutions Knowledge.
Let’s Talk About Cyber Security

Let’s Talk About Cyber Security
Thank you to IT Training at Indiana University Computer Malware.

Thank you to IT Training at Indiana University Computer Malware.
POSSIBLE THREATS TO DATA

POSSIBLE THREATS TO DATA
What are computer viruses and its types? Computer Viruses are malicious software programs that damage computer program entering into the computer without.

What are computer viruses and its types? Computer Viruses are malicious software programs that damage computer program entering into the computer without.
COMP6005 An Introduction to Computing Session One: An Introduction to Computing Security Issues.

COMP6005 An Introduction to Computing Session One: An Introduction to Computing Security Issues.
Networks. User access and levels Most network security involves users having different levels of user access to the network. The network manager will.

Networks. User access and levels Most network security involves users having different levels of user access to the network. The network manager will.
Computer viruses Hardware theft Software Theft Unauthorized access by hackers Information Theft Computer Crimes.

Computer viruses Hardware theft Software Theft Unauthorized access by hackers Information Theft Computer Crimes.
Information System protection and Security. Need for Information System Security §With the invent of computers and telecommunication systems, organizations.

Information System protection and Security. Need for Information System Security §With the invent of computers and telecommunication systems, organizations.
Mr C Johnston ICT Teacher

Mr C Johnston ICT Teacher
Security+ Guide to Network Security Fundamentals

Security+ Guide to Network Security Fundamentals
Lesson 14-Desktop Protection. Overview Protect against malicious code. Use the Internet. Protect against physical tampering.

Lesson 14-Desktop Protection. Overview Protect against malicious code. Use the Internet. Protect against physical tampering.
Computer Viruses and Worms By Rafael Albuernes What is a Virus? What is a Virus? What is a Worm? What is a Worm? Types of Infections Types of Infections.

Computer Viruses and Worms By Rafael Albuernes What is a Virus? What is a Virus? What is a Worm? What is a Worm? Types of Infections Types of Infections.
1 Pertemuan 05 Malicious Software Matakuliah: H0242 / Keamanan Jaringan Tahun: 2006 Versi: 1.

1 Pertemuan 05 Malicious Software Matakuliah: H0242 / Keamanan Jaringan Tahun: 2006 Versi: 1.
Lesson 11-Virtual Private Networks. Overview Define Virtual Private Networks (VPNs). Deploy User VPNs. Deploy Site VPNs. Understand standard VPN techniques.

Lesson 11-Virtual Private Networks. Overview Define Virtual Private Networks (VPNs). Deploy User VPNs. Deploy Site VPNs. Understand standard VPN techniques.
Computer viruses By: Shannon Simonian. What is a computer virus?  -Shares traits of a biological virus in people.  -Computer viruses pass from computer.

Computer viruses By: Shannon Simonian. What is a computer virus?  -Shares traits of a biological virus in people.  -Computer viruses pass from computer.
Protecting Yourself Online. VIRUSES, TROJANS, & WORMS Computer viruses are the common cold of modern technology. One e-mail in every 200 containing.

Protecting Yourself Online. VIRUSES, TROJANS, & WORMS Computer viruses are the "common cold" of modern technology. One in every 200 containing.
Security Overview. 2 Objectives Understand network security Understand security threat trends and their ramifications Understand the goals of network.

Security Overview. 2 Objectives Understand network security Understand security threat trends and their ramifications Understand the goals of network.
INTERNET THREATS AND HOW TO PROTECT YOUR COMPUTER -BRIAN ARENDT.

INTERNET THREATS AND HOW TO PROTECT YOUR COMPUTER -BRIAN ARENDT.
Chapter Nine Maintaining a Computer Part III: Malware.

Chapter Nine Maintaining a Computer Part III: Malware.

Similar presentations

Ads by Google