Presentation is loading. Please wait.

Presentation is loading. Please wait.

Factors to be taken into account when designing ICT Security Policies

Published byRaymond Glenn Modified over 9 years ago

Similar presentations

Presentation on theme: "Factors to be taken into account when designing ICT Security Policies"— Presentation transcript:

1 Factors to be taken into account when designing ICT Security Policies

2 Lesson Objectives To understand the factors to take into account when designing security policies

3 You are setting up a new business.
Make a list of 5 things you think you will need to think about regarding your Security policy.

4 The factors to take into account when designing security policies

5 Physical security This involves protecting hardware and software using physical rather than software methods either to restrict access to the computer equipment or the storage medium, using physical methods (Locks, guards biometric methods)

6 Logical (software) methods
User ids, passwords, levels of access ( e.g. who can update web pages) firewalls, encryption.

7 Auditing for detection
Query any transactions that are out of the ordinary for customers, access logs

8 System Access Establishing procedures for accessing data such as log on procedures, firewalls.

9 Personnel administration
Training (including prevention of accidental misuse) , fitting the employee to the task, ensuring that staff are controlled, staff screening.

10 A code of conduct A list of roles and responsibilities that an employee should follow when using ICT equipment

11 Operational procedures
Including disaster recovery planning and dealing with threats from viruses, backup, updating antivirus.

12 Disciplinary procedures
Warnings / dismissal / prosecutions etc.

13 Exam Question A national bank wants to ensure that its financial systems are secure against attack. Other than code of conduct, describe four factors that should be included in the bank’s security policy. [8]

14 Just a Minute On a scrap piece of paper write down as many things covered today in a minute.

Download ppt "Factors to be taken into account when designing ICT Security Policies"

Similar presentations

K eep I t C onfidential Prepared by: Security Architecture Collaboration Team.

K eep I t C onfidential Prepared by: Security Architecture Collaboration Team.
HIPAA: FEDERAL REGULATIONS REGARDING PATIENT SECURITY.

HIPAA: FEDERAL REGULATIONS REGARDING PATIENT SECURITY.
BP5- METHODS BY WHICH PERSONAL DATA CAN BE PROTECTED Data Protection.

BP5- METHODS BY WHICH PERSONAL DATA CAN BE PROTECTED Data Protection.
Auditing Computer-Based Information Systems

Auditing Computer-Based Information Systems
Mr C Johnston ICT Teacher

Mr C Johnston ICT Teacher
Online Banking Fraud Prevention Recommendations and Best Practices This document provides you with fraud prevention best practices that every employee.

Online Banking Fraud Prevention Recommendations and Best Practices This document provides you with fraud prevention best practices that every employee.
Security Controls – What Works

Security Controls – What Works
ITS Offsite Workshop 2002 PolyU IT Security Policy PolyU IT/Computer Systems Security Policy (SSP) By Ken Chung Senior Computing Officer Information Technology.

ITS Offsite Workshop 2002 PolyU IT Security Policy PolyU IT/Computer Systems Security Policy (SSP) By Ken Chung Senior Computing Officer Information Technology.
Network Security. Trust Relationships (Trust Zones) High trust (internal) = f c (once you gain access); g p Low trust ( ) = more controls; fewer privileges.

Network Security. Trust Relationships (Trust Zones) High trust (internal) = f c (once you gain access); g p Low trust ( ) = more controls; fewer privileges.
Network security policy: best practices

Network security policy: best practices
Keeping Data Safe Revision Summer 2013. How many ways can data be lost? Start a list… Physical Loss or Corruption of data Accidental or Deliberate Unauthorised.

Keeping Data Safe Revision Summer How many ways can data be lost? Start a list… Physical Loss or Corruption of data Accidental or Deliberate Unauthorised.
Cloud Computing How secure is it? Author: Marziyeh Arabnejad Revised/Edited: James Childress April 2014 Tandy School of Computer Science.

Cloud Computing How secure is it? Author: Marziyeh Arabnejad Revised/Edited: James Childress April 2014 Tandy School of Computer Science.
Administrative Practices Outcome 1

Administrative Practices Outcome 1
Prepared by:Nahed AlSalah Data Security 2 Unit 19.

Prepared by:Nahed AlSalah Data Security 2 Unit 19.
Data Security GCSE ICT.

Data Security GCSE ICT.
© 2007 Cisco Systems, Inc. All rights reserved.Cisco Public 1 Version 4.1 ISP Responsibility Working at a Small-to-Medium Business or ISP – Chapter 8.

© 2007 Cisco Systems, Inc. All rights reserved.Cisco Public 1 Version 4.1 ISP Responsibility Working at a Small-to-Medium Business or ISP – Chapter 8.
Protecting ICT Systems

Protecting ICT Systems
Disaster Planning and Security Policies. Threats to data DeliberateTerrorism Criminal vandalism/sabotage White collar crime Accidental Floods and fire,

Disaster Planning and Security Policies. Threats to data DeliberateTerrorism Criminal vandalism/sabotage White collar crime Accidental Floods and fire,
Lesson 8-Information Security Process. Overview Introducing information security process. Conducting an assessment. Developing a policy. Implementing.

Lesson 8-Information Security Process. Overview Introducing information security process. Conducting an assessment. Developing a policy. Implementing.
Security of Data. Key Ideas from syllabus Security of data Understand the importance of and the mechanisms for maintaining data security Understand the.

Security of Data. Key Ideas from syllabus Security of data Understand the importance of and the mechanisms for maintaining data security Understand the.

Similar presentations

Ads by Google