Presentation is loading. Please wait.

Presentation is loading. Please wait.

Policies and Security for Internet Access

Published byMyrtle Flynn Modified over 8 years ago

Similar presentations

Presentation on theme: "Policies and Security for Internet Access"— Presentation transcript:

1 Policies and Security for Internet Access
Photocopiable/digital resources may only be copied by the purchasing institution on a single site and for their own use

2 Links to Progress Leisure Pre-Release
From Progress Leisure pre-release material: Security methods, including two-factor authentication Policies and procedures for Internet access ‘Customers log on to the website through a web browser or smartphone app using two-factor authentication.’ ‘Before using the wireless network, customers must agree to the Progress Leisure Acceptable Use Policy.’

3 Policy and Security – Single-factor Authentication
Single-factor authentication (SFA) is where the user can obtain access to an account or service using one factor such as a password. Risky if same password used for many applications Recommend using unique password for each application

4 Policy and Security – Two-factor Authentication
Two-factor authentication is a security method by which users obtain access by providing two separate factors to identify themselves. Three different types of factors that can be used for authentication are: Knowledge factor – knowing a password / PIN number Possession factor – owning a membership card / mobile Biometric factor – human characteristic fingerprint/DNA

5 Policy and Security – Two-factor Authentication
Bank card reader example Customer needs: PIN number (knowledge) and Debit card (possession) to log in to their account Customer places card in reader and enters PIN number. The passcode displayed on the card reader is entered into a web login page to allow the customer account access.

6 Policy and Security – Two-factor Authentication
Mobile transaction numbers (mTANs) example Member needs: Password (knowledge) Mobile phone (possession) This simple method of two-factor authentication would be suitable for Progress Leisure, as members only need knowledge of their password and possession of one of the following: Their laptop/tablet computer and their mobile phone Their smartphone for direct login Member enters username and password into Progress Leisure login page Progress Leisure receives login request from member and texts security code to member’s mobile phone Member then enters the security code to log in to the website

7 Policy and Security – Two-factor Authentication
Two-factor authentication benefits Greater security than simply password protection Deterrent as hackers are likely to avoid this more secure system Two-factor authentication limitations Phone or card/reader needed to log on Customers dislike the extra time taken to log on

8 Policy and Security – Further Security Methods
Password advice Use strong passwords with a mixture of numbers, letters, symbols and lower/upper case Change passwords regularly Access rights – set up by system administrator to limit network access to relevant files only for a user Encryption – used to make stored data more secure, by making it unreadable to people who do not have the key to decode it

9 Policy and Security – Hacking
Firewall Firewall designed to check the integrity of incoming messages and requests for service from the system Suspicious messages or requests can be rerouted temporarily until the legitimacy has been established Intrusion detection systems (IDS) Designed to monitor the network or computer system for malicious activities If an incident is detected, a report is sent to the network management Further action taken if necessary to prevent any risks to the system

10 Policy and Security – Virus Protection
Antivirus software Used to minimise the risk to data from viruses This software searches the computer system for viruses and deletes them once detected Treat files and attached files from unknown sources with caution to avoid viruses getting into the system Spyware Spyware can be loaded into a computer system as a software virus Important to run an anti-spyware program which will prevent and detect spyware from being installed To remove any spyware that has previously been installed

11 Policy and Security – Acceptable Use Policy
Progress Leisure has produced an acceptable use policy (AUP) for members who use their wireless network; it should contain the following sections: Purpose: to ensure that members of the centre understand what is appropriate browsing behavior, and to specify the directives necessary to protect the IT network infrastructure Acceptable Internet usage: Should include information on what members are encouraged to use Wi-Fi for, and that members must comply with current legislation. Unacceptable behaviour: Unacceptable behaviour to be listed in detail under the following headings: General and System Activities Progress Leisure Interactive Services and Communication Activities User Compliance: members need to sign and date that they have understood the acceptable use policy before using the system

12 Policy and Security: Questions
Explain the following terms: (a) Single-factor authentication (2 marks) (b) Two-factor authentication, with examples of different types of factors (6 marks) Outline the process of two-factor authentication that Progress Leisure could use with a mobile transaction number approach. (6 marks) List two benefits and one limitation of using two-factor authentication. (3 marks) How might encryption be used to improve data security? (2 marks) Describe two techniques that can be used to prevent hacking of the system. (4 marks) Describe the purpose of the Progress Leisure Internet acceptable use policy. (2 marks) List three unacceptable behaviour issues with messages sent to the Progress Leisure social media site. (3 marks) Explain why Progress Leisure would make use of web monitoring software. (4 marks)

Download ppt "Policies and Security for Internet Access"

Similar presentations

Unit 1 Living in the Digital WorldChapter 1 Lets Communicate Internet Safety.

Unit 1 Living in the Digital WorldChapter 1 Lets Communicate Internet Safety.
Networks. User access and levels Most network security involves users having different levels of user access to the network. The network manager will.

Networks. User access and levels Most network security involves users having different levels of user access to the network. The network manager will.
Two-Factor Authentication & Tools for Password Management August 29, 2014 Pang Chamreth, IT Development Innovations 1.

Two-Factor Authentication & Tools for Password Management August 29, 2014 Pang Chamreth, IT Development Innovations 1.
Mr C Johnston ICT Teacher

Mr C Johnston ICT Teacher
Online Banking Fraud Prevention Recommendations and Best Practices This document provides you with fraud prevention best practices that every employee.

Online Banking Fraud Prevention Recommendations and Best Practices This document provides you with fraud prevention best practices that every employee.
Lesson 11-Virtual Private Networks. Overview Define Virtual Private Networks (VPNs). Deploy User VPNs. Deploy Site VPNs. Understand standard VPN techniques.

Lesson 11-Virtual Private Networks. Overview Define Virtual Private Networks (VPNs). Deploy User VPNs. Deploy Site VPNs. Understand standard VPN techniques.
Factors to be taken into account when designing ICT Security Policies

Factors to be taken into account when designing ICT Security Policies
Title: The Internet LO: Security risks. Security risks Types of risks: 1.Phishing 2.Pharming 3.Spamming 4.Spyware 5.Cookies 6.Virus.

Title: The Internet LO: Security risks. Security risks Types of risks: 1.Phishing 2.Pharming 3.Spamming 4.Spyware 5.Cookies 6.Virus.
Quiz Review.

Quiz Review.
New Data Regulation Law 201 CMR 17.00. TJX Video.

New Data Regulation Law 201 CMR TJX Video.
Threats to I.T Internet security By Cameron Mundy.

Threats to I.T Internet security By Cameron Mundy.
Information Security Information Technology and Computing Services Information Technology and Computing Services

Information Security Information Technology and Computing Services Information Technology and Computing Services
Internet Safety By Megan Wilkinson. Viruses If your computer haves a viruses on it, it will show one of them or a different one. All commuters have different.

Internet Safety By Megan Wilkinson. Viruses If your computer haves a viruses on it, it will show one of them or a different one. All commuters have different.
Internet safety By Lydia Snowden.

Internet safety By Lydia Snowden.
E-business Security Dana Vasiloaica Institute of Technology Sligo 22 April 2006.

E-business Security Dana Vasiloaica Institute of Technology Sligo 22 April 2006.
Data Security GCSE ICT.

Data Security GCSE ICT.
CHC DI Group. What We Will Cover Securing your devices and computers. Passwords. Emails. Safe browsing for shopping and online banks. Social media.

CHC DI Group. What We Will Cover Securing your devices and computers. Passwords. s. Safe browsing for shopping and online banks. Social media.
GOLD UNIT 4 - IT SECURITY FOR USERS (2 CREDITS) Cameron Simpson.

GOLD UNIT 4 - IT SECURITY FOR USERS (2 CREDITS) Cameron Simpson.
© 2007 Cisco Systems, Inc. All rights reserved.Cisco Public ITE PC v4.0 Chapter 1 1 Basic Security Networking for Home and Small Businesses – Chapter 8.

© 2007 Cisco Systems, Inc. All rights reserved.Cisco Public ITE PC v4.0 Chapter 1 1 Basic Security Networking for Home and Small Businesses – Chapter 8.
1.1 System Performance Security Module 1 Version 5.

1.1 System Performance Security Module 1 Version 5.

Similar presentations

Ads by Google