Basic Security Requirements

Basic Security Requirements

Basic Security Requirements

• Web site security is about keeping strangers out but at the same time allowing controlled access to a network.

• Sometimes, achieving both of these elements can be very difficult.

• However, this raises the question of whether there is any real difference between security in a paper-based business organisation and an electronic-based business organisation.

Basic Security Requirements

Security Requirements

Basic Security Requirements

• Security requirements for a website and web server primarily depend upon the purpose of the website.

• Obviously the more sensitive data required the more secure the web server and website needs to be.

Basic Security Requirements

To determine the basic security requirements of an organisation, the following issues needed to be considered:

• What needs to be protected?• How can the organisation educate users

on good security practices?• Does the organisation have an effective

system backup and storage plan?• Is system security regularly monitored and

maintained

Basic Security Requirements

Passwords

Basic Security Requirements

• Choosing a secure password is one of the easiest and least expensive ways to guard against unauthorised access.

• Unfortunately, too many people prefer to use an easy-to-remember password.

• If your password is obvious to you, however, it may also be easy for a cracker to figure out.

• The following guidelines for selecting passwords should be part of your organisations security policy.

Basic Security Requirements

• It is especially important for administrators to choose difficult passwords, and also to keep passwords confidential and to change them frequently.

Basic Security Requirements

Tips for making and keeping passwords secure include the following:

• Do not use familiar information, such as your birth date, anniversary, pet’s name, child’s name, spouse’s name, own name or nickname, user ID phone number, address, or any other words or numbers that others might associate with you.

• Do not use any word that might appear in a dictionary. Crackers can use programs that try a combination of your user ID and every word in a dictionary to gain access.

Basic Security Requirements

Tips for making and keeping passwords secure include the following:

• Make the password longer than six characters – the longer, the better.

• Choose a combination of letters and numbers; add special characters, such as exclamation marks or hyphens, if allowed.

• Do not write down your password or share it with others.

• Change your password at least every 90 days, or more frequently, if desired.

Basic Security Requirements

Backup

Basic Security Requirements

• What happens if your web server crashes? Are all your files lost forever?

• They’re not lost if you’ve done the right thing and backed up your web site.

• Backing up means making copies of all its data and putting that backup somewhere safe.

• There are several different ways in which you can back up your data.

• You can back it up to what’s called a tape drive, which is a device in your computer that stores data on magnetic tape.

Basic Security Requirements

• These used to be very popular for backups, but there are newer, more convenient, less-expensive options available, so they’re not used as much as they used to be.

• You can back up to a removable drive.• This is an easy, convenient way to back up your

data.• Another option is to back up your data to CD

or DVD.

Basic Security Requirements

How often should you back up?

Basic Security Requirements

That depends on how important your data is to you