Security Measures Presented By: Priyank Bothra Devin Chakravarti Jayesh Chandegara Divyesh Chauhan Security Management 1
Jun 12, 2015
Security Measures
Presented By:
Priyank BothraDevin Chakravarti
Jayesh ChandegaraDivyesh Chauhan
Security Management 1
Computer Crime The unauthorized use, access, modification, and destruction of
hardware, software, data, or network resources
The unauthorized release of information
The unauthorized copying of software
Denying an end user access to his or her own hardware, software, data, or network resources
Using or conspiring to use computer or network resources illegally to obtain information or tangible property
Cyber Crime Safeguards
Different Types of Computer Crimes1. Hacking
2. Cyber theft
3. Unauthorized use at work
4. Piracy
5. Virus & Worms
6. Internet Abuses at Workplace
7. Privacy issues
8. Computer Matching
9. Theft of Intellectual Property
10. Phishing fraud
11. Adware and Spyware
Security Management 4
Common Hacking Tactics
1. Denial of Service
2. Scans
3. Sniffer
4. Spoofing
5. Trojan Horse
6. Back Doors
7. War Dialling
8. Logic Bombs
9. Buffer Overflow
10. Password Crackers
11. Social Engineering
12. Dumpster Driving
Security Management 5
Internet Abuses at Workplace
Security Management 6
Security Management
The goal of security management is the accuracy, integrity, and safety of all information system processes and resources.
Security Management 8
Internetworked Security Defenses Encryption
Data is transmitted in scrambled form
It is unscrambled by computer systems for authorized users only
The most widely used method uses a pair of public and private keys unique to each individual
Public key – encrypts the data.
Private key – decrypts the data
Security Management 9
Internetworked Security Defenses Firewalls
A gatekeeper system that protects a company’s intranets and other computer networks from intrusion
Provides a filter and safe transfer point for access to/from the Internet and other networks
Security Management 10
Internet and Intranet Firewalls
Security Management 11
Internetworked Security Defenses Email Monitoring
Use of content monitoring software that scans for troublesome words that might compromise corporate security
Anti-Virus Centralize the updating and distribution of
antivirus software Use a security suite that integrates virus
protection with firewalls, Web security, and content blocking features
Security Management 12
Other Security Measures
Security Codes Multilevel password system Encrypted passwords Smart cards with microprocessors
Backup Files Duplicate files of data or programs
Security Monitors Monitor the use of computers and networks Protects them from unauthorized use, fraud,
and destruction
Security Management 13
Other Security Measures
Biometrics Computer devices measure physical traits
that make each individual unique Fingerprints, retina scan
Computer Failure Controls Prevents computer failures or minimizes
its effects Preventive maintenance Arrange backups with a disaster recovery
organization
Security Management 14
Other Security Measures
In the event of a system failure, fault-tolerant systems have redundant processors, peripherals, and software.
A disaster recovery plan contains formalized procedures to follow in the event of a disaster
Common Biometric Verification schemes: Face geometry Fingerprints Hand geometry Blood vessel pattern in the retina of a person’s eye Voice Signature Keystroke dynamics Facial thermography Iris scan Using password or PIN
Security Management 15
16
Internet Security
Security Management 17
Securing your system
4 easy steps you can take!
1. Firewall Ex. ZoneAlarm
2. Anti Virus Ex. AVGFree
3. Anti Spyware Ex. Ad-Aware
4. Updates
Security Management 18
The future of secure web connections Extended Validation Certificates
Current system
Internet Explorer
Firefox
New system
Internet Explorer 7
Firefox 3
Security Management 19
The future of secure web connectionsExtra information
Security Management 20
Protecting data
Using strong encryption Password protected Encryption Whole disk encryption
Security Management 21
Wireless security
WLAN, WPA, ETC... What are the risks? Turning on encryption Public access
Security Management 22
Captchas
What are captchas? Do captchas work? Relay attack What about using objects? A new twist on captchas A note about accessibility
Security Management 23
Database security
SQL injections and other threats Good user names and passwords Privilege escalation Extra extensions
Security Management 24
Other Security measures
1. Disaster Recovery system
2. Fault tolerant system
3. Security codes
Security Management 25
Disaster Recovery Planning:
What is Disaster Recovery Planning?
- Restoration of Computing and Communication Services
- Disrupted By Events Primarily Focus on Technical Issues Maintenance of Back-up Example: MasterCard In St. Louis
Security Management 26
Types of Disaster Recovery
Hot Site Warm Site Cold Site
Security Management 27
Hot site:
An alternate facility or backup site Equipped with
Computers Telecommunications environmental infrastructure
Replication of Data From Live site to the Hot site
Security Management 28
Warm site:
An alternate facility or backup processing site Equipped with
Preconfigured Hardware Data Links Communication Interfaces Electrical and Environmental Condition
Replication of Data No Live Data Direct to warm site
Security Management 29
Cold site:
An alternate facility Have Environmental infrastructure No Pre-installed Provisioned at Time of Disaster
Security Management 30
Security codes
What is the Security Code? Codes used to secure
Files Data Money (Eg. Credit Cards)
Key to Lock For Safety Future Security Codes
All Biometrics
Thank You
Security Management 31