Security management(new) (1)

Security Measures

Presented By:

Priyank BothraDevin Chakravarti

Jayesh ChandegaraDivyesh Chauhan

Security Management 1

Computer Crime The unauthorized use, access, modification, and destruction of

hardware, software, data, or network resources

The unauthorized release of information

The unauthorized copying of software

Denying an end user access to his or her own hardware, software, data, or network resources

Using or conspiring to use computer or network resources illegally to obtain information or tangible property

Cyber Crime Safeguards

Different Types of Computer Crimes1. Hacking

2. Cyber theft

3. Unauthorized use at work

4. Piracy

5. Virus & Worms

6. Internet Abuses at Workplace

7. Privacy issues

8. Computer Matching

9. Theft of Intellectual Property

10. Phishing fraud

11. Adware and Spyware

Security Management 4

Common Hacking Tactics

1. Denial of Service

2. Scans

3. Sniffer

4. Spoofing

5. Trojan Horse

6. Back Doors

7. War Dialling

8. Logic Bombs

9. Buffer Overflow

10. Password Crackers

11. Social Engineering

12. Dumpster Driving

Security Management 5

Internet Abuses at Workplace

Security Management 6

Security Management

The goal of security management is the accuracy, integrity, and safety of all information system processes and resources.

Security Management 8

Internetworked Security Defenses Encryption

Data is transmitted in scrambled form

It is unscrambled by computer systems for authorized users only

The most widely used method uses a pair of public and private keys unique to each individual

Public key – encrypts the data.

Private key – decrypts the data

Security Management 9

Internetworked Security Defenses Firewalls

A gatekeeper system that protects a company’s intranets and other computer networks from intrusion

Provides a filter and safe transfer point for access to/from the Internet and other networks

Security Management 10

Internet and Intranet Firewalls

Security Management 11

Internetworked Security Defenses Email Monitoring

Use of content monitoring software that scans for troublesome words that might compromise corporate security

Anti-Virus Centralize the updating and distribution of

antivirus software Use a security suite that integrates virus

protection with firewalls, Web security, and content blocking features

Security Management 12

Other Security Measures

Security Codes Multilevel password system Encrypted passwords Smart cards with microprocessors

Backup Files Duplicate files of data or programs

Security Monitors Monitor the use of computers and networks Protects them from unauthorized use, fraud,

and destruction

Security Management 13

Other Security Measures

Biometrics Computer devices measure physical traits

that make each individual unique Fingerprints, retina scan

Computer Failure Controls Prevents computer failures or minimizes

its effects Preventive maintenance Arrange backups with a disaster recovery

organization

Security Management 14

Other Security Measures

In the event of a system failure, fault-tolerant systems have redundant processors, peripherals, and software.

A disaster recovery plan contains formalized procedures to follow in the event of a disaster

Common Biometric Verification schemes: Face geometry Fingerprints Hand geometry Blood vessel pattern in the retina of a person’s eye Voice Signature Keystroke dynamics Facial thermography Iris scan Using password or PIN

Security Management 15

16

Internet Security

Security Management 17

Securing your system

4 easy steps you can take!

1. Firewall Ex. ZoneAlarm

2. Anti Virus Ex. AVGFree

3. Anti Spyware Ex. Ad-Aware

4. Updates

Security Management 18

The future of secure web connections Extended Validation Certificates

Current system

Internet Explorer

Firefox

New system

Internet Explorer 7

Firefox 3

Security Management 19

The future of secure web connectionsExtra information

Security Management 20

Protecting data

Using strong encryption Password protected Encryption Whole disk encryption

Security Management 21

Wireless security

WLAN, WPA, ETC... What are the risks? Turning on encryption Public access

Security Management 22

Captchas

What are captchas? Do captchas work? Relay attack What about using objects? A new twist on captchas A note about accessibility

Security Management 23

Database security

SQL injections and other threats Good user names and passwords Privilege escalation Extra extensions

Security Management 24

Other Security measures

1. Disaster Recovery system

2. Fault tolerant system

3. Security codes

Security Management 25

Disaster Recovery Planning:

What is Disaster Recovery Planning?

- Restoration of Computing and Communication Services

- Disrupted By Events Primarily Focus on Technical Issues Maintenance of Back-up Example: MasterCard In St. Louis

Security Management 26

Types of Disaster Recovery

Hot Site Warm Site Cold Site

Security Management 27

Hot site:

An alternate facility or backup site Equipped with

Computers Telecommunications environmental infrastructure

Replication of Data From Live site to the Hot site

Security Management 28

Warm site:

An alternate facility or backup processing site Equipped with

Preconfigured Hardware Data Links Communication Interfaces Electrical and Environmental Condition

Replication of Data No Live Data Direct to warm site

Security Management 29

Cold site:

An alternate facility Have Environmental infrastructure No Pre-installed Provisioned at Time of Disaster

Security Management 30

Security codes

What is the Security Code? Codes used to secure

Files Data Money (Eg. Credit Cards)

Key to Lock For Safety Future Security Codes

All Biometrics

Thank You

Security Management 31