- Threat/Loss Scenario: Major elements of IS security
- Threat – person or organization seeks to obtain data or other assets illegally, without owner’s permission and often without owner’s knowledge
- Vulnerability – opportunity for threats to gain access to individual or organizational assets; for example, when you buy online, you provide your credit card data, and as data is transmitted over Internet, it is vulnerable to threats
- Safeguard – measure individuals or organizations take to block threat from obtaining an asset; not always effective, some threats achieve their goal in spite of safeguards
- Target – asset desired by threat
- Human error examples: (1) employee misunderstands operating procedures and accidentally deletes customer records; (2) employee inadvertently installs an old database on top of current one while doing backing up; (3) physical accidents, such as driving a forklift through wall of a computer room
- Computer crime – intentional destruction or theft of data or other system components
- Natural disasters – fires, floods, hurricanes, earthquakes, tsunamis, avalanches, other acts of nature; includes initial loss of capability and service, and losses recovery costs
- Unauthorized Data Disclosure
- Pretexting
- Phishing
- Spoofing
- IP spoofing
- Email spoofing
- Drive-by sniffers
- Wardrivers
- Hacking & natural disasters
- Procedures incorrectly designed or not followed
- Increasing customer’s discount or incorrectly modifying employee’s salary.
- Placing incorrect data on company Web site.
- Cause
- Improper internal controls on systems.
- System errors.
- Faulty recovery actions after a disaster.
- Viruses
- playload
- trojan horses
- worms
- spyware
- adware
What are the sources of threats?What types of security loss exists?Incorrect Data Modification
How should you respond to security threats?
Security safeguards and the five components
How can technical safeguards protect against security threats?
Use of multiple firewalls
•Organizations
normally use multiple firewalls. Perimeter firewall sits outside organizational
network; is first device that Internet traffic encounters.•Packet-filtering
firewall examines each part of a message and
determines whether to let that part pass. To make this decision, it examines
source address, destination address(es),
and other data. Packet-filtering firewalls can prohibit outsiders from starting
a session with any user behind firewall, prohibit traffic from legitimate, but
unwanted, addresses, such as competitors’ computers, and filter outbound
traffic.•No computer should connect to the
Internet without firewall protection. Many ISPs provide firewalls for their
customers. By nature, these firewalls are generic. Large organizations
supplement such generic firewalls with their own. Most home routers include
firewalls, and Microsoft Windows has a built-in firewall as well. Third parties
also license firewall products.Malware types and spyware and adware symptoms
How should organizations respond to security incidents?
•Every organization should have an incident-response plan as part of the security program. No organization should wait until some asset has been lost or compromised before deciding what to do.
•The plan should include how employees are to respond to security problems, whom they should contact, the reports to make, and steps to reduce further loss.•Identify critical personnel and their off-hours contact information
No comments:
Post a Comment