Professional Documents
Culture Documents
Submitted By:
Gurjit Singh
Shallu Thakur
MBA 3rd sem.
What is security?
The
OBJECTIVES
OBJECTIVES
An
High User
Knowledge
of IT
Systems
Theft, Sabotage,
Misuse
Lack Of
Documentation
Virus Attacks
Systems &
Network
Failure
Natural Calamities
& Fire
SO HOW DO
WE
OVERCOME
THESE
PROBLEMS?
General
controls:
Establish framework for controlling
design, security, and use of computer
programs
Software controls
Hardware controls
Computer operations controls
Data security controls
Implementation controls
ESTABLISHING A
MANAGEMENT FRAMEWORK
FOR SECURITY AND CONTROL
Application
controls:
Unique to each computerized
application
Input
Processing
Output
CREATING A CONTROL
ENVIRONMENT
Controls: Methods, policies, and
procedures
Ensures protection of
organizations assets
Ensures accuracy and reliability
of records, and operational
CREATING A CONTROL
ENVIRONMENT
Disaster recovery plan:
Runs business in event of
computer
outage
Load balancing:
Distributes large number of
requests for access among
multiple servers
CREATING A CONTROL
ENVIRONMENT
Mirroring:
Duplicating all processes and transactions
of server
on backup server to prevent any
interruption
Clustering:
Linking two computers together so that a
second computer can act as a backup to
the primary
computer or speed up
processing
Figure 10-7
A Corporate
CREATING A CONTROL
ENVIRONMENT
Internet Security
Encryption:
Challenges
Coding and scrambling of messages to
prevent their access without authorization
CREATING A CONTROL
ENVIRONMENT
Internet Security Challenges
Digital signature: -Digital code attached to
electronically transmitted message to
uniquely identify contents and sender
USER RESPONSIBILITIES
Access Control - Physical
USER RESPONSIBILITIES
Password Guidelines
Always use at least 8 character password with
combination of alphabets, numbers and special
characters (*, %, @, #, $, ^)
Use passwords that can be easily remembered by
you
Change password regularly as per policy
Use password that is significantly different from
earlier passwords
Use passwords which reveals your personal
information or words found in dictionary
Write down or Store passwords
Share passwords over phone or Email
Use passwords which do not match above complexity
criteria
USER RESPONSIBILITIES
Internet Usage
Use internet services for business purposes only
Do not access internet through dial-up
connectivity
Do not use internet for accessing auction sites
Do not use internet for hacking other computer
systems
Do not use internet to download / upload
commercial software / copyrighted material
Technology
Department
is
continuously
monitoring Internet Usage. Any illegal use of
internet and other assets shall call for
Disciplinary Action.
CREATING A CONTROL
ENVIRONMENT
Antivirus
Software
This NEC PC
has a
biometric
fingerprint
reader for fast
yet secure
access to files
and networks.
New models
of PCs are
starting to use
biometric
MANAGEMENT OPPORTUNITIES,
CHALLENGES AND SOLUTIONS
oManagement Opportunities:
Creation of secure, reliable Web sites
and systems that can support ecommerce and e-business strategies
MANAGEMENT
CHALLENGES
Designing systems that are neither overcontrolled nor under-controlled
MANAGEMENT
CHALLENGES
Solution Guidelines