This document discusses securing information systems from various threats. It outlines why systems are vulnerable including accessibility, hardware and software problems, use of uncontrolled networks and devices. Specific threats are malware, hackers, and wireless vulnerabilities. The roles of risk assessment, security policy, auditing, identity management, firewalls, intrusion detection and antivirus software in safeguarding systems are described. Encryption techniques like public key infrastructure help protect online transactions and users' identities with digital certificates.
This document discusses securing information systems from various threats. It outlines why systems are vulnerable including accessibility, hardware and software problems, use of uncontrolled networks and devices. Specific threats are malware, hackers, and wireless vulnerabilities. The roles of risk assessment, security policy, auditing, identity management, firewalls, intrusion detection and antivirus software in safeguarding systems are described. Encryption techniques like public key infrastructure help protect online transactions and users' identities with digital certificates.
This document discusses securing information systems from various threats. It outlines why systems are vulnerable including accessibility, hardware and software problems, use of uncontrolled networks and devices. Specific threats are malware, hackers, and wireless vulnerabilities. The roles of risk assessment, security policy, auditing, identity management, firewalls, intrusion detection and antivirus software in safeguarding systems are described. Encryption techniques like public key infrastructure help protect online transactions and users' identities with digital certificates.
This document discusses securing information systems from various threats. It outlines why systems are vulnerable including accessibility, hardware and software problems, use of uncontrolled networks and devices. Specific threats are malware, hackers, and wireless vulnerabilities. The roles of risk assessment, security policy, auditing, identity management, firewalls, intrusion detection and antivirus software in safeguarding systems are described. Encryption techniques like public key infrastructure help protect online transactions and users' identities with digital certificates.
- Hardware problems: breakdowns, confg errors, damage from improper Malware use... Programs exploiting computing system - Software problems: programming vulnerabilities. errors, installation errors, ⇒ We differentiate between unauthorized changes. software threats that: - Use of networks/computers outside of - Do not replicate: activated by a trigger the firm's control. (e.g., logic bombs, viruses) - Loss and theft of portable devices. - Do replicate/propagate itself: (e.g., bots and worms) Internet Vulnerabilities - Network open to anyone. Malware Terminology - Size of the Internet means abuses can - Virus: A piece of code that inserts itself into have a wide impact. a host program (infects it). It cannot run - Use of fixed Internet addresses with independently. It requires that its host cable/DSL modems creates fixed program be run to activate it. targets for hackers. - Worm: A program that can run indep and can - Unencrypted VOIP. propagate a complete working version of itself - Interception. onto other hosts on a network. - Attachments with malicious software. - Logic bomb: A program inserted into software by an intruder. It executes on a specific condition (trigger). Wireless Security Challenges ⇒ Triggers for logic bombs can - Radio frequency bands are easy to include change in a file, by a scan. - SSIDs (service set identifiers): Identify particular series of keystrokes, or at a specific time or date. access points, broadcast multiple - Trojan horse: Programs that appear to have times, and can be identified by sniffer programs. one (useful) fct but actually perform another - (malicious) fct, without the user’s knowledge. War driving: Eavesdroppers drive by - Backdoor (trapdoor): Any mechanism that buildings and try to detect SSID and bypasses a normal security check. It is a code gain access to network and resources. ⇒ Once access point is that recognizes for example some special breached, intruder can gain input sequence of input. access to networked drives and files. lOMoARcPSD|35583974
Hackers and Computer Crime - Expected annual loss.
- Activities include: System intrusion //
System damage // Cybervandalism Security Policy: (Intentional disruption, defacement, Ranks info risks, identifies security goals and destruction of website or corporate mechanisms for achieving these goals + drives information). other policies. - Denial-of-service attacks (DoS). - Acceptable use policy (AUP): - Distributed denial-of-service attacks (DDoS). Defines acceptable uses of firm’s - Botnets. info resources and computing eq. - Spam. - Identity manag: - Computer crime: Computers may be targets ● Identifying valid users. of crime/instruments of crime. ● Controlling access.
Software Vulnerability: The Role of Auditing
- Information systems audit: Commercial software contains flaws that ● Examines firm’s overall security create security vulnerabilities: envt as well as controls - Bugs (program code defects). governing indiv info systems. - Zero defects cannot be achieved. - Security audits: - Flaws can open networks to intruders. ● Review tech, procedures, Patches: Small pieces of software to repair documentation, training, and flaws. personnel. ● May even simulate disaster to What is the Business Value of test responses. Security and Control? - Failed computer systems can lead to significant or total loss of business fct. Tools and Techs for Safeguarding - Firms now are more vulnerable than IS: ever. - Identity manag software: - A security breach may cut into a firm’s ● Automates keeping track of all market value almost immediately. users and privileges. - Inadequate security and controls also ● Authenticates users, protecting bring forth issues of liability. identities, controlling access. - Authentication: Password systems // Risk Assessment : Tokens // Smart cards // Biometric authentication // Two-factor Determines level of risk to firm if specific authentication. activity or process is not properly controlled: - Firewall: Combination of hardware and - Types of threat. software that prevents unauthorized - Probability of occurrence during the users from accessing private networks: year. ● Packet filtering. - Potential losses, value of threat. lOMoARcPSD|35583974
● Stateful inspection. with the recipient's public key.
● Network address translation ● Recipient decrypts with private (NAT). key . ● Application proxy filtering. - Digital certificate: Data file used to - Intrusion detection system: Monitors establish the identity of users and hot spots on corporate networks to electronic assets for protection of detect and deter intruders. online transactions. - Antivirus and antispyware software: ● Uses a trusted third party, ● Checks computers for presence certification authority (CA), to of malware and can often validate a user's identity. eliminate it as well. ● CA verifies user’s identity, ● Requires continual updating. stores information in CA server, - Unified threat manag (UTM) systems. which generates encrypted - WEP security: digital certificate containing ● Static encryption keys are owner ID information and copy relatively easy to crack. of owner’s public key. ● Improved if used in conjunction - Public key infrastructure (PKI): Use of with VPN. public key cryptography working with ● WPA2 specification: Replaces certificate authority. WEP with stronger standards. ● Continually changing, longer Security Issues for Cloud encryption keys. Computing and the Mobile Digital Platform: Encryption and Public Key Security in the cloud: Responsibility for Infrastructure: security resides with the company owning Encryption: Transforming text or data into the data. cipher text that cannot be read by unintended - Firms must ensure providers provide recipients: adequate protection: Where data are - Methods for encryption on networks: stored // Meeting corporate reqs, legal ● Secure Sockets Layer (SSL) and privacy laws // Segregation of data successor Transport Layer from other clients // Audits and Security (TLS). security certifications. ● Secure Hypertext Transfer - Service level agreements (SLAs). Protocol (S-HTTP). Securing mobile platforms: - Symmetric key encryption: - Security policies should include and ● Sender and receiver use a cover any special reqs for mobile single, shared key. devices. - Public key encryption: Uses two, - Mobile device manag tools: mathematically related keys: public Authorization // Inventory records // key and private key. Control updates // Lockdown/erase ● Sender encrypts the message lost devices // Encryption.