Transcript Chapter 8

CHAPTER 8
Securing Information Systems
System Vulnerability


Security (policies, procedures, technical measures)
and controls (methods, policies, procedures)
important to ensure your system is not vulnerable
Internet
 Emails

and other ways hackers access
Wireless security challenges
 War
driving and RFID bands
 Wi-fi transmission

Malware, Viruses, Worms, Trojan horses, Spyware,
SQL injection attacks, key loggers
System Vulnerability (cont)






Hackers, crackers, Script Kiddies
Spoofing (redirecting web address) and Sniffing
(eavesdropping program monitoring info over a
network)
Denial-of-service (DoS) attack
Distributed denial-of-service (DoS) attack
Botnet
Computer Crime
Common Computer Crime
System Vulnerability (cont)







Identity Theft
Phishing
Evil Twins
Pharming
Click Fraud
Cyberterrorism and Cyber Warfare
Internal threats


Social engineering
Software Vulnerability

Bugs and patches
Security and Control

Legal and Regulatory
 HIPPA
for medical
 Gramm-Leach-Bliley (Financial Services Moderation) –
consumer data in financial institutions
 Sarbanes-Oxley Act – protects investors from financial
scandals

Electronic Evidence and Computer Forensics
 Computer
forensics – collecting, analyzing,
authentication, preservation and analysis of data/on
storage media/used in court
Security and Control Framework

Types of controls
General (govern design, security, and use of computer
programs/security of data files/throughout organization’s
infrastructure)
 Application (specific controls unique to each computerized
application such as payroll or order processing)



Input, Processing, output controls
Risk Assessment (determines level of risk to the firm)

Once risks assessed, system builders will look at control
points with greatest vulnerability and potential for loss
Security and Control Framework (cont)

Security Policy
Created after risk assessment
 How to protect company’s assets
 Acceptable Use Policy (AUP) – acceptable uses of firms info
systems, etc.
 Identity Management – determine valid users of the system


Disaster Recovery
Hot Site vs Cold Site
 Business Continuity Planning


Auditing

MIS Audit (examines firm’s security environment)
Technologies and Tools for Protecting
Info Resources

Identity Management
 Authentication
 Passwords
 Token
 Smart
Cards
 Biometric authentication (human traits)
 What you know, what you have, who you are
Technologies (cont)

Firewalls (prevent unauthorized users from accessing
private networks)
Combination of hardware and software that controls the
flow of incoming and outgoing network traffic
 Identifies names, IP address, applications, and other
characteristics of incoming traffic




Intrusion detection systems (monitor for vulnerability)
Antivirus and Antispyware software
Unified threat management (UTM) (comprehensive
security management systems/inside a single device)
Wireless Security

Encryption and Public Key Infrastructure
Secure Socket Layer (SSL) – secure connection between computers
 Secure Hypertext Transfer Protocol (S-HTTP) – encrypts messages
 Public Key Encryption (PKE) - secure encryption/uses two keys
 Digital Certificates – data files to establish identity of users and
electronic assets
 Public key infrastructure (PKI) – public key cryptography working
with a certification authority.

System Availability







Online transaction processing (OLTP) – immediately
process transactions
Fault-tolerant computer systems – detect hardware
failures
High-availability computing – for recovering quickly from
a crash
Downtime – periods when system operational
Recovery-oriented computing – try to minimize downtime
Deep packet inspection (DPI) – examines data files and
sorts out low-priority online material/assigns higher priority
to business critical functions
Security Outsourcing

Managed security service providers (MSSP) – monitor network
activity