5.5 incorporating security in it solutions (mauritius)
Upcoming SlideShare
Loading in...5
×
 

5.5 incorporating security in it solutions (mauritius)

on

  • 487 views

 

Statistics

Views

Total Views
487
Views on SlideShare
451
Embed Views
36

Actions

Likes
0
Downloads
2
Comments
0

1 Embed 36

http://www.corporateregistersforum.org 36

Accessibility

Categories

Upload Details

Uploaded via as Microsoft PowerPoint

Usage Rights

© All Rights Reserved

Report content

Flagged as inappropriate Flag as inappropriate
Flag as inappropriate

Select your reason for flagging this presentation as inappropriate.

Cancel
  • Full Name Full Name Comment goes here.
    Are you sure you want to
    Your message goes here
    Processing…
Post Comment
Edit your comment

    5.5 incorporating security in it solutions (mauritius) 5.5 incorporating security in it solutions (mauritius) Presentation Transcript

    • SECURITY
      Incorporating Security in IT Solutions for Corporate Registers
    • SECURITY COMPONENTS
      Physical Security
      Server and System Software Security
      Database Security and Audit Trail
      Authentication to the Application
      Application Level Security
      Online Applications Security
    • PHYSICAL SECURITY OF IT
      Environmental design Air Conditioning, Dual UPS and Standby Generators
      Electronic and procedural access control Biometric Access control for controlling user access points
      Datacenter access limited to IT administrators
      Intrusion detection and Video monitoring Security alarms and CCTV for incident notification and verification
    • SECURITY COMPONENTS
      High Available Cluster System For Database and Application Server - protection against a single server failure
      Disaster Recovery System- protection against disaster at Main site
      Firewall and Intrusion Prevention System
      Antivirus/ Antispyware server
      Data Protection System- Automated backup of servers and databases
    • Up to date with latest Security patches and fixes
      Logging of access to all server services
      Use of encryption for network communication
      Maintain a proper system backup policy
      SERVERS AND OS SECURITY
    • USER AND PASSWORD MANAGEMENT
      Restriction of User ID to an agreed number of alphanumeric characters (Include special characters in Password @,#)
      Maintain password Complexity
      No shared ID issued to multiple users
      Disabling of Inactive account accounts after an agreed time period
      Locking of users of a successive given attempts of failed login
    • USER AND PASSWORD MANAGEMENT cont..
      Initial Password allocated to user will be one time. User forced to change his password on first log in
      Users forced to change their password after an agreed time period from the last password change date.
      User sessions will time-out after an agreed period of inactivity
    • APPLICATION - LEVEL
      Access to user on system will be depending on their access rights (Filing officer accessing filing system, Cashier accessing cash collection system, Companies officer accessing Companies Administration Module, Management of ROC accessing all systems )
      Access rights to record application
      Access rights to approve application
      Access rights to insert, update and delete
    • APPLICATION – AUDIT TRAIL
      Any record created in the database will have the user stored in the database and the date it has been created.
      The user who has last updated the record will be stored in the database.
      Any table in the database can be audited and any updates made can be logged.
      Tracking of Status on Application (Recorded, In Progress, Rejected or Approved).
      Tracking of Status of Companies (Incorporated, Amalgamate, Dissolve, Wind-Up)
    • ELECTRONIC SUBMISSIONS
      Information recorded in a temporary database in the DMZ server.
      ROC Staff validate the data before sending it in the live database.
      Each company will have a password to access their account. They can use it to submit their applications online.