Your SlideShare is downloading. ×
5.5 incorporating security in it solutions (mauritius)
Upcoming SlideShare
Loading in...5
×

Thanks for flagging this SlideShare!

Oops! An error has occurred.

×
Saving this for later? Get the SlideShare app to save on your phone or tablet. Read anywhere, anytime – even offline.
Text the download link to your phone
Standard text messaging rates apply

5.5 incorporating security in it solutions (mauritius)

319
views

Published on

Published in: Business

0 Comments
0 Likes
Statistics
Notes
  • Be the first to comment

  • Be the first to like this

No Downloads
Views
Total Views
319
On Slideshare
0
From Embeds
0
Number of Embeds
1
Actions
Shares
0
Downloads
2
Comments
0
Likes
0
Embeds 0
No embeds

Report content
Flagged as inappropriate Flag as inappropriate
Flag as inappropriate

Select your reason for flagging this presentation as inappropriate.

Cancel
No notes for slide

Transcript

  • 1. SECURITY
    Incorporating Security in IT Solutions for Corporate Registers
  • 2. SECURITY COMPONENTS
    Physical Security
    Server and System Software Security
    Database Security and Audit Trail
    Authentication to the Application
    Application Level Security
    Online Applications Security
  • 3. PHYSICAL SECURITY OF IT
    Environmental design Air Conditioning, Dual UPS and Standby Generators
    Electronic and procedural access control Biometric Access control for controlling user access points
    Datacenter access limited to IT administrators
    Intrusion detection and Video monitoring Security alarms and CCTV for incident notification and verification
  • 4. SECURITY COMPONENTS
    High Available Cluster System For Database and Application Server - protection against a single server failure
    Disaster Recovery System- protection against disaster at Main site
    Firewall and Intrusion Prevention System
    Antivirus/ Antispyware server
    Data Protection System- Automated backup of servers and databases
  • 5. Up to date with latest Security patches and fixes
    Logging of access to all server services
    Use of encryption for network communication
    Maintain a proper system backup policy
    SERVERS AND OS SECURITY
  • 6. USER AND PASSWORD MANAGEMENT
    Restriction of User ID to an agreed number of alphanumeric characters (Include special characters in Password @,#)
    Maintain password Complexity
    No shared ID issued to multiple users
    Disabling of Inactive account accounts after an agreed time period
    Locking of users of a successive given attempts of failed login
  • 7. USER AND PASSWORD MANAGEMENT cont..
    Initial Password allocated to user will be one time. User forced to change his password on first log in
    Users forced to change their password after an agreed time period from the last password change date.
    User sessions will time-out after an agreed period of inactivity
  • 8. APPLICATION - LEVEL
    Access to user on system will be depending on their access rights (Filing officer accessing filing system, Cashier accessing cash collection system, Companies officer accessing Companies Administration Module, Management of ROC accessing all systems )
    Access rights to record application
    Access rights to approve application
    Access rights to insert, update and delete
  • 9. APPLICATION – AUDIT TRAIL
    Any record created in the database will have the user stored in the database and the date it has been created.
    The user who has last updated the record will be stored in the database.
    Any table in the database can be audited and any updates made can be logged.
    Tracking of Status on Application (Recorded, In Progress, Rejected or Approved).
    Tracking of Status of Companies (Incorporated, Amalgamate, Dissolve, Wind-Up)
  • 10. ELECTRONIC SUBMISSIONS
    Information recorded in a temporary database in the DMZ server.
    ROC Staff validate the data before sending it in the live database.
    Each company will have a password to access their account. They can use it to submit their applications online.