Data Security

1,038 views
994 views

Published on

Published in: Business, Technology
0 Comments
0 Likes
Statistics
Notes
  • Be the first to comment

  • Be the first to like this

No Downloads
Views
Total views
1,038
On SlideShare
0
From Embeds
0
Number of Embeds
0
Actions
Shares
0
Downloads
91
Comments
0
Likes
0
Embeds 0
No embeds

No notes for slide

Data Security

  1. 1. Data Security
  2. 2. Topics to be covered <ul><li>Encryption </li></ul><ul><li>Firewalls </li></ul><ul><li>Virtual Private Network </li></ul><ul><li>Authentication </li></ul><ul><li>Digital Certification </li></ul><ul><ul><li>Digital Certificate </li></ul></ul><ul><ul><li>Certification Authorities </li></ul></ul><ul><ul><li>Digital Signatures </li></ul></ul><ul><li>Internet Virus </li></ul><ul><li>Online Data Security Assistants </li></ul>
  3. 3. Encryption <ul><li>The translation of data into a secret code. Encryption is the most effective way to achieve data security. </li></ul><ul><li>To read an encrypted file, you must have access to a secret key or password that enables you to decrypt it. </li></ul><ul><li>Unencrypted data is called plain text; encrypted data is referred to as cipher text. </li></ul><ul><li>There are two main types of encryption: asymmetric encryption (also called public-key encryption) and symmetric encryption. </li></ul>
  4. 4. Firewall <ul><li>A combination of hardware and software that secures access to and from the LAN. </li></ul><ul><li>A firewall blocks unwanted access to the protected network while giving the protected network access to networks outside of the firewall. </li></ul><ul><li>An organization will typically install a firewall to give users access to the internet while protecting their internal information. </li></ul>
  5. 5. Sample usage of Firewall Public/External Internet Users Intranet Clients Servers ERP Legacy systems E-mail servers Web servers Databases Firewalls
  6. 6. Virtually Private Network (VPN) <ul><li>VPN is a secure network on the Internet using </li></ul><ul><li>the tunneling schemes </li></ul><ul><li>“ tunnels ” are secure data flows w/ cryptography and authorization algorithms </li></ul><ul><li>The major objective of a VPN is to use the Internet as an inexpensive WAN backbone </li></ul>
  7. 7. VPNs (cont:) <ul><li>When two sites are connected across a VPN, each must have a VPN-capable router, firewall, or VPN access device installed </li></ul><ul><li>When VPN is used to link mobile clients with Internet dial-up connections, the laptops must be equipped with VPN client software equipped with the addresses and associated encryption keys for corporate host sites </li></ul>
  8. 8. Usage of the VPNs Tunneling Internet Extranet Intranet Firewall Intranet Firewall Suppliers VPN Distributors VPN Customers VPN
  9. 9. Authentication <ul><li>Determines a user's identity, as well as determining what a user is authorized to access. </li></ul><ul><li>The most common form of authentication is user name and password, although this also provides the lowest level of security. </li></ul><ul><li>VPNs use digital certificates and digital signatures to more accurately identify the user. </li></ul>
  10. 10. Digital Certificate <ul><li>Electronic counterparts to driver licenses, passports. </li></ul><ul><li>Certificates are the framework for identification information, and bind identities with public keys. </li></ul><ul><li>They provide a foundation for </li></ul><ul><ul><ul><li>identification , </li></ul></ul></ul><ul><ul><ul><li>authentication and </li></ul></ul></ul><ul><ul><ul><li>non-repudiation. </li></ul></ul></ul><ul><li>Enable individuals and organizations to secure business and personal transactions across communication networks . </li></ul>
  11. 11. Certification Authorities <ul><ul><li>Trusted organization that issues certificates and maintains status information about certificates. </li></ul></ul><ul><ul><li>Certification Practice Statement </li></ul></ul>
  12. 12. How Digital Certificates work? <ul><li>Generate Public and Private Keys. </li></ul><ul><li>Get Certificate from the CA </li></ul><ul><li>Sign the document/page using the private key. </li></ul><ul><li>Send signed document over open networks along with the CA’s certificate. </li></ul><ul><li>Recipient verifies using the signing CA’s public key </li></ul><ul><li>Trust Chain and Fingerprints </li></ul>
  13. 13. Types of Certificates <ul><li>Root or Authority certificates </li></ul><ul><li>These are self signed by the CA that created them </li></ul><ul><li>Institutional authority certificates </li></ul><ul><li>Also called as “campus certificates” </li></ul><ul><li>Client certificates </li></ul><ul><li>These are also known as end-entity </li></ul><ul><li>certificates, identity certificates,or personal </li></ul><ul><li>certificates. </li></ul><ul><li>Web server certificates </li></ul><ul><li>used for secure communications to and from </li></ul><ul><li>Web servers </li></ul>
  14. 14. Digital Signature <ul><li>An electronic signature that can be used to authenticate the identity of the sender of a message, or of the signer of a document. </li></ul><ul><li>It can also be used to ensure that the original content of the message or document that has been conveyed is unchanged. </li></ul>
  15. 15. Internet Virus Issue <ul><li>Computer virus </li></ul><ul><ul><li>A virus is a type of program that can replicate itself by making (possibly modified) copies of itself. </li></ul></ul><ul><ul><li>A virus can only spread from one computer to another when its host is taken to the uninfected computer, for instance by a user sending it over a network or carrying it on a removable disk </li></ul></ul>
  16. 16. Internet Virus Issue (cont) <ul><ul><li>Macro virus </li></ul></ul><ul><ul><ul><li>Macro viruses are a special case of viruses. Instead of infecting software program files directly, macro viruses infect Microsoft Office documents and templates. </li></ul></ul></ul><ul><ul><li>Worm </li></ul></ul><ul><ul><ul><li>computer worms are malicious programs that copy themselves from system to system, rather than sensitive legal files. </li></ul></ul></ul><ul><ul><li>Trojan horse </li></ul></ul><ul><ul><ul><li>Trojans, another form of malware, are generally agreed upon as doing something other than the user expected, with that “something” defined as malicious. </li></ul></ul></ul>
  17. 17. Internet Virus Issue (cont) <ul><ul><li>Hybrids </li></ul></ul><ul><ul><ul><li>In fact, most dangerous software combines the features of several types. One of the first successful e-mail attacks, the Happy99 Virus , wasn't merely a virus. </li></ul></ul></ul><ul><ul><li>Malware </li></ul></ul><ul><ul><ul><li>Taken as a group, these many types of software are called &quot;malicious software&quot;, because they modify your computer's files without asking and attempt to perform some kind of annoying or dangerous activity. </li></ul></ul></ul><ul><ul><li>Spam </li></ul></ul><ul><ul><ul><li>&quot;Spamming [the sending of unsolicited email] is the scourge of electronic-mail and newsgroups on the Internet. </li></ul></ul></ul>
  18. 18. Virus Encyclopedia <ul><li>1. File Viruses, DOS </li></ul><ul><li>2. Boot Viruses </li></ul><ul><li>3. Multipartite (File and Boot) Viruses </li></ul><ul><li>4. Multi-Platform Viruses </li></ul><ul><li>5. NewExe Viruses </li></ul><ul><li>6. Macro Viruses </li></ul><ul><li>7. Virus Constructors </li></ul><ul><li>8. Windows HLP Viruses </li></ul><ul><li>9. Java Viruses </li></ul>10. Trojan horses 11. Script Viruses 12. Internet Worms 13. Virus Hoaxes and Non- Viruses 14. Palm 15. Malware 16. Jokes 17. Worms 18. Spam
  19. 19. Top Ten Virus List
  20. 20. <ul><li>Install anti-virus software and keep the virus definitions up to date. </li></ul><ul><li>Don't automatically open attachments </li></ul><ul><li>Scan all incoming email attachments </li></ul><ul><li>Get immediate protection </li></ul><ul><li>Update your anti-virus software frequently. </li></ul><ul><li>Avoid downloading files you can't be sure are safe </li></ul><ul><li>Don't boot from a floppy disk </li></ul><ul><li>Don't share floppies </li></ul><ul><li>Scan floppies before using them </li></ul><ul><li>Use common sense </li></ul>Golden Tips to prevent Virus
  21. 21. Main Features of AntiVirus <ul><li>Provides complete e-mail </li></ul><ul><li>Eliminates all types of viruses   </li></ul><ul><li>Easy to use: install and forget </li></ul><ul><li>Automatic virus definitions updates   </li></ul><ul><li>Uses powerful virus scanning engines   </li></ul><ul><li>Provides complete e-mail protection </li></ul><ul><li>Creates detailed scan reports ..etc </li></ul>
  22. 22. Powerful Anti-Virus Virus Encyclopedia http:// www.antivirus.com/vinfo/virusencyclo / Virus pattern downloads http:// www.antivirus.com/download/pattern.asp Subscribe to email alerts on Virus http:// www.antivirus.com/vinfo / Online virus scanner, Housecall                             http:// housecall.antivirus.com / Real-time Virus Tracking http:// wtc.trendmicro.com/wtc / Mcafee Security http:// www.mcafee.com Nortan Antivirus http:// symantec.com
  23. 24. <ul><li>www.cert.org </li></ul>
  24. 25. www.mmcert.org.mm
  25. 26. Thanks You! e-mail : [email_address] MCC- [email_address] Tel : 245758, 245762

×