• Share
  • Email
  • Embed
  • Like
  • Save
  • Private Content
Data Security

Data Security






Total Views
Views on SlideShare
Embed Views



0 Embeds 0

No embeds



Upload Details

Uploaded via as Microsoft PowerPoint

Usage Rights

© All Rights Reserved

Report content

Flagged as inappropriate Flag as inappropriate
Flag as inappropriate

Select your reason for flagging this presentation as inappropriate.

  • Full Name Full Name Comment goes here.
    Are you sure you want to
    Your message goes here
Post Comment
Edit your comment

    Data Security Data Security Presentation Transcript

    • Data Security
    • Topics to be covered
      • Encryption
      • Firewalls
      • Virtual Private Network
      • Authentication
      • Digital Certification
        • Digital Certificate
        • Certification Authorities
        • Digital Signatures
      • Internet Virus
      • Online Data Security Assistants
    • Encryption
      • The translation of data into a secret code. Encryption is the most effective way to achieve data security.
      • To read an encrypted file, you must have access to a secret key or password that enables you to decrypt it.
      • Unencrypted data is called plain text; encrypted data is referred to as cipher text.
      • There are two main types of encryption: asymmetric encryption (also called public-key encryption) and symmetric encryption.
    • Firewall
      • A combination of hardware and software that secures access to and from the LAN.
      • A firewall blocks unwanted access to the protected network while giving the protected network access to networks outside of the firewall.
      • An organization will typically install a firewall to give users access to the internet while protecting their internal information.
    • Sample usage of Firewall Public/External Internet Users Intranet Clients Servers ERP Legacy systems E-mail servers Web servers Databases Firewalls
    • Virtually Private Network (VPN)
      • VPN is a secure network on the Internet using
      • the tunneling schemes
      • “ tunnels ” are secure data flows w/ cryptography and authorization algorithms
      • The major objective of a VPN is to use the Internet as an inexpensive WAN backbone
    • VPNs (cont:)
      • When two sites are connected across a VPN, each must have a VPN-capable router, firewall, or VPN access device installed
      • When VPN is used to link mobile clients with Internet dial-up connections, the laptops must be equipped with VPN client software equipped with the addresses and associated encryption keys for corporate host sites
    • Usage of the VPNs Tunneling Internet Extranet Intranet Firewall Intranet Firewall Suppliers VPN Distributors VPN Customers VPN
    • Authentication
      • Determines a user's identity, as well as determining what a user is authorized to access.
      • The most common form of authentication is user name and password, although this also provides the lowest level of security.
      • VPNs use digital certificates and digital signatures to more accurately identify the user.
    • Digital Certificate
      • Electronic counterparts to driver licenses, passports.
      • Certificates are the framework for identification information, and bind identities with public keys.
      • They provide a foundation for
          • identification ,
          • authentication and
          • non-repudiation.
      • Enable individuals and organizations to secure business and personal transactions across communication networks .
    • Certification Authorities
        • Trusted organization that issues certificates and maintains status information about certificates.
        • Certification Practice Statement
    • How Digital Certificates work?
      • Generate Public and Private Keys.
      • Get Certificate from the CA
      • Sign the document/page using the private key.
      • Send signed document over open networks along with the CA’s certificate.
      • Recipient verifies using the signing CA’s public key
      • Trust Chain and Fingerprints
    • Types of Certificates
      • Root or Authority certificates
      • These are self signed by the CA that created them
      • Institutional authority certificates
      • Also called as “campus certificates”
      • Client certificates
      • These are also known as end-entity
      • certificates, identity certificates,or personal
      • certificates.
      • Web server certificates
      • used for secure communications to and from
      • Web servers
    • Digital Signature
      • An electronic signature that can be used to authenticate the identity of the sender of a message, or of the signer of a document.
      • It can also be used to ensure that the original content of the message or document that has been conveyed is unchanged.
    • Internet Virus Issue
      • Computer virus
        • A virus is a type of program that can replicate itself by making (possibly modified) copies of itself.
        • A virus can only spread from one computer to another when its host is taken to the uninfected computer, for instance by a user sending it over a network or carrying it on a removable disk
    • Internet Virus Issue (cont)
        • Macro virus
          • Macro viruses are a special case of viruses. Instead of infecting software program files directly, macro viruses infect Microsoft Office documents and templates.
        • Worm
          • computer worms are malicious programs that copy themselves from system to system, rather than sensitive legal files.
        • Trojan horse
          • Trojans, another form of malware, are generally agreed upon as doing something other than the user expected, with that “something” defined as malicious.
    • Internet Virus Issue (cont)
        • Hybrids
          • In fact, most dangerous software combines the features of several types. One of the first successful e-mail attacks, the Happy99 Virus , wasn't merely a virus.
        • Malware
          • Taken as a group, these many types of software are called "malicious software", because they modify your computer's files without asking and attempt to perform some kind of annoying or dangerous activity.
        • Spam
          • "Spamming [the sending of unsolicited email] is the scourge of electronic-mail and newsgroups on the Internet.
    • Virus Encyclopedia
      • 1. File Viruses, DOS
      • 2. Boot Viruses
      • 3. Multipartite (File and Boot) Viruses
      • 4. Multi-Platform Viruses
      • 5. NewExe Viruses
      • 6. Macro Viruses
      • 7. Virus Constructors
      • 8. Windows HLP Viruses
      • 9. Java Viruses
      10. Trojan horses 11. Script Viruses 12. Internet Worms 13. Virus Hoaxes and Non- Viruses 14. Palm 15. Malware 16. Jokes 17. Worms 18. Spam
    • Top Ten Virus List
      • Install anti-virus software and keep the virus definitions up to date.
      • Don't automatically open attachments
      • Scan all incoming email attachments
      • Get immediate protection
      • Update your anti-virus software frequently.
      • Avoid downloading files you can't be sure are safe
      • Don't boot from a floppy disk
      • Don't share floppies
      • Scan floppies before using them
      • Use common sense
      Golden Tips to prevent Virus
    • Main Features of AntiVirus
      • Provides complete e-mail
      • Eliminates all types of viruses  
      • Easy to use: install and forget
      • Automatic virus definitions updates  
      • Uses powerful virus scanning engines  
      • Provides complete e-mail protection
      • Creates detailed scan reports ..etc
    • Powerful Anti-Virus Virus Encyclopedia http:// www.antivirus.com/vinfo/virusencyclo / Virus pattern downloads http:// www.antivirus.com/download/pattern.asp Subscribe to email alerts on Virus http:// www.antivirus.com/vinfo / Online virus scanner, Housecall                             http:// housecall.antivirus.com / Real-time Virus Tracking http:// wtc.trendmicro.com/wtc / Mcafee Security http:// www.mcafee.com Nortan Antivirus http:// symantec.com
      • www.cert.org
    • www.mmcert.org.mm
    • Thanks You! e-mail : [email_address] MCC- [email_address] Tel : 245758, 245762