• Share
  • Email
  • Embed
  • Like
  • Save
  • Private Content
How to Secure Your Organisation Data
 

How to Secure Your Organisation Data

on

  • 469 views

 

Statistics

Views

Total Views
469
Views on SlideShare
320
Embed Views
149

Actions

Likes
1
Downloads
0
Comments
0

1 Embed 149

http://secudemy.com 149

Accessibility

Categories

Upload Details

Uploaded via as Adobe PDF

Usage Rights

© All Rights Reserved

Report content

Flagged as inappropriate Flag as inappropriate
Flag as inappropriate

Select your reason for flagging this presentation as inappropriate.

Cancel
  • Full Name Full Name Comment goes here.
    Are you sure you want to
    Your message goes here
    Processing…
Post Comment
Edit your comment

    How to Secure Your Organisation Data How to Secure Your Organisation Data Presentation Transcript

    • Mr.$OU$Phannarith$Head$of$CamCERT$Permanent$Member$of$$Cybercrime$Law$Working$Group$$National$ICT$Development$Authority$OfHice$of$The$Council$of$Ministers$Email:$phannarith[at]camcert.gov.kh$$ 1"
    • !  Basic"Understanding"of"Information"Security" !  Malware"Fundamental" !  Protect"Your"Password" !  Social"Engineering"and"Phishing"" !  Suggestion"and"Recommendation" !  Question"and"Answers". - : @ . ! 2"
    • 3"
    • ConIidentiality"–"of"the"information" Confidenality- Information"on"the"company"or"organization" should"never"be"accessible"to"users"without" permission" " Integrity"–"of"application"and"information" Accuracy"and"completeness"of"information" are"preserved" " Availability- Integrity- Availability"–"of"the"system" Information"is"accessible"by"authorized"users" when"required". - : @ . ! 4"
    • Why"Information"Security"is"important?"" Protecting"computer"system"or"its"user"from"threats"that" may"occur"" Threats"and"Damage"will"differ"depending"on"computer" system’s"characteristic"" Protecting"the"system"and"its"users"from"threat"and" minimize"damage". - : @ . ! 5"
    • Relationship$between$threat,$vulnerability$and$loss$ Threat" Loss" Vulnera bility" Attacker$+$No$Security$Patch$=$Data$Destruction$. - : @ . ! 6"
    • Information$ Threats$ Assets$ Something"that"can"potentially" Information"stored"in"any" cause"damage"to"information"" Countermeasure$ manner"which"recognized"as" assets" ‘valuable’"to"the"organization"" Vulnerability$ A"Weakness"in"the" organization,"computer" system"or"network"that"can" be"exploited"by"threat". - : @ . ! 7"
    • Information$ Threats$ Assets$ Something"that"can"potentially" Information"stored"in"any" cause"damage"to"information"" Countermeasure$ manner"which"recognized"as" assets" ‘valuable’"to"the"organization"" Vulnerability$ If"vulnerability"exist,"threats" can"attack"your"information" assets". - : @ . ! 8"
    • Information$ Threats$ Assets$ Something"that"can"potentially" Information"stored"in"any" cause"damage"to"information"" Countermeasure$ manner"which"recognized"as" assets" ‘valuable’"to"the"organization"" Vulnerability$is$Hixed$ Information"assets"can"be" kept"secure,"even"if"threats" exist.". - : @ . ! 9"
    • •  Do"you"use"license"operating"system"(OS)?" •  Have"you"even"been"update"your"OS?"" •  Have"you"even"been"update"your"daily"use" software?" •  Do"you"update"your"antiavirus"regularly?". - : @ . ! 10"
    • . - : @ . ! 11"
    • Physical&& The"most" difIicult" part"to" handle" Secure& Hardware& Human&& Your& && So6ware& Data& Policy&&& Standard&. - : @ . ! 12"
    • 13"
    • Malware"or"Malicious" Threats" software" Virus" Worm" Trojans". - : @ . ! 14"
    • •  Infect"object"on"the"disk"" •  Travel"autonomously"from"PC"to"PC" •  Trigger"by"individual"action"such"as"Open" email"attachment" •  Spread"automatically" •  Install"itself"into"the"PC"and"looking"other" PCs"to"infect" •  Email"worm"need"individual"action"to"spread" •  Network"worm"spread"without"the"need"for" human"interaction". - : @ . ! 15"
    • •  Install"silently"in"the"PC"by"Email" attachment,"visit"infected"website,"…etc." •  PC"work"normally"without"any"consent" from"the"users" •  They"don’t"selfareplicate,"but"relies"on" connectivity"provided"by"the"Internet" •  There"are"many"kinds"of"Trojans:" •  Backdoor"Trojans" •  Keyalogger"Trojans" •  Banking"Trojans". - : @ . ! 16"
    • Can-done-anything:-Sending-Spam,- Before" Collecng-confidenal-data,-stealing- password,-etc.-and-espcially-connect-PC- with-PC-to-create-an-infected-network- (BOTNET).-- Virus" Worm" Trojans" Now"–"Hybrid"Malware" Virus& Worm& Trojans&. - : @ . ! 17"
    • 18"
    • •  How"often"do"you"change"your"password?" •  Do"you"use"your"name,"telephone,"date"of"birth," as"your"password?" •  Do"you"use"the"same"password"for"every" services?" •  Do"you"share"your"password"with"anybody?". - : @ . ! 19"
    • Easily"Guessed"Password" •  No"Password"is"set" •  Password"same"as"the"account"name" Dictionary"Attack" •  Prepared"words"that"the"user"is"likely"to"use"as" passwords"in"a"dictionary"Iile"and"attempt"to"Iind" matching"password" Brute"Force"Attack" •  This"is"simple"method"to"try"all"possible"combinations"as" passwords" •  It"take"huge"amount"of"time,"although,"theoretically,"it" can"break"any"password"without"fail". - : @ . ! 20"
    • Which"password"below"is"your"password?" Top$25$Popular$Password$in$2011$ 1."password" "2."123456 "3."12345678 "4."qwerty" 5."abc123 "6."monkey "7."1234567 "8."letmein" 9."trustno1 "10."dragon "11."baseball "12."111111" 13."Iloveyou "14."master "15."sunshine "16."ashley" 17."bailey "18."passw0rd"19."shadow "20."123123" 21."654321 "22."superman"23."qazwsx "24."michael" 25."football". - : @ . ! 21"
    • How"to"secure"your"password". - : @ . ! 22"
    • 23"
    • . - : @ . ! 24"
    • . - : @ . ! 25"
    • . - : @ . ! 26"
    • . - : @ . ! 27"
    • 28"
    • User"antiavirus"and"update"it"regularly"" Install"a"Personal"Firewall" Install"latest"security"update" Don’t"open"an"email"you"do"not"trust" Keep"learning!". - : @ . ! 29"
    • You"organization"data"security"is"depending"on" the"weakness"link" Don’t"make"yourself"as"the"weakness"link". - : @ . ! 30"
    • Mr.$OU$Phannarith$Head$of$CamCERT$Permanent$Member$of$$Cybercrime$Law$Working$Group$$National$ICT$Development$Authority$OfHice$of$The$Council$of$Ministers$Email:$phannarith[at]camcert.gov.kh$$ 31"