Here mainly i discuss about " How we will securing our information system. mainly discuss about the threat,Cause and the way of securing our most impotent data."
2. An Information System (IS) is a combination of hardware, software,
infrastructure and trained personnel organized to facilitate planning,
control, coordination and decision making in an organization.
What is Information System
3. What is Information System for
Information System is A networks of hardware and software that people and organizations
use to collect, filter, process, create and also distribute data.
Collect Filter Process Create Distribute
DATA
4. Factors Increasing the Threats to
Information Security
• Today’s interconnected, interdependent, wirelessly networked business
environment
• Government legislation
• Smaller, faster, cheaper computers and storage devices
• Decreasing skills necessary to be a computer hacker
• International organized crime turning to cybercrime
• Downstream liability
• Increased employee use of unmanaged devices
• Lack of management support
5. Why systems are vulnerable
• Human errors.
• Hardware problems .
• Software problems.
• Use of networks/computers outside of firm’s control
• Loss and theft of portable devices
• Malware (malicious software)
• Disaster.
11. Loss of portable device
• If portable device containing organization information and lost then information may insecure.
12. Malware (malicious software)
Viruses Rogue software program that attaches itself to other software programs or data files in
order to be executed.
15. Malware (malicious software)
Spyware: Programs install themselves surreptitiously on computers to monitor user Web surfing
activity and serve up advertising.
16. Other issues which can affect information
Disaster: because of disaster information can lost too.
17. Objective of Securing Information System
• The goal of security management is the accuracy, integrity, and safety
of all information system processes and resources in organization.
18. Objective of Securing Information System
Integrity Models : keep data pure and trustworthy by
protecting system data from intentional or accidental
changes. Integrity models have three goals:
• Prevent unauthorized users from making modifications to data or
programs.
• Prevent authorized users from making improper or unauthorized
modifications.
• Maintain internal and external consistency of data and programs.
19. Objective of Securing Information System
Availability Models : keep data and resources available for authorized
use, especially during emergencies or disasters. Information security
professionals usually address three common challenges to availability:
• Denial of service (DoS) due to intentional attacks or because of undiscovered flaws in
implementation (for example, a program written by a programmer who is unaware of a flaw
that could crash the program if a certain unexpected input is encountered)
• Loss of information system capabilities because of natural disasters (fires, floods, storms, or
earthquakes) or human actions
• Equipment failures during normal use
20. Objective of Securing Information System
Confidentiality Models
Confidentiality model preserve confidentiality integrity and availability only for authorize
personal .