SlideShare a Scribd company logo

Information security

Download as DOCX, PDF
F
festus mwangi

information

Environment
1 of 7
InformationSecurity 1 Information Security Name Course Name Professor Institution Affiliation Date
InformationSecurity 2 Introduction Organization information is very vital, as organizations have resorted to storing all the information on computer devices. This, however, creates a security risk that calls for proper measures to ensure the information is secure. This paper will address the issues involving organization information security and ways to ensure the information is secure. 1. Principlesofsecuringorganizational information 1.1.Describe the differenttypesoforganizational information There are three typesof organizational information;theyincludecomputer-basedinformation, visual/printedinformationandaudible/oral information. Computerbasedinformationisdatawhichhasbeenelectronicallyprocessedand transmitted betweentwodataprocessingsystems orstoredina standalone computer.The computerbased informationsystemincludesthatmedia,whichstoresthe informationelectronically,the software usedto manipulate the information,the operatingsystemsoftware andnetworkingaswell asthe telecommunicationinfrastructure (TheSecurityInstitute,2016). Visual/printedinformationconsistsof informationthathasbeenprintedorwrittenon paper.The printedorwritteninformationiscommonlyknownasthe hardcopy,whichdiffersfromcomputer- basedinformationreferredtoasthe softcopy. However,the securityapplicationof suchvisual/ printedinformationisalsoapplicable toreadable formatoncomputerscreens (TheSecurity Institute,2016) Oral/audibleinformationconsistsof aspokenwordthroughtelephone conversationsonatelephone network.Itshould,however,be understoodthatthe developmentof computerbasedprogramshas blurredthe line betweenaudibleinformationandcomputerbasedinformation.The audible informationwill dependonhowthe informationisinstalled,whetherasa standalone systemor networkedwithothercomputersystems (TheSecurityInstitute,2016). 1.2. The content ofa securitypolicy and the ISO standard for information protection In the fieldof informationsecuritymanagement,the followingshouldbe includedinasecuritypolicy and the International OrganizationforStandardsforinformationprotection.Thesestandardsensure that the sharingof informationtakesplace whileprotectingdataandcomputingassets (The Security Institute,2016). Protectionof sensitive information andassetsfromunwarranteddisclosureorinterceptionby unauthorizedindividualsisreferredtoasconfidentiality.Reasonsforpreventingdataaccessare due to lack of authorizedclearance,andthe needtoknow-basis.Inthe case of an attack, the potential attackerlacks clearance forthe informationbeingaccessed.Suchcasesare more prevalentin governmentsystemswhere securityclearance levelsare definedaccordingtothe differentlevelsof access andrank. On a needtoknowbasis,the potential attackermightbe holdingageneral level of authoritythatmighttheoreticallygrantthemdataaccess.However,theycanstill be blockedfrom accessingthe data on a need–to-knowbasis.The criteriatobe usedingrantingthe accessto the data are commonlydeterminedlocally.Suchcriteriamightnotinvolverankorstatus as a reasonto have access tothe sensitiveinformation (The SecurityInstitute,2016).
InformationSecurity 3 Integrityisanothersafeguardingmeasure thatisincludedinthe ISOstandardsas well asthe security policy.Thismeasure ensuresaccuracyand competence of information aswell asthe computer software.The integrityof informationinvolvestwolevels,i.e.,baselinelevel andenhanced protection.Toensure integrity,there isaneedtohave an anti-virussoftware forpreventing maliciouscodes,anon-alterable mediumsuchasa CD-ROMfordata storage,a mastercopy to be usedforcomparison,anda mathematical checksumtoensure there isnodata modification.The checksumisusuallyaprogram that isinbuiltandservestoidentifywhetherdatahasbeenchanged or manipulated.Also,adigital signature isnormallyusedforadditional integrity (The Security Institute,2016). However,securitycontrolsusedtoensure confidentialitycanalsobe usedtoensure integrity.Such controlsmightbe usedto write,modifyandread permissionindependently (TheSecurityInstitute, 2016). Availabilityof informationisanotherpolicymeasure onthe ISOstandardthat seekstoensure that informationandothervital servicesare availablewheneveranauthorizedindividualsrequire it. The availabilityrequirements,inmostcases,are definedbythe operatingsystemof acomputer,whichis the systemlevel orthe service level,wheresystemuserinteractionstake place. However,the term availabilityishardtoapplyon data directlysince the attacktakesplace on the systemorservice. Instanceswhere deliberate attacksonservice orsystemtopreventdataaccessibilityare knownas DeferredDenial of Service (DDoS) (TheSecurityInstitute,2016). 1.3. Methodsof securinginformation from baseline protectionto multiple countermeasures Baseline protectionisthe type of protectionappliedtonormal situationssuchassecuritycontrols that ensure goodpractice inthe industry.Onthe otherhand,enhancedprotectionisappliedin specificsurroundingswhere specificriskshave beenidentified.Whenimplementingenhanced security,there isaneedfora riskmanagementappraisal thathasbeenwell implementedthana baseline protection.The enhancedprotectionusesanantivirussoftware to protectthe systemfrom maliciouscodes,anon-alterable mediume.g.CD-ROMforstoringdata,a mastercopy to use for comparison,amathematical checksumtocheckfor anydata modificationormanipulation,and digital signaturesforadditional integrity (The SecurityInstitute,2016). 2. Threats to organizational informationusedin computer systems 2.1. The risk assessmentprocesswithinthe context ofinformation and data protection An objective assessmentshouldbe done onexistingcountermeasures suchasthe statutoryand legal requirements,informationassetsandrisksaffectingthose assetsregardingvulnerabilitybefore the installationof protective devicesandimplementationof procedures.Moreover,there isaneed to determine the mostcosteffective andmeasurestofollow.A considerationof potential attackers isalso necessarytotake at thisstage.Thisbecause attackersuse variouswaysand are motivated differentlywhileattacking (The SecurityInstitute,2016). 2.2. Advantages of implementingpasswordprotectionhierarchies In informationsecurity,itisadvisabletouse a passwordwhile protectinginformation.The user passwordshave several advantagessuchasprotectingunauthorizedaccesstoinformationinthe computer;passwordsare storedina protecteddatabase where hackerscannotbe able toaccess and passwordsgranta unique keytoaccess information,whichisonlyknown,tothe specificuser.
InformationSecurity 4 Also,passwordsenablecomputermanufacturerstograntthe user accessduringinitial installation stage.A passwordhasa lowcost of implementation,universallyacceptedandconvenient.However, passwordssometimeshave weaknesses,whichinclude,apasswordbeingtooshortor usingonly lettersinthe lowercase,use of dictionarynames,andthe use of commonwordsor substituting letterswithnumbersinthose commonwords.The weaknessesmentionedabove make iteasyfora hackerto guessthe password.Otheruserscarelesslyplace the password,orpasswordhintclose to theirdesktop,which makesiteasytoaccessthe informationonthatdesktop (The SecurityInstitute, 2016). Apart frompasswords,weaknessesthere are alsothreatsthatface informationaccessibility;such threatsare categorizedintoinsiderandoutsiderthreats. 2.3. Potential perpetrators ofthreats may be Insiderthreatsare those threatsposedbysomeone workingwiththe organizationandmisuses' informationthatcanbe a threatto the organization.Thismightbe eitherunwillinglydue tolackof trainingwhere the employeeisnotaware of the securityrequirementsorignorantof the company policiesdue tolackof awarenessof the companypolicies.Onthe otherhand,the threatmightbe willinglydue tocoercionsuchthatthe employee isforcedtodisclose the informationorentitlement, by missusingthe informationjustbecausehe/she can.Onthe otherhand,hackerswho obtain unauthorizedaccesstocomputersystemsandnetworkstochallengethemselvesorwithmalicious intent,pose external threats.The hackersmight accessanorganizationinformationwiththe intent of disclosingittothe publicorextortfinancesfromthe organization (TheSecurityInstitute,2016). 2.4. Threats posedby ‘hacking A hackeris typicallyathief whoidentifiesloopholesonthe networkora way to diverttechnical systemsfromtheirinitial purpose of anetworksystemandexploitsthe loopholetochallenge him/herself orgainfinanciallywiththe assistance of social engineeringtechnique.There are many waysthat to hack systemsfromexternal locations.Some of thesewaysare technical andrequire a lotof experiencesandspecificsystemsandsoftware.A hackermayuse wormsor Trojan horse to modifyasoftware andfacilitate unauthorizedaccessbycorruptingdata.Whena hackerhacks a website,the followingmightbe the motives,overt:whichinvolvesmaliciousmodificationof a website onatargetedsystem.Covert,placingaTrojanhorse and activate itlateror modifya software orconfigurationtoalloweasyaccessat a laterstage.Alsogatheringinformationtobe used inotherunauthorizedactions.The actionsmentionedabovepose athreatto the organizationswhen a hacker marksa particularorganizationasa target (The SecurityInstitute,2016). 3. The countermeasuresavailable to protect organizational information 3.1. Various typesof biometricsusedfor protection of information Informationsecurityisenhancedbythe use of biometricstograntaccess.A biometricdevice isa meansof access control that isreliable andfastinrecognizingindividuals.The device canuse facial recognitionwhere itcanstore the facesof people ina database andcross-referencethemtogrant access to information.Voice recognitioninvolvesdetectionof anindividual'sspokenwordand matchesit withthe one savedonthe systemwhile grantingaccess;irisrecognitioniscurrentlythe mostadvancedbiometricsystemwhichreadsthe irispatternonthe eye foraccessto be granted. Hand geometryandfingerprintbiometricsystemgrantaccessbyreadingthe patternsonthe hand and the fingerprintsince everyindividualhasadistinctpattern.Moreover,more researchisbeing
InformationSecurity 5 conductedtofindwaysof usingthe innerearand how we walkon biometrictechnology (The SecurityInstitute,2016). 3.2. Convergence inthe contextof informationsecurity Securityconvergence isthe termusedtodescribe the state of skillsintraditional security.The descriptioninvolvesthe provisionof securityandriskawarenesstraining,abilitytounderstandand handle humanattitudestowardssecurityrisk,the defense designthatasystemisusing,protection of organizationassetsandriskassessment.The skillsmentionedabove andothersare what we refer to as securityconvergence whentheyare combinedwiththe traditionalsecurity (The Security Institute,2016). 3.3. The importance of encryption inthe contextof information security Whenwe mentionaboutencryption,itissimplythe actof disguisingdatausinganalgorithmandan associatedsetof keys.The purpose forthisisto make the informationindecipherable and unreadable tothose wholackauthorization.The use of encryptionisappliedincomputersystems for protectionof high-value informationsuchaspasswordsthatprovide accesstothe system, protectionof data heldincomputersystemsinasecure storage andto protect data transmissionas well ascommunicationsystems.The encryptionensuresthatthe informationbeingtransmittedis not modifiable orreadable duringthe transmissionprocess.Thisensuresthe integrityof the informationduringtransmission.The encryptionhashelpedorganizationsprovide infrastructure services,e.g.trunkcommunicationservices,aswell asensuresintegritybetweensites,especially duringfinancial transactionsandotherremote paymentservices (The SecurityInstitute,2016). Encryptionhasalso provedtobe of benefitinWirelessLANssince somesendsignalsbeyondthe requiredregion,the encryptionhelpstosecure the informationfromthe public.The process requiresapublickeyinfrastructure tobe installed,whichisusedtomanage the use and verification of the keysthatare encrypted.Anotheradvantage of encryptionisthatithelpstosecure unsecured storage therebyprotectingthe informationfrombeingcompromisedonitsconfidentiality, availability,andintegrity (TheSecurityInstitute,2016). 3.4. The appropriate countermeasure fora giveninformationsecurity breach scenario Despite the measuresmentionedabove,there are timeswhenhackersmanage tobreachthe security.Whenasecuritybreachhappenstoan organization,there are certainstepstobe takento ensure the breachdoesnothappenagain.The firstthingto do isto report the breachjustlike any othersecurityissue tothe central coordinatingfunctionforinvestigation.Whilereporting,the investigatorswill require knowingthe detailsof whathasoccurred,whenthe incidentwasnoticed, whatsystemshave beenaffectedandwhatpositionyouholdinthe organizationthatmandatesyou to reportthe incident.The nextstepistopreserve the evidence byensuringsystemconfigurations, systemlogs,andaudittrailshave notbeenaltered.Alsoisolatingthe computersystemstopave the wayfor detailedevaluationtobe done (The SecurityInstitute,2016). At the organizationlevel,once the breachhastakenplace,the seniormanagementshouldassessthe impacton the business,evaluate the alternativesof resumingnormal service anddecide onwhat actionsto be takento preventa breachinthe future.Also,theyconsideractionstobe takenafter the investigationandthe changesinthe organizationproceduresandpoliciestobe implementedas a resultof the incident (The SecurityInstitute,2016).
InformationSecurity 6 Conclusion The progress in information security has taken huge strides towards being impenetrable, but so have hackers. The need for advanced security measures is growing every day. With the help of the points sited on this paper, managers can get a good understanding of the importance of information security as well as the various ways they can use to protect it from unauthorized access.
InformationSecurity 7 Reference The Security Institute (2016). A study guide and source of reference for Security Managers on the Certificate in Security Management. Information Security, 6(3), pp.12-18.

Recommended

Strategies for Data Leakage Prevention
Strategies for Data Leakage PreventionStrategies for Data Leakage Prevention
Strategies for Data Leakage PreventionIRJET Journal
 
IRJET- An Approach Towards Data Security in Organizations by Avoiding Data Br...
IRJET- An Approach Towards Data Security in Organizations by Avoiding Data Br...IRJET- An Approach Towards Data Security in Organizations by Avoiding Data Br...
IRJET- An Approach Towards Data Security in Organizations by Avoiding Data Br...IRJET Journal
 
Enhanced method for intrusion detection over kdd cup 99 dataset
Enhanced method for intrusion detection over kdd cup 99 datasetEnhanced method for intrusion detection over kdd cup 99 dataset
Enhanced method for intrusion detection over kdd cup 99 datasetijctet
 
Messaging Gateway
Messaging GatewayMessaging Gateway
Messaging Gatewayijsrd.com
 
IT SECURITY PLAN FOR FLIGHT SIMULATION PROGRAM
IT SECURITY PLAN FOR FLIGHT SIMULATION PROGRAMIT SECURITY PLAN FOR FLIGHT SIMULATION PROGRAM
IT SECURITY PLAN FOR FLIGHT SIMULATION PROGRAMIJCSEA Journal
 
CSEC630_TeamAssignment_TeamBlazer_FINAL
CSEC630_TeamAssignment_TeamBlazer_FINALCSEC630_TeamAssignment_TeamBlazer_FINAL
CSEC630_TeamAssignment_TeamBlazer_FINALRonald Jackson, Jr
 
Safeguarding the Enterprise
Safeguarding the EnterpriseSafeguarding the Enterprise
Safeguarding the EnterpriseADGP, Public Grivences, Bangalore
 
CSEC630 individaul assign
CSEC630 individaul assignCSEC630 individaul assign
CSEC630 individaul assignRonald Jackson, Jr
 

Recommended

Strategies for Data Leakage Prevention
Strategies for Data Leakage PreventionStrategies for Data Leakage Prevention
Strategies for Data Leakage PreventionIRJET Journal
 
IRJET- An Approach Towards Data Security in Organizations by Avoiding Data Br...
IRJET- An Approach Towards Data Security in Organizations by Avoiding Data Br...IRJET- An Approach Towards Data Security in Organizations by Avoiding Data Br...
IRJET- An Approach Towards Data Security in Organizations by Avoiding Data Br...IRJET Journal
 
Enhanced method for intrusion detection over kdd cup 99 dataset
Enhanced method for intrusion detection over kdd cup 99 datasetEnhanced method for intrusion detection over kdd cup 99 dataset
Enhanced method for intrusion detection over kdd cup 99 datasetijctet
 
Messaging Gateway
Messaging GatewayMessaging Gateway
Messaging Gatewayijsrd.com
 
IT SECURITY PLAN FOR FLIGHT SIMULATION PROGRAM
IT SECURITY PLAN FOR FLIGHT SIMULATION PROGRAMIT SECURITY PLAN FOR FLIGHT SIMULATION PROGRAM
IT SECURITY PLAN FOR FLIGHT SIMULATION PROGRAMIJCSEA Journal
 
CSEC630_TeamAssignment_TeamBlazer_FINAL
CSEC630_TeamAssignment_TeamBlazer_FINALCSEC630_TeamAssignment_TeamBlazer_FINAL
CSEC630_TeamAssignment_TeamBlazer_FINALRonald Jackson, Jr
 
Safeguarding the Enterprise
Safeguarding the EnterpriseSafeguarding the Enterprise
Safeguarding the EnterpriseADGP, Public Grivences, Bangalore
 
CSEC630 individaul assign
CSEC630 individaul assignCSEC630 individaul assign
CSEC630 individaul assignRonald Jackson, Jr
 
An Overview of Information Systems Security Measures in Zimbabwean Small and ...
An Overview of Information Systems Security Measures in Zimbabwean Small and ...An Overview of Information Systems Security Measures in Zimbabwean Small and ...
An Overview of Information Systems Security Measures in Zimbabwean Small and ...researchinventy
 
An Overview of Intrusion Detection and Prevention Systems (IDPS) and Security...
An Overview of Intrusion Detection and Prevention Systems (IDPS) and Security...An Overview of Intrusion Detection and Prevention Systems (IDPS) and Security...
An Overview of Intrusion Detection and Prevention Systems (IDPS) and Security...IOSR Journals
 
An Overview of Intrusion Detection and Prevention Systems (IDPS) and security...
An Overview of Intrusion Detection and Prevention Systems (IDPS) and security...An Overview of Intrusion Detection and Prevention Systems (IDPS) and security...
An Overview of Intrusion Detection and Prevention Systems (IDPS) and security...Ahmad Sharifi
 
Extending Information Security to Non-Production Environments
Extending Information Security to Non-Production EnvironmentsExtending Information Security to Non-Production Environments
Extending Information Security to Non-Production EnvironmentsLindaWatson19
 
Protective Intelligence
Protective IntelligenceProtective Intelligence
Protective Intelligencewbesse
 
IRJET- Preventing of Key-Recovery Attacks on Keyed Intrusion Detection System
IRJET- Preventing of Key-Recovery Attacks on Keyed Intrusion Detection SystemIRJET- Preventing of Key-Recovery Attacks on Keyed Intrusion Detection System
IRJET- Preventing of Key-Recovery Attacks on Keyed Intrusion Detection SystemIRJET Journal
 
Data Stream Controller for Enterprise Cloud Application
Data Stream Controller for Enterprise Cloud ApplicationData Stream Controller for Enterprise Cloud Application
Data Stream Controller for Enterprise Cloud ApplicationIJSRD
 
IRJET- Image Steganography using Pixel Pattern Matching in Cloud Data Sto...
IRJET- Image Steganography using Pixel Pattern Matching in Cloud Data Sto...IRJET- Image Steganography using Pixel Pattern Matching in Cloud Data Sto...
IRJET- Image Steganography using Pixel Pattern Matching in Cloud Data Sto...IRJET Journal
 
Designing Security Assessment of Client Server System using Attack Tree Modeling
Designing Security Assessment of Client Server System using Attack Tree ModelingDesigning Security Assessment of Client Server System using Attack Tree Modeling
Designing Security Assessment of Client Server System using Attack Tree Modelingijtsrd
 
Hirsch Identive | White Paper | Securing the Enterprise in a Networked World
Hirsch Identive | White Paper | Securing the Enterprise in a Networked WorldHirsch Identive | White Paper | Securing the Enterprise in a Networked World
Hirsch Identive | White Paper | Securing the Enterprise in a Networked WorldIdentive
 
Bridging the Data Security Gap
Bridging the Data Security GapBridging the Data Security Gap
Bridging the Data Security Gapxband
 
Ijricit 01-004 progressive and translucent user individuality
Ijricit 01-004 progressive and translucent user individualityIjricit 01-004 progressive and translucent user individuality
Ijricit 01-004 progressive and translucent user individualityIjripublishers Ijri
 
The literature and write report on information system security part 1 of 5 p...
The literature and write report on information system security part 1 of 5 p...The literature and write report on information system security part 1 of 5 p...
The literature and write report on information system security part 1 of 5 p...raufik tajuddin
 
A comprehensive study on classification of passive intrusion and extrusion de...
A comprehensive study on classification of passive intrusion and extrusion de...A comprehensive study on classification of passive intrusion and extrusion de...
A comprehensive study on classification of passive intrusion and extrusion de...csandit
 
IRJET- A Review of Information Systems Security: Types, Security Issues, and ...
IRJET- A Review of Information Systems Security: Types, Security Issues, and ...IRJET- A Review of Information Systems Security: Types, Security Issues, and ...
IRJET- A Review of Information Systems Security: Types, Security Issues, and ...IRJET Journal
 
A DATABASE SYSTEM SECURITY FRAMEWORK
A DATABASE SYSTEM SECURITY FRAMEWORKA DATABASE SYSTEM SECURITY FRAMEWORK
A DATABASE SYSTEM SECURITY FRAMEWORKijcsit
 
AN ISP BASED NOTIFICATION AND DETECTION SYSTEM TO MAXIMIZE EFFICIENCY OF CLIE...
AN ISP BASED NOTIFICATION AND DETECTION SYSTEM TO MAXIMIZE EFFICIENCY OF CLIE...AN ISP BASED NOTIFICATION AND DETECTION SYSTEM TO MAXIMIZE EFFICIENCY OF CLIE...
AN ISP BASED NOTIFICATION AND DETECTION SYSTEM TO MAXIMIZE EFFICIENCY OF CLIE...IJNSA Journal
 
An Empirical Study on the Security Measurements of Websites of Jordanian Publ...
An Empirical Study on the Security Measurements of Websites of Jordanian Publ...An Empirical Study on the Security Measurements of Websites of Jordanian Publ...
An Empirical Study on the Security Measurements of Websites of Jordanian Publ...CSCJournals
 
Fasoo Company And Product Information
Fasoo Company And Product InformationFasoo Company And Product Information
Fasoo Company And Product Informationpabatan
 
50320130403001 2-3
50320130403001 2-350320130403001 2-3
50320130403001 2-3IAEME Publication
 
Safeguardsintheworkplace
SafeguardsintheworkplaceSafeguardsintheworkplace
SafeguardsintheworkplaceAdam Richards
 
Introduction Over the past years, there have been increasing ca.docx
Introduction Over the past years, there have been increasing ca.docxIntroduction Over the past years, there have been increasing ca.docx
Introduction Over the past years, there have been increasing ca.docxnormanibarber20063
 

More Related Content

What's hot

An Overview of Information Systems Security Measures in Zimbabwean Small and ...
An Overview of Information Systems Security Measures in Zimbabwean Small and ...An Overview of Information Systems Security Measures in Zimbabwean Small and ...
An Overview of Information Systems Security Measures in Zimbabwean Small and ...researchinventy
 
An Overview of Intrusion Detection and Prevention Systems (IDPS) and Security...
An Overview of Intrusion Detection and Prevention Systems (IDPS) and Security...An Overview of Intrusion Detection and Prevention Systems (IDPS) and Security...
An Overview of Intrusion Detection and Prevention Systems (IDPS) and Security...IOSR Journals
 
An Overview of Intrusion Detection and Prevention Systems (IDPS) and security...
An Overview of Intrusion Detection and Prevention Systems (IDPS) and security...An Overview of Intrusion Detection and Prevention Systems (IDPS) and security...
An Overview of Intrusion Detection and Prevention Systems (IDPS) and security...Ahmad Sharifi
 
Extending Information Security to Non-Production Environments
Extending Information Security to Non-Production EnvironmentsExtending Information Security to Non-Production Environments
Extending Information Security to Non-Production EnvironmentsLindaWatson19
 
Protective Intelligence
Protective IntelligenceProtective Intelligence
Protective Intelligencewbesse
 
IRJET- Preventing of Key-Recovery Attacks on Keyed Intrusion Detection System
IRJET- Preventing of Key-Recovery Attacks on Keyed Intrusion Detection SystemIRJET- Preventing of Key-Recovery Attacks on Keyed Intrusion Detection System
IRJET- Preventing of Key-Recovery Attacks on Keyed Intrusion Detection SystemIRJET Journal
 
Data Stream Controller for Enterprise Cloud Application
Data Stream Controller for Enterprise Cloud ApplicationData Stream Controller for Enterprise Cloud Application
Data Stream Controller for Enterprise Cloud ApplicationIJSRD
 
IRJET- Image Steganography using Pixel Pattern Matching in Cloud Data Sto...
IRJET- Image Steganography using Pixel Pattern Matching in Cloud Data Sto...IRJET- Image Steganography using Pixel Pattern Matching in Cloud Data Sto...
IRJET- Image Steganography using Pixel Pattern Matching in Cloud Data Sto...IRJET Journal
 
Designing Security Assessment of Client Server System using Attack Tree Modeling
Designing Security Assessment of Client Server System using Attack Tree ModelingDesigning Security Assessment of Client Server System using Attack Tree Modeling
Designing Security Assessment of Client Server System using Attack Tree Modelingijtsrd
 
Hirsch Identive | White Paper | Securing the Enterprise in a Networked World
Hirsch Identive | White Paper | Securing the Enterprise in a Networked WorldHirsch Identive | White Paper | Securing the Enterprise in a Networked World
Hirsch Identive | White Paper | Securing the Enterprise in a Networked WorldIdentive
 
Bridging the Data Security Gap
Bridging the Data Security GapBridging the Data Security Gap
Bridging the Data Security Gapxband
 
Ijricit 01-004 progressive and translucent user individuality
Ijricit 01-004 progressive and translucent user individualityIjricit 01-004 progressive and translucent user individuality
Ijricit 01-004 progressive and translucent user individualityIjripublishers Ijri
 
The literature and write report on information system security part 1 of 5 p...
The literature and write report on information system security part 1 of 5 p...The literature and write report on information system security part 1 of 5 p...
The literature and write report on information system security part 1 of 5 p...raufik tajuddin
 
A comprehensive study on classification of passive intrusion and extrusion de...
A comprehensive study on classification of passive intrusion and extrusion de...A comprehensive study on classification of passive intrusion and extrusion de...
A comprehensive study on classification of passive intrusion and extrusion de...csandit
 
IRJET- A Review of Information Systems Security: Types, Security Issues, and ...
IRJET- A Review of Information Systems Security: Types, Security Issues, and ...IRJET- A Review of Information Systems Security: Types, Security Issues, and ...
IRJET- A Review of Information Systems Security: Types, Security Issues, and ...IRJET Journal
 
A DATABASE SYSTEM SECURITY FRAMEWORK
A DATABASE SYSTEM SECURITY FRAMEWORKA DATABASE SYSTEM SECURITY FRAMEWORK
A DATABASE SYSTEM SECURITY FRAMEWORKijcsit
 
AN ISP BASED NOTIFICATION AND DETECTION SYSTEM TO MAXIMIZE EFFICIENCY OF CLIE...
AN ISP BASED NOTIFICATION AND DETECTION SYSTEM TO MAXIMIZE EFFICIENCY OF CLIE...AN ISP BASED NOTIFICATION AND DETECTION SYSTEM TO MAXIMIZE EFFICIENCY OF CLIE...
AN ISP BASED NOTIFICATION AND DETECTION SYSTEM TO MAXIMIZE EFFICIENCY OF CLIE...IJNSA Journal
 
An Empirical Study on the Security Measurements of Websites of Jordanian Publ...
An Empirical Study on the Security Measurements of Websites of Jordanian Publ...An Empirical Study on the Security Measurements of Websites of Jordanian Publ...
An Empirical Study on the Security Measurements of Websites of Jordanian Publ...CSCJournals
 
Fasoo Company And Product Information
Fasoo Company And Product InformationFasoo Company And Product Information
Fasoo Company And Product Informationpabatan
 

What's hot (20)

An Overview of Information Systems Security Measures in Zimbabwean Small and ...
An Overview of Information Systems Security Measures in Zimbabwean Small and ...An Overview of Information Systems Security Measures in Zimbabwean Small and ...
An Overview of Information Systems Security Measures in Zimbabwean Small and ...
 
An Overview of Intrusion Detection and Prevention Systems (IDPS) and Security...
An Overview of Intrusion Detection and Prevention Systems (IDPS) and Security...An Overview of Intrusion Detection and Prevention Systems (IDPS) and Security...
An Overview of Intrusion Detection and Prevention Systems (IDPS) and Security...
 
An Overview of Intrusion Detection and Prevention Systems (IDPS) and security...
An Overview of Intrusion Detection and Prevention Systems (IDPS) and security...An Overview of Intrusion Detection and Prevention Systems (IDPS) and security...
An Overview of Intrusion Detection and Prevention Systems (IDPS) and security...
 
Extending Information Security to Non-Production Environments
Extending Information Security to Non-Production EnvironmentsExtending Information Security to Non-Production Environments
Extending Information Security to Non-Production Environments
 
Protective Intelligence
Protective IntelligenceProtective Intelligence
Protective Intelligence
 
IRJET- Preventing of Key-Recovery Attacks on Keyed Intrusion Detection System
IRJET- Preventing of Key-Recovery Attacks on Keyed Intrusion Detection SystemIRJET- Preventing of Key-Recovery Attacks on Keyed Intrusion Detection System
IRJET- Preventing of Key-Recovery Attacks on Keyed Intrusion Detection System
 
Data Stream Controller for Enterprise Cloud Application
Data Stream Controller for Enterprise Cloud ApplicationData Stream Controller for Enterprise Cloud Application
Data Stream Controller for Enterprise Cloud Application
 
IRJET- Image Steganography using Pixel Pattern Matching in Cloud Data Sto...
IRJET- Image Steganography using Pixel Pattern Matching in Cloud Data Sto...IRJET- Image Steganography using Pixel Pattern Matching in Cloud Data Sto...
IRJET- Image Steganography using Pixel Pattern Matching in Cloud Data Sto...
 
Designing Security Assessment of Client Server System using Attack Tree Modeling
Designing Security Assessment of Client Server System using Attack Tree ModelingDesigning Security Assessment of Client Server System using Attack Tree Modeling
Designing Security Assessment of Client Server System using Attack Tree Modeling
 
Hirsch Identive | White Paper | Securing the Enterprise in a Networked World
Hirsch Identive | White Paper | Securing the Enterprise in a Networked WorldHirsch Identive | White Paper | Securing the Enterprise in a Networked World
Hirsch Identive | White Paper | Securing the Enterprise in a Networked World
 
Bridging the Data Security Gap
Bridging the Data Security GapBridging the Data Security Gap
Bridging the Data Security Gap
 
Ijricit 01-004 progressive and translucent user individuality
Ijricit 01-004 progressive and translucent user individualityIjricit 01-004 progressive and translucent user individuality
Ijricit 01-004 progressive and translucent user individuality
 
The literature and write report on information system security part 1 of 5 p...
The literature and write report on information system security part 1 of 5 p...The literature and write report on information system security part 1 of 5 p...
The literature and write report on information system security part 1 of 5 p...
 
A comprehensive study on classification of passive intrusion and extrusion de...
A comprehensive study on classification of passive intrusion and extrusion de...A comprehensive study on classification of passive intrusion and extrusion de...
A comprehensive study on classification of passive intrusion and extrusion de...
 
IRJET- A Review of Information Systems Security: Types, Security Issues, and ...
IRJET- A Review of Information Systems Security: Types, Security Issues, and ...IRJET- A Review of Information Systems Security: Types, Security Issues, and ...
IRJET- A Review of Information Systems Security: Types, Security Issues, and ...
 
A DATABASE SYSTEM SECURITY FRAMEWORK
A DATABASE SYSTEM SECURITY FRAMEWORKA DATABASE SYSTEM SECURITY FRAMEWORK
A DATABASE SYSTEM SECURITY FRAMEWORK
 
AN ISP BASED NOTIFICATION AND DETECTION SYSTEM TO MAXIMIZE EFFICIENCY OF CLIE...
AN ISP BASED NOTIFICATION AND DETECTION SYSTEM TO MAXIMIZE EFFICIENCY OF CLIE...AN ISP BASED NOTIFICATION AND DETECTION SYSTEM TO MAXIMIZE EFFICIENCY OF CLIE...
AN ISP BASED NOTIFICATION AND DETECTION SYSTEM TO MAXIMIZE EFFICIENCY OF CLIE...
 
An Empirical Study on the Security Measurements of Websites of Jordanian Publ...
An Empirical Study on the Security Measurements of Websites of Jordanian Publ...An Empirical Study on the Security Measurements of Websites of Jordanian Publ...
An Empirical Study on the Security Measurements of Websites of Jordanian Publ...
 
Fasoo Company And Product Information
Fasoo Company And Product InformationFasoo Company And Product Information
Fasoo Company And Product Information
 
50320130403001 2-3
50320130403001 2-350320130403001 2-3
50320130403001 2-3
 

Similar to Information security

Safeguardsintheworkplace
SafeguardsintheworkplaceSafeguardsintheworkplace
SafeguardsintheworkplaceAdam Richards
 
Introduction Over the past years, there have been increasing ca.docx
Introduction Over the past years, there have been increasing ca.docxIntroduction Over the past years, there have been increasing ca.docx
Introduction Over the past years, there have been increasing ca.docxnormanibarber20063
 
Running Head SECURITY AWARENESSSecurity Awareness .docx
Running Head SECURITY AWARENESSSecurity Awareness .docxRunning Head SECURITY AWARENESSSecurity Awareness .docx
Running Head SECURITY AWARENESSSecurity Awareness .docxtoltonkendal
 
Unit 1 Information Security.docx
Unit 1 Information Security.docxUnit 1 Information Security.docx
Unit 1 Information Security.docxPrernaThakwani
 
Running head hardware and software security14 hardware an
Running head hardware and software security14 hardware anRunning head hardware and software security14 hardware an
Running head hardware and software security14 hardware anAKHIL969626
 
Running head CHALLENGES OF CYBER SECURITY9.docx
Running head CHALLENGES OF CYBER SECURITY9.docxRunning head CHALLENGES OF CYBER SECURITY9.docx
Running head CHALLENGES OF CYBER SECURITY9.docxsusanschei
 
ISSC481_Term_Paper_John_Intindolo
ISSC481_Term_Paper_John_IntindoloISSC481_Term_Paper_John_Intindolo
ISSC481_Term_Paper_John_IntindoloJohn Intindolo
 
Security policy case study
Security policy case studySecurity policy case study
Security policy case studyashu6
 
How to secure your enterprise data during Covid-19
How to secure your enterprise data during Covid-19How to secure your enterprise data during Covid-19
How to secure your enterprise data during Covid-19Dharmendra Rama
 
Information security principles
Information security principlesInformation security principles
Information security principlesDan Morrill
 
7 Practices To Safeguard Your Business From Security Breaches!
7 Practices To Safeguard Your Business From Security Breaches!7 Practices To Safeguard Your Business From Security Breaches!
7 Practices To Safeguard Your Business From Security Breaches!Caroline Johnson
 
1. Original Post by Catherine JohnsonCryptographic MethodsC
1. Original Post by Catherine JohnsonCryptographic MethodsC1. Original Post by Catherine JohnsonCryptographic MethodsC
1. Original Post by Catherine JohnsonCryptographic MethodsCSantosConleyha
 
1. Original Post by Catherine JohnsonCryptographic MethodsC
1. Original Post by Catherine JohnsonCryptographic MethodsC1. Original Post by Catherine JohnsonCryptographic MethodsC
1. Original Post by Catherine JohnsonCryptographic MethodsCAbbyWhyte974
 
Running head NETWORK INFRASTRUTCTURE AND SECURITYNETWORK INFR.docx
Running head NETWORK INFRASTRUTCTURE AND SECURITYNETWORK INFR.docxRunning head NETWORK INFRASTRUTCTURE AND SECURITYNETWORK INFR.docx
Running head NETWORK INFRASTRUTCTURE AND SECURITYNETWORK INFR.docxtoltonkendal
 
Discuss how a successful organization should have the followin.docx
Discuss how a successful organization should have the followin.docxDiscuss how a successful organization should have the followin.docx
Discuss how a successful organization should have the followin.docxcuddietheresa
 
Discuss how a successful organization should have the followin.docx
Discuss how a successful organization should have the followin.docxDiscuss how a successful organization should have the followin.docx
Discuss how a successful organization should have the followin.docxsalmonpybus
 
Running Head INFORMATION SECURITY VULNERABILITY 2.docx
Running Head INFORMATION SECURITY VULNERABILITY 2.docxRunning Head INFORMATION SECURITY VULNERABILITY 2.docx
Running Head INFORMATION SECURITY VULNERABILITY 2.docxcharisellington63520
 
CHAPTER 15HRIS Privacy and Security1.docx
CHAPTER 15HRIS Privacy and Security1.docxCHAPTER 15HRIS Privacy and Security1.docx
CHAPTER 15HRIS Privacy and Security1.docxketurahhazelhurst
 

Similar to Information security (20)

Safeguardsintheworkplace
SafeguardsintheworkplaceSafeguardsintheworkplace
Safeguardsintheworkplace
 
Introduction Over the past years, there have been increasing ca.docx
Introduction Over the past years, there have been increasing ca.docxIntroduction Over the past years, there have been increasing ca.docx
Introduction Over the past years, there have been increasing ca.docx
 
Running Head SECURITY AWARENESSSecurity Awareness .docx
Running Head SECURITY AWARENESSSecurity Awareness .docxRunning Head SECURITY AWARENESSSecurity Awareness .docx
Running Head SECURITY AWARENESSSecurity Awareness .docx
 
Unit 1 Information Security.docx
Unit 1 Information Security.docxUnit 1 Information Security.docx
Unit 1 Information Security.docx
 
Running head hardware and software security14 hardware an
Running head hardware and software security14 hardware anRunning head hardware and software security14 hardware an
Running head hardware and software security14 hardware an
 
Running head CHALLENGES OF CYBER SECURITY9.docx
Running head CHALLENGES OF CYBER SECURITY9.docxRunning head CHALLENGES OF CYBER SECURITY9.docx
Running head CHALLENGES OF CYBER SECURITY9.docx
 
ISSC481_Term_Paper_John_Intindolo
ISSC481_Term_Paper_John_IntindoloISSC481_Term_Paper_John_Intindolo
ISSC481_Term_Paper_John_Intindolo
 
Security policy case study
Security policy case studySecurity policy case study
Security policy case study
 
How to secure your enterprise data during Covid-19
How to secure your enterprise data during Covid-19How to secure your enterprise data during Covid-19
How to secure your enterprise data during Covid-19
 
Information security principles
Information security principlesInformation security principles
Information security principles
 
7 Practices To Safeguard Your Business From Security Breaches!
7 Practices To Safeguard Your Business From Security Breaches!7 Practices To Safeguard Your Business From Security Breaches!
7 Practices To Safeguard Your Business From Security Breaches!
 
1. Original Post by Catherine JohnsonCryptographic MethodsC
1. Original Post by Catherine JohnsonCryptographic MethodsC1. Original Post by Catherine JohnsonCryptographic MethodsC
1. Original Post by Catherine JohnsonCryptographic MethodsC
 
1. Original Post by Catherine JohnsonCryptographic MethodsC
1. Original Post by Catherine JohnsonCryptographic MethodsC1. Original Post by Catherine JohnsonCryptographic MethodsC
1. Original Post by Catherine JohnsonCryptographic MethodsC
 
Running head NETWORK INFRASTRUTCTURE AND SECURITYNETWORK INFR.docx
Running head NETWORK INFRASTRUTCTURE AND SECURITYNETWORK INFR.docxRunning head NETWORK INFRASTRUTCTURE AND SECURITYNETWORK INFR.docx
Running head NETWORK INFRASTRUTCTURE AND SECURITYNETWORK INFR.docx
 
I0516064
I0516064I0516064
I0516064
 
Discuss how a successful organization should have the followin.docx
Discuss how a successful organization should have the followin.docxDiscuss how a successful organization should have the followin.docx
Discuss how a successful organization should have the followin.docx
 
Discuss how a successful organization should have the followin.docx
Discuss how a successful organization should have the followin.docxDiscuss how a successful organization should have the followin.docx
Discuss how a successful organization should have the followin.docx
 
E04 05 2841
E04 05 2841E04 05 2841
E04 05 2841
 
Running Head INFORMATION SECURITY VULNERABILITY 2.docx
Running Head INFORMATION SECURITY VULNERABILITY 2.docxRunning Head INFORMATION SECURITY VULNERABILITY 2.docx
Running Head INFORMATION SECURITY VULNERABILITY 2.docx
 
CHAPTER 15HRIS Privacy and Security1.docx
CHAPTER 15HRIS Privacy and Security1.docxCHAPTER 15HRIS Privacy and Security1.docx
CHAPTER 15HRIS Privacy and Security1.docx
 

More from festus mwangi

Integrated marketing communications
Integrated marketing communicationsIntegrated marketing communications
Integrated marketing communicationsfestus mwangi
 
Children transition to mainstream education
Children transition to mainstream educationChildren transition to mainstream education
Children transition to mainstream educationfestus mwangi
 
Relationshio between consumer branding and choice for airlines
Relationshio between consumer branding and choice for airlinesRelationshio between consumer branding and choice for airlines
Relationshio between consumer branding and choice for airlinesfestus mwangi
 
Describe the fall of the ottoman
Describe the fall of the ottomanDescribe the fall of the ottoman
Describe the fall of the ottomanfestus mwangi
 
Describe the fall of the ottoman
Describe the fall of the ottomanDescribe the fall of the ottoman
Describe the fall of the ottomanfestus mwangi
 

More from festus mwangi (6)

Integrated marketing communications
Integrated marketing communicationsIntegrated marketing communications
Integrated marketing communications
 
Children transition to mainstream education
Children transition to mainstream educationChildren transition to mainstream education
Children transition to mainstream education
 
Relationshio between consumer branding and choice for airlines
Relationshio between consumer branding and choice for airlinesRelationshio between consumer branding and choice for airlines
Relationshio between consumer branding and choice for airlines
 
Describe the fall of the ottoman
Describe the fall of the ottomanDescribe the fall of the ottoman
Describe the fall of the ottoman
 
148323
148323148323
148323
 
Describe the fall of the ottoman
Describe the fall of the ottomanDescribe the fall of the ottoman
Describe the fall of the ottoman
 

Recently uploaded

slidesgo-maximizing-sustainability-the-case-for-plastic-reuse
slidesgo-maximizing-sustainability-the-case-for-plastic-reuseslidesgo-maximizing-sustainability-the-case-for-plastic-reuse
slidesgo-maximizing-sustainability-the-case-for-plastic-reusedhanalakshmi88488
 
NO1 Pakistan online istikhara for love marriage vashikaran specialist love pr...
NO1 Pakistan online istikhara for love marriage vashikaran specialist love pr...NO1 Pakistan online istikhara for love marriage vashikaran specialist love pr...
NO1 Pakistan online istikhara for love marriage vashikaran specialist love pr...Amil Baba Dawood bangali
 
ADBB 5cladba Precursor JWH018 +85244677121
ADBB 5cladba Precursor JWH018 +85244677121ADBB 5cladba Precursor JWH018 +85244677121
ADBB 5cladba Precursor JWH018 +85244677121leephoebe968
 
Role of Copper and Zinc Nanoparticles in Plant Disease Management
Role of Copper and Zinc Nanoparticles in Plant Disease ManagementRole of Copper and Zinc Nanoparticles in Plant Disease Management
Role of Copper and Zinc Nanoparticles in Plant Disease ManagementRavikumar Vaniya
 
Call Girl In Ichalkaranji 💯Niamh 📲🔝6378878445🔝Call Girls No💰Advance Cash On D...
Call Girl In Ichalkaranji 💯Niamh 📲🔝6378878445🔝Call Girls No💰Advance Cash On D...Call Girl In Ichalkaranji 💯Niamh 📲🔝6378878445🔝Call Girls No💰Advance Cash On D...
Call Girl In Ichalkaranji 💯Niamh 📲🔝6378878445🔝Call Girls No💰Advance Cash On D...manju garg
 
Fuel Cells and Hydrogen in Transportation - An Introduction
Fuel Cells and Hydrogen in Transportation - An IntroductionFuel Cells and Hydrogen in Transportation - An Introduction
Fuel Cells and Hydrogen in Transportation - An IntroductionGlenn Rambach
 
Rising temperatures also mean that more plant pests are appearing earlier and...
Rising temperatures also mean that more plant pests are appearing earlier and...Rising temperatures also mean that more plant pests are appearing earlier and...
Rising temperatures also mean that more plant pests are appearing earlier and...Christina Parmionova
 
My Museum presentation by Jamilyn Gonzalez
My Museum presentation by Jamilyn GonzalezMy Museum presentation by Jamilyn Gonzalez
My Museum presentation by Jamilyn Gonzalezjamilyngonzalez24
 
Production, dispersal, sedimentation and taphonomy of spores/pollen
Production, dispersal, sedimentation and taphonomy of spores/pollenProduction, dispersal, sedimentation and taphonomy of spores/pollen
Production, dispersal, sedimentation and taphonomy of spores/pollenSangram Sahoo
 
Town and Country Planning-he term 'town planning' first appeared in 1906 and ...
Town and Country Planning-he term 'town planning' first appeared in 1906 and ...Town and Country Planning-he term 'town planning' first appeared in 1906 and ...
Town and Country Planning-he term 'town planning' first appeared in 1906 and ...Ange Felix NSANZIYERA
 
Corporate_Science-based_Target_Setting.pptx
Corporate_Science-based_Target_Setting.pptxCorporate_Science-based_Target_Setting.pptx
Corporate_Science-based_Target_Setting.pptxarnab132
 
Role of nanotechnology in management of stored grain pests of cereals and pulses
Role of nanotechnology in management of stored grain pests of cereals and pulsesRole of nanotechnology in management of stored grain pests of cereals and pulses
Role of nanotechnology in management of stored grain pests of cereals and pulsesRavikumar Vaniya
 
Christmas Palm Trees in Florida The Ultimate Guide to Festive Landscaping wit...
Christmas Palm Trees in Florida The Ultimate Guide to Festive Landscaping wit...Christmas Palm Trees in Florida The Ultimate Guide to Festive Landscaping wit...
Christmas Palm Trees in Florida The Ultimate Guide to Festive Landscaping wit...EvergladesFarm
 
Palynology: History, branches, basic principles and application, collection o...
Palynology: History, branches, basic principles and application, collection o...Palynology: History, branches, basic principles and application, collection o...
Palynology: History, branches, basic principles and application, collection o...Sangram Sahoo
 
NO1 Pakistan Black magic In Pakistan Kala Ilam Expert Specialist In UK Kala I...
NO1 Pakistan Black magic In Pakistan Kala Ilam Expert Specialist In UK Kala I...NO1 Pakistan Black magic In Pakistan Kala Ilam Expert Specialist In UK Kala I...
NO1 Pakistan Black magic In Pakistan Kala Ilam Expert Specialist In UK Kala I...Amil Baba Dawood bangali
 
FULL ENJOY Call Girls In Mahipalpur Delhi Contact Us 8377087607
FULL ENJOY Call Girls In Mahipalpur Delhi Contact Us 8377087607FULL ENJOY Call Girls In Mahipalpur Delhi Contact Us 8377087607
FULL ENJOY Call Girls In Mahipalpur Delhi Contact Us 8377087607dollysharma2066
 
Exclusive Bhusawal Call Girls (Adult Only) 💯Call Us 🔝 6378878445 🔝 💃 Escort S...
Exclusive Bhusawal Call Girls (Adult Only) 💯Call Us 🔝 6378878445 🔝 💃 Escort S...Exclusive Bhusawal Call Girls (Adult Only) 💯Call Us 🔝 6378878445 🔝 💃 Escort S...
Exclusive Bhusawal Call Girls (Adult Only) 💯Call Us 🔝 6378878445 🔝 💃 Escort S...manju garg
 
Sungsang Mangrove Restoration and Ecotourism (SMART): A participatory action ...
Sungsang Mangrove Restoration and Ecotourism (SMART): A participatory action ...Sungsang Mangrove Restoration and Ecotourism (SMART): A participatory action ...
Sungsang Mangrove Restoration and Ecotourism (SMART): A participatory action ...CIFOR-ICRAF
 
2024-05-08 Composting at Home 101 for the Rotary Club of Pinecrest.pptx
2024-05-08 Composting at Home 101 for the Rotary Club of Pinecrest.pptx2024-05-08 Composting at Home 101 for the Rotary Club of Pinecrest.pptx
2024-05-08 Composting at Home 101 for the Rotary Club of Pinecrest.pptxEllen Book
 

Recently uploaded (20)

slidesgo-maximizing-sustainability-the-case-for-plastic-reuse
slidesgo-maximizing-sustainability-the-case-for-plastic-reuseslidesgo-maximizing-sustainability-the-case-for-plastic-reuse
slidesgo-maximizing-sustainability-the-case-for-plastic-reuse
 
NO1 Pakistan online istikhara for love marriage vashikaran specialist love pr...
NO1 Pakistan online istikhara for love marriage vashikaran specialist love pr...NO1 Pakistan online istikhara for love marriage vashikaran specialist love pr...
NO1 Pakistan online istikhara for love marriage vashikaran specialist love pr...
 
ADBB 5cladba Precursor JWH018 +85244677121
ADBB 5cladba Precursor JWH018 +85244677121ADBB 5cladba Precursor JWH018 +85244677121
ADBB 5cladba Precursor JWH018 +85244677121
 
Role of Copper and Zinc Nanoparticles in Plant Disease Management
Role of Copper and Zinc Nanoparticles in Plant Disease ManagementRole of Copper and Zinc Nanoparticles in Plant Disease Management
Role of Copper and Zinc Nanoparticles in Plant Disease Management
 
Call Girl In Ichalkaranji 💯Niamh 📲🔝6378878445🔝Call Girls No💰Advance Cash On D...
Call Girl In Ichalkaranji 💯Niamh 📲🔝6378878445🔝Call Girls No💰Advance Cash On D...Call Girl In Ichalkaranji 💯Niamh 📲🔝6378878445🔝Call Girls No💰Advance Cash On D...
Call Girl In Ichalkaranji 💯Niamh 📲🔝6378878445🔝Call Girls No💰Advance Cash On D...
 
Fuel Cells and Hydrogen in Transportation - An Introduction
Fuel Cells and Hydrogen in Transportation - An IntroductionFuel Cells and Hydrogen in Transportation - An Introduction
Fuel Cells and Hydrogen in Transportation - An Introduction
 
Rising temperatures also mean that more plant pests are appearing earlier and...
Rising temperatures also mean that more plant pests are appearing earlier and...Rising temperatures also mean that more plant pests are appearing earlier and...
Rising temperatures also mean that more plant pests are appearing earlier and...
 
My Museum presentation by Jamilyn Gonzalez
My Museum presentation by Jamilyn GonzalezMy Museum presentation by Jamilyn Gonzalez
My Museum presentation by Jamilyn Gonzalez
 
Production, dispersal, sedimentation and taphonomy of spores/pollen
Production, dispersal, sedimentation and taphonomy of spores/pollenProduction, dispersal, sedimentation and taphonomy of spores/pollen
Production, dispersal, sedimentation and taphonomy of spores/pollen
 
Town and Country Planning-he term 'town planning' first appeared in 1906 and ...
Town and Country Planning-he term 'town planning' first appeared in 1906 and ...Town and Country Planning-he term 'town planning' first appeared in 1906 and ...
Town and Country Planning-he term 'town planning' first appeared in 1906 and ...
 
Corporate_Science-based_Target_Setting.pptx
Corporate_Science-based_Target_Setting.pptxCorporate_Science-based_Target_Setting.pptx
Corporate_Science-based_Target_Setting.pptx
 
Role of nanotechnology in management of stored grain pests of cereals and pulses
Role of nanotechnology in management of stored grain pests of cereals and pulsesRole of nanotechnology in management of stored grain pests of cereals and pulses
Role of nanotechnology in management of stored grain pests of cereals and pulses
 
7+ Cara Menggugurkan Kandungan Tanpa Resiko (087776558899)
7+ Cara Menggugurkan Kandungan Tanpa Resiko (087776558899)7+ Cara Menggugurkan Kandungan Tanpa Resiko (087776558899)
7+ Cara Menggugurkan Kandungan Tanpa Resiko (087776558899)
 
Christmas Palm Trees in Florida The Ultimate Guide to Festive Landscaping wit...
Christmas Palm Trees in Florida The Ultimate Guide to Festive Landscaping wit...Christmas Palm Trees in Florida The Ultimate Guide to Festive Landscaping wit...
Christmas Palm Trees in Florida The Ultimate Guide to Festive Landscaping wit...
 
Palynology: History, branches, basic principles and application, collection o...
Palynology: History, branches, basic principles and application, collection o...Palynology: History, branches, basic principles and application, collection o...
Palynology: History, branches, basic principles and application, collection o...
 
NO1 Pakistan Black magic In Pakistan Kala Ilam Expert Specialist In UK Kala I...
NO1 Pakistan Black magic In Pakistan Kala Ilam Expert Specialist In UK Kala I...NO1 Pakistan Black magic In Pakistan Kala Ilam Expert Specialist In UK Kala I...
NO1 Pakistan Black magic In Pakistan Kala Ilam Expert Specialist In UK Kala I...
 
FULL ENJOY Call Girls In Mahipalpur Delhi Contact Us 8377087607
FULL ENJOY Call Girls In Mahipalpur Delhi Contact Us 8377087607FULL ENJOY Call Girls In Mahipalpur Delhi Contact Us 8377087607
FULL ENJOY Call Girls In Mahipalpur Delhi Contact Us 8377087607
 
Exclusive Bhusawal Call Girls (Adult Only) 💯Call Us 🔝 6378878445 🔝 💃 Escort S...
Exclusive Bhusawal Call Girls (Adult Only) 💯Call Us 🔝 6378878445 🔝 💃 Escort S...Exclusive Bhusawal Call Girls (Adult Only) 💯Call Us 🔝 6378878445 🔝 💃 Escort S...
Exclusive Bhusawal Call Girls (Adult Only) 💯Call Us 🔝 6378878445 🔝 💃 Escort S...
 
Sungsang Mangrove Restoration and Ecotourism (SMART): A participatory action ...
Sungsang Mangrove Restoration and Ecotourism (SMART): A participatory action ...Sungsang Mangrove Restoration and Ecotourism (SMART): A participatory action ...
Sungsang Mangrove Restoration and Ecotourism (SMART): A participatory action ...
 
2024-05-08 Composting at Home 101 for the Rotary Club of Pinecrest.pptx
2024-05-08 Composting at Home 101 for the Rotary Club of Pinecrest.pptx2024-05-08 Composting at Home 101 for the Rotary Club of Pinecrest.pptx
2024-05-08 Composting at Home 101 for the Rotary Club of Pinecrest.pptx
 

Information security

  • 1. InformationSecurity 1 Information Security Name Course Name Professor Institution Affiliation Date
  • 2. InformationSecurity 2 Introduction Organization information is very vital, as organizations have resorted to storing all the information on computer devices. This, however, creates a security risk that calls for proper measures to ensure the information is secure. This paper will address the issues involving organization information security and ways to ensure the information is secure. 1. Principlesofsecuringorganizational information 1.1.Describe the differenttypesoforganizational information There are three typesof organizational information;theyincludecomputer-basedinformation, visual/printedinformationandaudible/oral information. Computerbasedinformationisdatawhichhasbeenelectronicallyprocessedand transmitted betweentwodataprocessingsystems orstoredina standalone computer.The computerbased informationsystemincludesthatmedia,whichstoresthe informationelectronically,the software usedto manipulate the information,the operatingsystemsoftware andnetworkingaswell asthe telecommunicationinfrastructure (TheSecurityInstitute,2016). Visual/printedinformationconsistsof informationthathasbeenprintedorwrittenon paper.The printedorwritteninformationiscommonlyknownasthe hardcopy,whichdiffersfromcomputer- basedinformationreferredtoasthe softcopy. However,the securityapplicationof suchvisual/ printedinformationisalsoapplicable toreadable formatoncomputerscreens (TheSecurity Institute,2016) Oral/audibleinformationconsistsof aspokenwordthroughtelephone conversationsonatelephone network.Itshould,however,be understoodthatthe developmentof computerbasedprogramshas blurredthe line betweenaudibleinformationandcomputerbasedinformation.The audible informationwill dependonhowthe informationisinstalled,whetherasa standalone systemor networkedwithothercomputersystems (TheSecurityInstitute,2016). 1.2. The content ofa securitypolicy and the ISO standard for information protection In the fieldof informationsecuritymanagement,the followingshouldbe includedinasecuritypolicy and the International OrganizationforStandardsforinformationprotection.Thesestandardsensure that the sharingof informationtakesplace whileprotectingdataandcomputingassets (The Security Institute,2016). Protectionof sensitive information andassetsfromunwarranteddisclosureorinterceptionby unauthorizedindividualsisreferredtoasconfidentiality.Reasonsforpreventingdataaccessare due to lack of authorizedclearance,andthe needtoknow-basis.Inthe case of an attack, the potential attackerlacks clearance forthe informationbeingaccessed.Suchcasesare more prevalentin governmentsystemswhere securityclearance levelsare definedaccordingtothe differentlevelsof access andrank. On a needtoknowbasis,the potential attackermightbe holdingageneral level of authoritythatmighttheoreticallygrantthemdataaccess.However,theycanstill be blockedfrom accessingthe data on a need–to-knowbasis.The criteriatobe usedingrantingthe accessto the data are commonlydeterminedlocally.Suchcriteriamightnotinvolverankorstatus as a reasonto have access tothe sensitiveinformation (The SecurityInstitute,2016).
  • 3. InformationSecurity 3 Integrityisanothersafeguardingmeasure thatisincludedinthe ISOstandardsas well asthe security policy.Thismeasure ensuresaccuracyand competence of information aswell asthe computer software.The integrityof informationinvolvestwolevels,i.e.,baselinelevel andenhanced protection.Toensure integrity,there isaneedtohave an anti-virussoftware forpreventing maliciouscodes,anon-alterable mediumsuchasa CD-ROMfordata storage,a mastercopy to be usedforcomparison,anda mathematical checksumtoensure there isnodata modification.The checksumisusuallyaprogram that isinbuiltandservestoidentifywhetherdatahasbeenchanged or manipulated.Also,adigital signature isnormallyusedforadditional integrity (The Security Institute,2016). However,securitycontrolsusedtoensure confidentialitycanalsobe usedtoensure integrity.Such controlsmightbe usedto write,modifyandread permissionindependently (TheSecurityInstitute, 2016). Availabilityof informationisanotherpolicymeasure onthe ISOstandardthat seekstoensure that informationandothervital servicesare availablewheneveranauthorizedindividualsrequire it. The availabilityrequirements,inmostcases,are definedbythe operatingsystemof acomputer,whichis the systemlevel orthe service level,wheresystemuserinteractionstake place. However,the term availabilityishardtoapplyon data directlysince the attacktakesplace on the systemorservice. Instanceswhere deliberate attacksonservice orsystemtopreventdataaccessibilityare knownas DeferredDenial of Service (DDoS) (TheSecurityInstitute,2016). 1.3. Methodsof securinginformation from baseline protectionto multiple countermeasures Baseline protectionisthe type of protectionappliedtonormal situationssuchassecuritycontrols that ensure goodpractice inthe industry.Onthe otherhand,enhancedprotectionisappliedin specificsurroundingswhere specificriskshave beenidentified.Whenimplementingenhanced security,there isaneedfora riskmanagementappraisal thathasbeenwell implementedthana baseline protection.The enhancedprotectionusesanantivirussoftware to protectthe systemfrom maliciouscodes,anon-alterable mediume.g.CD-ROMforstoringdata,a mastercopy to use for comparison,amathematical checksumtocheckfor anydata modificationormanipulation,and digital signaturesforadditional integrity (The SecurityInstitute,2016). 2. Threats to organizational informationusedin computer systems 2.1. The risk assessmentprocesswithinthe context ofinformation and data protection An objective assessmentshouldbe done onexistingcountermeasures suchasthe statutoryand legal requirements,informationassetsandrisksaffectingthose assetsregardingvulnerabilitybefore the installationof protective devicesandimplementationof procedures.Moreover,there isaneed to determine the mostcosteffective andmeasurestofollow.A considerationof potential attackers isalso necessarytotake at thisstage.Thisbecause attackersuse variouswaysand are motivated differentlywhileattacking (The SecurityInstitute,2016). 2.2. Advantages of implementingpasswordprotectionhierarchies In informationsecurity,itisadvisabletouse a passwordwhile protectinginformation.The user passwordshave several advantagessuchasprotectingunauthorizedaccesstoinformationinthe computer;passwordsare storedina protecteddatabase where hackerscannotbe able toaccess and passwordsgranta unique keytoaccess information,whichisonlyknown,tothe specificuser.
  • 4. InformationSecurity 4 Also,passwordsenablecomputermanufacturerstograntthe user accessduringinitial installation stage.A passwordhasa lowcost of implementation,universallyacceptedandconvenient.However, passwordssometimeshave weaknesses,whichinclude,apasswordbeingtooshortor usingonly lettersinthe lowercase,use of dictionarynames,andthe use of commonwordsor substituting letterswithnumbersinthose commonwords.The weaknessesmentionedabove make iteasyfora hackerto guessthe password.Otheruserscarelesslyplace the password,orpasswordhintclose to theirdesktop,which makesiteasytoaccessthe informationonthatdesktop (The SecurityInstitute, 2016). Apart frompasswords,weaknessesthere are alsothreatsthatface informationaccessibility;such threatsare categorizedintoinsiderandoutsiderthreats. 2.3. Potential perpetrators ofthreats may be Insiderthreatsare those threatsposedbysomeone workingwiththe organizationandmisuses' informationthatcanbe a threatto the organization.Thismightbe eitherunwillinglydue tolackof trainingwhere the employeeisnotaware of the securityrequirementsorignorantof the company policiesdue tolackof awarenessof the companypolicies.Onthe otherhand,the threatmightbe willinglydue tocoercionsuchthatthe employee isforcedtodisclose the informationorentitlement, by missusingthe informationjustbecausehe/she can.Onthe otherhand,hackerswho obtain unauthorizedaccesstocomputersystemsandnetworkstochallengethemselvesorwithmalicious intent,pose external threats.The hackersmight accessanorganizationinformationwiththe intent of disclosingittothe publicorextortfinancesfromthe organization (TheSecurityInstitute,2016). 2.4. Threats posedby ‘hacking A hackeris typicallyathief whoidentifiesloopholesonthe networkora way to diverttechnical systemsfromtheirinitial purpose of anetworksystemandexploitsthe loopholetochallenge him/herself orgainfinanciallywiththe assistance of social engineeringtechnique.There are many waysthat to hack systemsfromexternal locations.Some of thesewaysare technical andrequire a lotof experiencesandspecificsystemsandsoftware.A hackermayuse wormsor Trojan horse to modifyasoftware andfacilitate unauthorizedaccessbycorruptingdata.Whena hackerhacks a website,the followingmightbe the motives,overt:whichinvolvesmaliciousmodificationof a website onatargetedsystem.Covert,placingaTrojanhorse and activate itlateror modifya software orconfigurationtoalloweasyaccessat a laterstage.Alsogatheringinformationtobe used inotherunauthorizedactions.The actionsmentionedabovepose athreatto the organizationswhen a hacker marksa particularorganizationasa target (The SecurityInstitute,2016). 3. The countermeasuresavailable to protect organizational information 3.1. Various typesof biometricsusedfor protection of information Informationsecurityisenhancedbythe use of biometricstograntaccess.A biometricdevice isa meansof access control that isreliable andfastinrecognizingindividuals.The device canuse facial recognitionwhere itcanstore the facesof people ina database andcross-referencethemtogrant access to information.Voice recognitioninvolvesdetectionof anindividual'sspokenwordand matchesit withthe one savedonthe systemwhile grantingaccess;irisrecognitioniscurrentlythe mostadvancedbiometricsystemwhichreadsthe irispatternonthe eye foraccessto be granted. Hand geometryandfingerprintbiometricsystemgrantaccessbyreadingthe patternsonthe hand and the fingerprintsince everyindividualhasadistinctpattern.Moreover,more researchisbeing
  • 5. InformationSecurity 5 conductedtofindwaysof usingthe innerearand how we walkon biometrictechnology (The SecurityInstitute,2016). 3.2. Convergence inthe contextof informationsecurity Securityconvergence isthe termusedtodescribe the state of skillsintraditional security.The descriptioninvolvesthe provisionof securityandriskawarenesstraining,abilitytounderstandand handle humanattitudestowardssecurityrisk,the defense designthatasystemisusing,protection of organizationassetsandriskassessment.The skillsmentionedabove andothersare what we refer to as securityconvergence whentheyare combinedwiththe traditionalsecurity (The Security Institute,2016). 3.3. The importance of encryption inthe contextof information security Whenwe mentionaboutencryption,itissimplythe actof disguisingdatausinganalgorithmandan associatedsetof keys.The purpose forthisisto make the informationindecipherable and unreadable tothose wholackauthorization.The use of encryptionisappliedincomputersystems for protectionof high-value informationsuchaspasswordsthatprovide accesstothe system, protectionof data heldincomputersystemsinasecure storage andto protect data transmissionas well ascommunicationsystems.The encryptionensuresthatthe informationbeingtransmittedis not modifiable orreadable duringthe transmissionprocess.Thisensuresthe integrityof the informationduringtransmission.The encryptionhashelpedorganizationsprovide infrastructure services,e.g.trunkcommunicationservices,aswell asensuresintegritybetweensites,especially duringfinancial transactionsandotherremote paymentservices (The SecurityInstitute,2016). Encryptionhasalso provedtobe of benefitinWirelessLANssince somesendsignalsbeyondthe requiredregion,the encryptionhelpstosecure the informationfromthe public.The process requiresapublickeyinfrastructure tobe installed,whichisusedtomanage the use and verification of the keysthatare encrypted.Anotheradvantage of encryptionisthatithelpstosecure unsecured storage therebyprotectingthe informationfrombeingcompromisedonitsconfidentiality, availability,andintegrity (TheSecurityInstitute,2016). 3.4. The appropriate countermeasure fora giveninformationsecurity breach scenario Despite the measuresmentionedabove,there are timeswhenhackersmanage tobreachthe security.Whenasecuritybreachhappenstoan organization,there are certainstepstobe takento ensure the breachdoesnothappenagain.The firstthingto do isto report the breachjustlike any othersecurityissue tothe central coordinatingfunctionforinvestigation.Whilereporting,the investigatorswill require knowingthe detailsof whathasoccurred,whenthe incidentwasnoticed, whatsystemshave beenaffectedandwhatpositionyouholdinthe organizationthatmandatesyou to reportthe incident.The nextstepistopreserve the evidence byensuringsystemconfigurations, systemlogs,andaudittrailshave notbeenaltered.Alsoisolatingthe computersystemstopave the wayfor detailedevaluationtobe done (The SecurityInstitute,2016). At the organizationlevel,once the breachhastakenplace,the seniormanagementshouldassessthe impacton the business,evaluate the alternativesof resumingnormal service anddecide onwhat actionsto be takento preventa breachinthe future.Also,theyconsideractionstobe takenafter the investigationandthe changesinthe organizationproceduresandpoliciestobe implementedas a resultof the incident (The SecurityInstitute,2016).
  • 6. InformationSecurity 6 Conclusion The progress in information security has taken huge strides towards being impenetrable, but so have hackers. The need for advanced security measures is growing every day. With the help of the points sited on this paper, managers can get a good understanding of the importance of information security as well as the various ways they can use to protect it from unauthorized access.
  • 7. InformationSecurity 7 Reference The Security Institute (2016). A study guide and source of reference for Security Managers on the Certificate in Security Management. Information Security, 6(3), pp.12-18.