SlideShare a Scribd company logo

Health information secuirty session 5 best practise in information security

Download as PPTX, PDF
Dr. Lasantha Ranwala
Dr. Lasantha Ranwala

This document outlines best practices for information security management and defense in depth. It discusses implementing security across multiple layers including personnel, procedural, technical, and physical controls. Specific controls mentioned include physical security measures, technical controls like encryption and access control lists, and administrative controls such as security policies, training, and disaster recovery plans. The document also provides best practices for protecting networks such as access controls, logging, patching, user education, policies, activity monitoring, and data breach response plans. Finally, it lists best practices for personal security including using antivirus software, strong passwords, locking computers in public, protecting personal information, limiting social media sharing, safe file downloads, and regular backups.

Health & Medicine
1 of 14
Best practices of information security management Health Information Security Session 05:Best Practices of Information Security Management
“Cyber security… It’s not just about technology”
DEFENCE IN DEPTH • Concept in which multiple layers of security controls (defence) are placed throughout an information technology (IT) system. • Its intent is to provide redundancy in the event of a security control fails or a vulnerability is exploited. • Cover aspects of personnel, procedural, technical and physical for the duration of the system's life cycle.
DEFENCE IN DEPTH CONTINU......
DEFENCE IN DEPTH CONTINU......
SECURITY CONTROLS 1. Physical control 2. Technical control 3. administrative control
1. PHYSICAL CONTROLS Implementation of security measures in a defined structure used to defend or prevent unauthorized access to sensitive material. e.g.: • Closed-circuit surveillance cameras • Motion or thermal alarm systems • Security guards • Picture Ids
2.TECHNICAL CONTROLS • Use of technology as a basis for controlling the access and usage of sensitive data throughout a physical structure and over a network. • e.g.: • Encryption • Access control lists (ACLs) • File integrity auditing software
ADMINISTRATIVE CONTROLS • Administrative controls define the human factors of security. • It involves all levels of personnel within an organization and determines which users have access to what resources and information by such means as: • e.g.: • Information Security policy • Training and awareness • Disaster preparedness and recovery plans
BEST PRACTISES - PROTECT YOUR NETWORK 1. Create Specific Access Controls • Minimum user privileges 2. Collect Detailed Logs • for security and troubleshooting purposes • backup logs 3. Maintain Security Patches • make sure your software and hardware security is up to date 4. Educate and Train Your Users • users will always be your weakest link
BEST PRACTISES - PROTECT YOUR NETWORK CONTIN.. 5. Policies and Guidelines • Clear User Policies for New Employees and Vendors • Security policy and guidelines for staff 6. User Activity Monitoring 7. Data Breach Response Plan 8. Back up and Restore
BEST PRACTICES -PROTECT OURSELF 1. Install anti-virus software and keep all computer software patched and updates. 2. Use a strong password • Password Vs Pass phrase 3. Log off public computers/Lock your computer 4. Keep personal information safe • Be wary of suspicious e-mails • Use secure Wi-Fi connections • properly delete any personal information before sell or dispose of your hardware
5. Limit social network information • you should be wary about how much personal information you post. 6. Download files only from trusted souses 7. Regular data Back up
Thank you

Recommended

Health information security session 4 risk management
Health information security session 4 risk managementHealth information security session 4 risk management
Health information security session 4 risk management
Dr. Lasantha Ranwala
 
Lesson 1
Lesson 1Lesson 1
Lesson 1
MLG College of Learning, Inc
 
How To Secure MIS
How To Secure MISHow To Secure MIS
How To Secure MIS
AaDi Malik
 
Information Assurance And Security - Chapter 1 - Lesson 3
Information Assurance And Security - Chapter 1 - Lesson 3Information Assurance And Security - Chapter 1 - Lesson 3
Information Assurance And Security - Chapter 1 - Lesson 3
MLG College of Learning, Inc
 
Using automation to improve the effectiveness of security operations
Using automation to improve the effectiveness of security operationsUsing automation to improve the effectiveness of security operations
Using automation to improve the effectiveness of security operations
Huntsman Security
 
security and system mainatance
security and system mainatancesecurity and system mainatance
security and system mainatance
Kudzi Chikwatu
 
Lesson 3- Effectiveness of IDPS
Lesson 3- Effectiveness of IDPSLesson 3- Effectiveness of IDPS
Lesson 3- Effectiveness of IDPS
MLG College of Learning, Inc
 
Management Information System Presentation
Management Information System PresentationManagement Information System Presentation
Management Information System Presentation
AaDi Malik
 

Recommended

Health information security session 4 risk management
Health information security session 4 risk managementHealth information security session 4 risk management
Health information security session 4 risk management
Dr. Lasantha Ranwala
 
Lesson 1
Lesson 1Lesson 1
Lesson 1
MLG College of Learning, Inc
 
How To Secure MIS
How To Secure MISHow To Secure MIS
How To Secure MIS
AaDi Malik
 
Information Assurance And Security - Chapter 1 - Lesson 3
Information Assurance And Security - Chapter 1 - Lesson 3Information Assurance And Security - Chapter 1 - Lesson 3
Information Assurance And Security - Chapter 1 - Lesson 3
MLG College of Learning, Inc
 
Using automation to improve the effectiveness of security operations
Using automation to improve the effectiveness of security operationsUsing automation to improve the effectiveness of security operations
Using automation to improve the effectiveness of security operations
Huntsman Security
 
security and system mainatance
security and system mainatancesecurity and system mainatance
security and system mainatance
Kudzi Chikwatu
 
Lesson 3- Effectiveness of IDPS
Lesson 3- Effectiveness of IDPSLesson 3- Effectiveness of IDPS
Lesson 3- Effectiveness of IDPS
MLG College of Learning, Inc
 
Management Information System Presentation
Management Information System PresentationManagement Information System Presentation
Management Information System Presentation
AaDi Malik
 
Information Assurance And Security - Chapter 1 - Lesson 4
Information Assurance And Security - Chapter 1 - Lesson 4Information Assurance And Security - Chapter 1 - Lesson 4
Information Assurance And Security - Chapter 1 - Lesson 4
MLG College of Learning, Inc
 
Lesson 1- Risk Managment
Lesson 1- Risk ManagmentLesson 1- Risk Managment
Lesson 1- Risk Managment
MLG College of Learning, Inc
 
Lesson 1- Intrusion Detection
Lesson 1- Intrusion DetectionLesson 1- Intrusion Detection
Lesson 1- Intrusion Detection
MLG College of Learning, Inc
 
It security controls, plans, and procedures
It security controls, plans, and proceduresIt security controls, plans, and procedures
It security controls, plans, and procedures
CAS
 
Introduction to Ethical Hacking
Introduction to Ethical HackingIntroduction to Ethical Hacking
Introduction to Ethical Hacking
UK Defence Cyber School
 
Lesson 2
Lesson 2Lesson 2
Lesson 2
MLG College of Learning, Inc
 
Lesson 2
Lesson 2Lesson 2
Lesson 2
MLG College of Learning, Inc
 
MIS: Information Security Management
MIS: Information Security ManagementMIS: Information Security Management
MIS: Information Security Management
Jonathan Coleman
 
5 Step Data Security Plan for Small Businesses
5 Step Data Security Plan for Small Businesses5 Step Data Security Plan for Small Businesses
5 Step Data Security Plan for Small Businesses
Wilkins Consulting, LLC
 
Corporate security pdf
Corporate security pdfCorporate security pdf
Corporate security pdf
G3 intelligence Ltd
 
The Importance of Security within the Computer Environment
The Importance of Security within the Computer EnvironmentThe Importance of Security within the Computer Environment
The Importance of Security within the Computer Environment
Adetula Bunmi
 
Lesson 1- Information Policy
Lesson 1- Information PolicyLesson 1- Information Policy
Lesson 1- Information Policy
MLG College of Learning, Inc
 
Lesson 3
Lesson 3Lesson 3
Lesson 3
MLG College of Learning, Inc
 
Physical security
Physical securityPhysical security
Physical security
Dhani Ahmad
 
Lesson 3- Fair Approach
Lesson 3- Fair ApproachLesson 3- Fair Approach
Lesson 3- Fair Approach
MLG College of Learning, Inc
 
12 security policies
12 security policies12 security policies
12 security policies
Saqib Raza
 
Jupiter physical security ppt 2016 1
Jupiter physical security ppt 2016 1Jupiter physical security ppt 2016 1
Jupiter physical security ppt 2016 1
Maxpromotion
 
Ise viii-information and network security [10 is835]-solution
Ise viii-information and network security [10 is835]-solutionIse viii-information and network security [10 is835]-solution
Ise viii-information and network security [10 is835]-solution
Vivek Maurya
 
Incident Response
Incident ResponseIncident Response
Incident Response
primeteacher32
 
Control System Cyber Security - A Different Approach
Control System Cyber Security - A Different ApproachControl System Cyber Security - A Different Approach
Control System Cyber Security - A Different Approach
Jim Cahill
 
Unit 1&2.pdf
Unit 1&2.pdfUnit 1&2.pdf
Unit 1&2.pdf
Ndheh
 
Introduction to Cybersecurity.pdf
Introduction to Cybersecurity.pdfIntroduction to Cybersecurity.pdf
Introduction to Cybersecurity.pdf
ssuserf98dd4
 

More Related Content

What's hot

Information Assurance And Security - Chapter 1 - Lesson 4
Information Assurance And Security - Chapter 1 - Lesson 4Information Assurance And Security - Chapter 1 - Lesson 4
Information Assurance And Security - Chapter 1 - Lesson 4
MLG College of Learning, Inc
 
Lesson 1- Risk Managment
Lesson 1- Risk ManagmentLesson 1- Risk Managment
Lesson 1- Risk Managment
MLG College of Learning, Inc
 
Lesson 1- Intrusion Detection
Lesson 1- Intrusion DetectionLesson 1- Intrusion Detection
Lesson 1- Intrusion Detection
MLG College of Learning, Inc
 
It security controls, plans, and procedures
It security controls, plans, and proceduresIt security controls, plans, and procedures
It security controls, plans, and procedures
CAS
 
Introduction to Ethical Hacking
Introduction to Ethical HackingIntroduction to Ethical Hacking
Introduction to Ethical Hacking
UK Defence Cyber School
 
Lesson 2
Lesson 2Lesson 2
Lesson 2
MLG College of Learning, Inc
 
Lesson 2
Lesson 2Lesson 2
Lesson 2
MLG College of Learning, Inc
 
MIS: Information Security Management
MIS: Information Security ManagementMIS: Information Security Management
MIS: Information Security Management
Jonathan Coleman
 
5 Step Data Security Plan for Small Businesses
5 Step Data Security Plan for Small Businesses5 Step Data Security Plan for Small Businesses
5 Step Data Security Plan for Small Businesses
Wilkins Consulting, LLC
 
Corporate security pdf
Corporate security pdfCorporate security pdf
Corporate security pdf
G3 intelligence Ltd
 
The Importance of Security within the Computer Environment
The Importance of Security within the Computer EnvironmentThe Importance of Security within the Computer Environment
The Importance of Security within the Computer Environment
Adetula Bunmi
 
Lesson 1- Information Policy
Lesson 1- Information PolicyLesson 1- Information Policy
Lesson 1- Information Policy
MLG College of Learning, Inc
 
Lesson 3
Lesson 3Lesson 3
Lesson 3
MLG College of Learning, Inc
 
Physical security
Physical securityPhysical security
Physical security
Dhani Ahmad
 
Lesson 3- Fair Approach
Lesson 3- Fair ApproachLesson 3- Fair Approach
Lesson 3- Fair Approach
MLG College of Learning, Inc
 
12 security policies
12 security policies12 security policies
12 security policies
Saqib Raza
 
Jupiter physical security ppt 2016 1
Jupiter physical security ppt 2016 1Jupiter physical security ppt 2016 1
Jupiter physical security ppt 2016 1
Maxpromotion
 
Ise viii-information and network security [10 is835]-solution
Ise viii-information and network security [10 is835]-solutionIse viii-information and network security [10 is835]-solution
Ise viii-information and network security [10 is835]-solution
Vivek Maurya
 
Incident Response
Incident ResponseIncident Response
Incident Response
primeteacher32
 
Control System Cyber Security - A Different Approach
Control System Cyber Security - A Different ApproachControl System Cyber Security - A Different Approach
Control System Cyber Security - A Different Approach
Jim Cahill
 

What's hot (20)

Information Assurance And Security - Chapter 1 - Lesson 4
Information Assurance And Security - Chapter 1 - Lesson 4Information Assurance And Security - Chapter 1 - Lesson 4
Information Assurance And Security - Chapter 1 - Lesson 4
 
Lesson 1- Risk Managment
Lesson 1- Risk ManagmentLesson 1- Risk Managment
Lesson 1- Risk Managment
 
Lesson 1- Intrusion Detection
Lesson 1- Intrusion DetectionLesson 1- Intrusion Detection
Lesson 1- Intrusion Detection
 
It security controls, plans, and procedures
It security controls, plans, and proceduresIt security controls, plans, and procedures
It security controls, plans, and procedures
 
Introduction to Ethical Hacking
Introduction to Ethical HackingIntroduction to Ethical Hacking
Introduction to Ethical Hacking
 
Lesson 2
Lesson 2Lesson 2
Lesson 2
 
Lesson 2
Lesson 2Lesson 2
Lesson 2
 
MIS: Information Security Management
MIS: Information Security ManagementMIS: Information Security Management
MIS: Information Security Management
 
5 Step Data Security Plan for Small Businesses
5 Step Data Security Plan for Small Businesses5 Step Data Security Plan for Small Businesses
5 Step Data Security Plan for Small Businesses
 
Corporate security pdf
Corporate security pdfCorporate security pdf
Corporate security pdf
 
The Importance of Security within the Computer Environment
The Importance of Security within the Computer EnvironmentThe Importance of Security within the Computer Environment
The Importance of Security within the Computer Environment
 
Lesson 1- Information Policy
Lesson 1- Information PolicyLesson 1- Information Policy
Lesson 1- Information Policy
 
Lesson 3
Lesson 3Lesson 3
Lesson 3
 
Physical security
Physical securityPhysical security
Physical security
 
Lesson 3- Fair Approach
Lesson 3- Fair ApproachLesson 3- Fair Approach
Lesson 3- Fair Approach
 
12 security policies
12 security policies12 security policies
12 security policies
 
Jupiter physical security ppt 2016 1
Jupiter physical security ppt 2016 1Jupiter physical security ppt 2016 1
Jupiter physical security ppt 2016 1
 
Ise viii-information and network security [10 is835]-solution
Ise viii-information and network security [10 is835]-solutionIse viii-information and network security [10 is835]-solution
Ise viii-information and network security [10 is835]-solution
 
Incident Response
Incident ResponseIncident Response
Incident Response
 
Control System Cyber Security - A Different Approach
Control System Cyber Security - A Different ApproachControl System Cyber Security - A Different Approach
Control System Cyber Security - A Different Approach
 

Similar to Health information secuirty session 5 best practise in information security

Unit 1&2.pdf
Unit 1&2.pdfUnit 1&2.pdf
Unit 1&2.pdf
Ndheh
 
Introduction to Cybersecurity.pdf
Introduction to Cybersecurity.pdfIntroduction to Cybersecurity.pdf
Introduction to Cybersecurity.pdf
ssuserf98dd4
 
Information security
Information securityInformation security
Information security
Praveen Minz
 
chapter 1. Introduction to Information Security
chapter 1. Introduction to Information Security chapter 1. Introduction to Information Security
chapter 1. Introduction to Information Security
elmuhammadmuhammad
 
Introduction to information security
Introduction to information securityIntroduction to information security
Introduction to information security
Kumawat Dharmpal
 
01Introduction to Information Security.ppt
01Introduction to Information Security.ppt01Introduction to Information Security.ppt
01Introduction to Information Security.ppt
it160320737038
 
Computer Security
Computer SecurityComputer Security
Computer Security
AkNirojan
 
Information Security
Information SecurityInformation Security
Information Security
sonykhan3
 
ISBB_Chapter6.pptx
ISBB_Chapter6.pptxISBB_Chapter6.pptx
ISBB_Chapter6.pptx
AmanSoni665879
 
Computer security concepts
Computer security conceptsComputer security concepts
Computer security concepts
G Prachi
 
security in is.pptx
security in is.pptxsecurity in is.pptx
security in is.pptx
selvapriyabiher
 
Privacies are coming
Privacies are comingPrivacies are coming
Privacies are coming
Ernest Staats
 
Human Factors_MODULE_2.pptx
Human Factors_MODULE_2.pptxHuman Factors_MODULE_2.pptx
Human Factors_MODULE_2.pptx
Shreeveni
 
Information and network security 3 security challenges
Information and network security 3 security challengesInformation and network security 3 security challenges
Information and network security 3 security challenges
Vaibhav Khanna
 
Keamanan informasi
Keamanan informasiKeamanan informasi
Keamanan informasi
Nova Novelia
 
Network security, change control, outsourcing
Network security, change control, outsourcingNetwork security, change control, outsourcing
Network security, change control, outsourcing
Nicholas Davis
 
Network Security, Change Control, Outsourcing
Network Security, Change Control, OutsourcingNetwork Security, Change Control, Outsourcing
Network Security, Change Control, Outsourcing
Nicholas Davis
 
28. Fundamentals of Computer Security (Inglés) (Presentación) autor Philippin...
28. Fundamentals of Computer Security (Inglés) (Presentación) autor Philippin...28. Fundamentals of Computer Security (Inglés) (Presentación) autor Philippin...
28. Fundamentals of Computer Security (Inglés) (Presentación) autor Philippin...
marbimon
 
CH12-CompSec4e.pptx
CH12-CompSec4e.pptxCH12-CompSec4e.pptx
CH12-CompSec4e.pptx
ams1ams11
 
17 info sec_ma_imt_27_2_2012
17 info sec_ma_imt_27_2_201217 info sec_ma_imt_27_2_2012
17 info sec_ma_imt_27_2_2012
RECIPA
 

Similar to Health information secuirty session 5 best practise in information security (20)

Unit 1&2.pdf
Unit 1&2.pdfUnit 1&2.pdf
Unit 1&2.pdf
 
Introduction to Cybersecurity.pdf
Introduction to Cybersecurity.pdfIntroduction to Cybersecurity.pdf
Introduction to Cybersecurity.pdf
 
Information security
Information securityInformation security
Information security
 
chapter 1. Introduction to Information Security
chapter 1. Introduction to Information Security chapter 1. Introduction to Information Security
chapter 1. Introduction to Information Security
 
Introduction to information security
Introduction to information securityIntroduction to information security
Introduction to information security
 
01Introduction to Information Security.ppt
01Introduction to Information Security.ppt01Introduction to Information Security.ppt
01Introduction to Information Security.ppt
 
Computer Security
Computer SecurityComputer Security
Computer Security
 
Information Security
Information SecurityInformation Security
Information Security
 
ISBB_Chapter6.pptx
ISBB_Chapter6.pptxISBB_Chapter6.pptx
ISBB_Chapter6.pptx
 
Computer security concepts
Computer security conceptsComputer security concepts
Computer security concepts
 
security in is.pptx
security in is.pptxsecurity in is.pptx
security in is.pptx
 
Privacies are coming
Privacies are comingPrivacies are coming
Privacies are coming
 
Human Factors_MODULE_2.pptx
Human Factors_MODULE_2.pptxHuman Factors_MODULE_2.pptx
Human Factors_MODULE_2.pptx
 
Information and network security 3 security challenges
Information and network security 3 security challengesInformation and network security 3 security challenges
Information and network security 3 security challenges
 
Keamanan informasi
Keamanan informasiKeamanan informasi
Keamanan informasi
 
Network security, change control, outsourcing
Network security, change control, outsourcingNetwork security, change control, outsourcing
Network security, change control, outsourcing
 
Network Security, Change Control, Outsourcing
Network Security, Change Control, OutsourcingNetwork Security, Change Control, Outsourcing
Network Security, Change Control, Outsourcing
 
28. Fundamentals of Computer Security (Inglés) (Presentación) autor Philippin...
28. Fundamentals of Computer Security (Inglés) (Presentación) autor Philippin...28. Fundamentals of Computer Security (Inglés) (Presentación) autor Philippin...
28. Fundamentals of Computer Security (Inglés) (Presentación) autor Philippin...
 
CH12-CompSec4e.pptx
CH12-CompSec4e.pptxCH12-CompSec4e.pptx
CH12-CompSec4e.pptx
 
17 info sec_ma_imt_27_2_2012
17 info sec_ma_imt_27_2_201217 info sec_ma_imt_27_2_2012
17 info sec_ma_imt_27_2_2012
 

More from Dr. Lasantha Ranwala

Health information security 3 vulnerability threat and risk
Health information security 3 vulnerability threat and riskHealth information security 3 vulnerability threat and risk
Health information security 3 vulnerability threat and risk
Dr. Lasantha Ranwala
 
Health information security 2 : Basic concepts
Health information security 2 : Basic conceptsHealth information security 2 : Basic concepts
Health information security 2 : Basic concepts
Dr. Lasantha Ranwala
 
Health information security 1 overview
Health information security 1 overviewHealth information security 1 overview
Health information security 1 overview
Dr. Lasantha Ranwala
 
Online application for drug stock management
Online application for drug stock managementOnline application for drug stock management
Online application for drug stock management
Dr. Lasantha Ranwala
 
Common Foot Problems
Common Foot ProblemsCommon Foot Problems
Common Foot Problems
Dr. Lasantha Ranwala
 
Foss for Health Care
Foss for Health CareFoss for Health Care
Foss for Health Care
Dr. Lasantha Ranwala
 

More from Dr. Lasantha Ranwala (6)

Health information security 3 vulnerability threat and risk
Health information security 3 vulnerability threat and riskHealth information security 3 vulnerability threat and risk
Health information security 3 vulnerability threat and risk
 
Health information security 2 : Basic concepts
Health information security 2 : Basic conceptsHealth information security 2 : Basic concepts
Health information security 2 : Basic concepts
 
Health information security 1 overview
Health information security 1 overviewHealth information security 1 overview
Health information security 1 overview
 
Online application for drug stock management
Online application for drug stock managementOnline application for drug stock management
Online application for drug stock management
 
Common Foot Problems
Common Foot ProblemsCommon Foot Problems
Common Foot Problems
 
Foss for Health Care
Foss for Health CareFoss for Health Care
Foss for Health Care
 

Recently uploaded

CHEMOTHERAPY_RDP_CHAPTER 2 _LEPROSY.pdf1
CHEMOTHERAPY_RDP_CHAPTER 2 _LEPROSY.pdf1CHEMOTHERAPY_RDP_CHAPTER 2 _LEPROSY.pdf1
CHEMOTHERAPY_RDP_CHAPTER 2 _LEPROSY.pdf1
rishi2789
 
Acute Gout Care & Urate Lowering Therapy .pdf
Acute Gout Care & Urate Lowering Therapy .pdfAcute Gout Care & Urate Lowering Therapy .pdf
Acute Gout Care & Urate Lowering Therapy .pdf
Jim Jacob Roy
 
Osteoporosis - Definition , Evaluation and Management .pdf
Osteoporosis - Definition , Evaluation and Management .pdfOsteoporosis - Definition , Evaluation and Management .pdf
Osteoporosis - Definition , Evaluation and Management .pdf
Jim Jacob Roy
 
Physical demands in sports - WCSPT Oslo 2024
Physical demands in sports - WCSPT Oslo 2024Physical demands in sports - WCSPT Oslo 2024
Physical demands in sports - WCSPT Oslo 2024
Torstein Dalen-Lorentsen
 
Nano-gold for Cancer Therapy chemistry investigatory project
Nano-gold for Cancer Therapy chemistry investigatory projectNano-gold for Cancer Therapy chemistry investigatory project
Nano-gold for Cancer Therapy chemistry investigatory project
SIVAVINAYAKPK
 
Artificial Intelligence Symposium (THAIS)
Artificial Intelligence Symposium (THAIS)Artificial Intelligence Symposium (THAIS)
Artificial Intelligence Symposium (THAIS)
Josep Vidal-Alaball
 
Pharmacology of 5-hydroxytryptamine and Antagonist
Pharmacology of 5-hydroxytryptamine and AntagonistPharmacology of 5-hydroxytryptamine and Antagonist
Pharmacology of 5-hydroxytryptamine and Antagonist
Dr. Nikhilkumar Sakle
 
SENSORY NEEDS B.SC. NURSING SEMESTER II.
SENSORY NEEDS B.SC. NURSING SEMESTER II.SENSORY NEEDS B.SC. NURSING SEMESTER II.
SENSORY NEEDS B.SC. NURSING SEMESTER II.
KULDEEP VYAS
 
8 Surprising Reasons To Meditate 40 Minutes A Day That Can Change Your Life.pptx
8 Surprising Reasons To Meditate 40 Minutes A Day That Can Change Your Life.pptx8 Surprising Reasons To Meditate 40 Minutes A Day That Can Change Your Life.pptx
8 Surprising Reasons To Meditate 40 Minutes A Day That Can Change Your Life.pptx
Holistified Wellness
 
Alzheimer’s Disease Case Conference: Gearing Up for the Expanding Role of Neu...
Alzheimer’s Disease Case Conference: Gearing Up for the Expanding Role of Neu...Alzheimer’s Disease Case Conference: Gearing Up for the Expanding Role of Neu...
Alzheimer’s Disease Case Conference: Gearing Up for the Expanding Role of Neu...
PVI, PeerView Institute for Medical Education
 
Histololgy of Female Reproductive System.pptx
Histololgy of Female Reproductive System.pptxHistololgy of Female Reproductive System.pptx
Histololgy of Female Reproductive System.pptx
AyeshaZaid1
 
Demystifying Fallopian Tube Blockage- Grading the Differences and Implication...
Demystifying Fallopian Tube Blockage- Grading the Differences and Implication...Demystifying Fallopian Tube Blockage- Grading the Differences and Implication...
Demystifying Fallopian Tube Blockage- Grading the Differences and Implication...
FFragrant
 
Ageing, the Elderly, Gerontology and Public Health
Ageing, the Elderly, Gerontology and Public HealthAgeing, the Elderly, Gerontology and Public Health
Ageing, the Elderly, Gerontology and Public Health
phuakl
 
Recent advances on Cervical cancer .pptx
Recent advances on Cervical cancer .pptxRecent advances on Cervical cancer .pptx
Recent advances on Cervical cancer .pptx
DrGirishJHoogar
 
June 2024 Oncology Cartoons By Dr Kanhu Charan Patro
June 2024 Oncology Cartoons By Dr Kanhu Charan PatroJune 2024 Oncology Cartoons By Dr Kanhu Charan Patro
June 2024 Oncology Cartoons By Dr Kanhu Charan Patro
Kanhu Charan
 
CHEMOTHERAPY_RDP_CHAPTER 3_ANTIFUNGAL AGENT.pdf
CHEMOTHERAPY_RDP_CHAPTER 3_ANTIFUNGAL AGENT.pdfCHEMOTHERAPY_RDP_CHAPTER 3_ANTIFUNGAL AGENT.pdf
CHEMOTHERAPY_RDP_CHAPTER 3_ANTIFUNGAL AGENT.pdf
rishi2789
 
Cosmetology and Trichology Courses at Kosmoderma Academy PRP (Hair), DR Growt...
Cosmetology and Trichology Courses at Kosmoderma Academy PRP (Hair), DR Growt...Cosmetology and Trichology Courses at Kosmoderma Academy PRP (Hair), DR Growt...
Cosmetology and Trichology Courses at Kosmoderma Academy PRP (Hair), DR Growt...
Kosmoderma Academy Of Aesthetic Medicine
 
What are the different types of Dental implants.
What are the different types of Dental implants.What are the different types of Dental implants.
What are the different types of Dental implants.
Gokuldas Hospital
 
Cervical Disc Arthroplasty ORSI 2024.pptx
Cervical Disc Arthroplasty ORSI 2024.pptxCervical Disc Arthroplasty ORSI 2024.pptx
Cervical Disc Arthroplasty ORSI 2024.pptx
LEFLOT Jean-Louis
 
CBL Seminar 2024_Preliminary Program.pdf
CBL Seminar 2024_Preliminary Program.pdfCBL Seminar 2024_Preliminary Program.pdf
CBL Seminar 2024_Preliminary Program.pdf
suvadeepdas911
 

Recently uploaded (20)

CHEMOTHERAPY_RDP_CHAPTER 2 _LEPROSY.pdf1
CHEMOTHERAPY_RDP_CHAPTER 2 _LEPROSY.pdf1CHEMOTHERAPY_RDP_CHAPTER 2 _LEPROSY.pdf1
CHEMOTHERAPY_RDP_CHAPTER 2 _LEPROSY.pdf1
 
Acute Gout Care & Urate Lowering Therapy .pdf
Acute Gout Care & Urate Lowering Therapy .pdfAcute Gout Care & Urate Lowering Therapy .pdf
Acute Gout Care & Urate Lowering Therapy .pdf
 
Osteoporosis - Definition , Evaluation and Management .pdf
Osteoporosis - Definition , Evaluation and Management .pdfOsteoporosis - Definition , Evaluation and Management .pdf
Osteoporosis - Definition , Evaluation and Management .pdf
 
Physical demands in sports - WCSPT Oslo 2024
Physical demands in sports - WCSPT Oslo 2024Physical demands in sports - WCSPT Oslo 2024
Physical demands in sports - WCSPT Oslo 2024
 
Nano-gold for Cancer Therapy chemistry investigatory project
Nano-gold for Cancer Therapy chemistry investigatory projectNano-gold for Cancer Therapy chemistry investigatory project
Nano-gold for Cancer Therapy chemistry investigatory project
 
Artificial Intelligence Symposium (THAIS)
Artificial Intelligence Symposium (THAIS)Artificial Intelligence Symposium (THAIS)
Artificial Intelligence Symposium (THAIS)
 
Pharmacology of 5-hydroxytryptamine and Antagonist
Pharmacology of 5-hydroxytryptamine and AntagonistPharmacology of 5-hydroxytryptamine and Antagonist
Pharmacology of 5-hydroxytryptamine and Antagonist
 
SENSORY NEEDS B.SC. NURSING SEMESTER II.
SENSORY NEEDS B.SC. NURSING SEMESTER II.SENSORY NEEDS B.SC. NURSING SEMESTER II.
SENSORY NEEDS B.SC. NURSING SEMESTER II.
 
8 Surprising Reasons To Meditate 40 Minutes A Day That Can Change Your Life.pptx
8 Surprising Reasons To Meditate 40 Minutes A Day That Can Change Your Life.pptx8 Surprising Reasons To Meditate 40 Minutes A Day That Can Change Your Life.pptx
8 Surprising Reasons To Meditate 40 Minutes A Day That Can Change Your Life.pptx
 
Alzheimer’s Disease Case Conference: Gearing Up for the Expanding Role of Neu...
Alzheimer’s Disease Case Conference: Gearing Up for the Expanding Role of Neu...Alzheimer’s Disease Case Conference: Gearing Up for the Expanding Role of Neu...
Alzheimer’s Disease Case Conference: Gearing Up for the Expanding Role of Neu...
 
Histololgy of Female Reproductive System.pptx
Histololgy of Female Reproductive System.pptxHistololgy of Female Reproductive System.pptx
Histololgy of Female Reproductive System.pptx
 
Demystifying Fallopian Tube Blockage- Grading the Differences and Implication...
Demystifying Fallopian Tube Blockage- Grading the Differences and Implication...Demystifying Fallopian Tube Blockage- Grading the Differences and Implication...
Demystifying Fallopian Tube Blockage- Grading the Differences and Implication...
 
Ageing, the Elderly, Gerontology and Public Health
Ageing, the Elderly, Gerontology and Public HealthAgeing, the Elderly, Gerontology and Public Health
Ageing, the Elderly, Gerontology and Public Health
 
Recent advances on Cervical cancer .pptx
Recent advances on Cervical cancer .pptxRecent advances on Cervical cancer .pptx
Recent advances on Cervical cancer .pptx
 
June 2024 Oncology Cartoons By Dr Kanhu Charan Patro
June 2024 Oncology Cartoons By Dr Kanhu Charan PatroJune 2024 Oncology Cartoons By Dr Kanhu Charan Patro
June 2024 Oncology Cartoons By Dr Kanhu Charan Patro
 
CHEMOTHERAPY_RDP_CHAPTER 3_ANTIFUNGAL AGENT.pdf
CHEMOTHERAPY_RDP_CHAPTER 3_ANTIFUNGAL AGENT.pdfCHEMOTHERAPY_RDP_CHAPTER 3_ANTIFUNGAL AGENT.pdf
CHEMOTHERAPY_RDP_CHAPTER 3_ANTIFUNGAL AGENT.pdf
 
Cosmetology and Trichology Courses at Kosmoderma Academy PRP (Hair), DR Growt...
Cosmetology and Trichology Courses at Kosmoderma Academy PRP (Hair), DR Growt...Cosmetology and Trichology Courses at Kosmoderma Academy PRP (Hair), DR Growt...
Cosmetology and Trichology Courses at Kosmoderma Academy PRP (Hair), DR Growt...
 
What are the different types of Dental implants.
What are the different types of Dental implants.What are the different types of Dental implants.
What are the different types of Dental implants.
 
Cervical Disc Arthroplasty ORSI 2024.pptx
Cervical Disc Arthroplasty ORSI 2024.pptxCervical Disc Arthroplasty ORSI 2024.pptx
Cervical Disc Arthroplasty ORSI 2024.pptx
 
CBL Seminar 2024_Preliminary Program.pdf
CBL Seminar 2024_Preliminary Program.pdfCBL Seminar 2024_Preliminary Program.pdf
CBL Seminar 2024_Preliminary Program.pdf
 

Health information secuirty session 5 best practise in information security

  • 1. Best practices of information security management Health Information Security Session 05:Best Practices of Information Security Management
  • 2. “Cyber security… It’s not just about technology”
  • 3. DEFENCE IN DEPTH • Concept in which multiple layers of security controls (defence) are placed throughout an information technology (IT) system. • Its intent is to provide redundancy in the event of a security control fails or a vulnerability is exploited. • Cover aspects of personnel, procedural, technical and physical for the duration of the system's life cycle.
  • 4. DEFENCE IN DEPTH CONTINU......
  • 5. DEFENCE IN DEPTH CONTINU......
  • 6. SECURITY CONTROLS 1. Physical control 2. Technical control 3. administrative control
  • 7. 1. PHYSICAL CONTROLS Implementation of security measures in a defined structure used to defend or prevent unauthorized access to sensitive material. e.g.: • Closed-circuit surveillance cameras • Motion or thermal alarm systems • Security guards • Picture Ids
  • 8. 2.TECHNICAL CONTROLS • Use of technology as a basis for controlling the access and usage of sensitive data throughout a physical structure and over a network. • e.g.: • Encryption • Access control lists (ACLs) • File integrity auditing software
  • 9. ADMINISTRATIVE CONTROLS • Administrative controls define the human factors of security. • It involves all levels of personnel within an organization and determines which users have access to what resources and information by such means as: • e.g.: • Information Security policy • Training and awareness • Disaster preparedness and recovery plans
  • 10. BEST PRACTISES - PROTECT YOUR NETWORK 1. Create Specific Access Controls • Minimum user privileges 2. Collect Detailed Logs • for security and troubleshooting purposes • backup logs 3. Maintain Security Patches • make sure your software and hardware security is up to date 4. Educate and Train Your Users • users will always be your weakest link
  • 11. BEST PRACTISES - PROTECT YOUR NETWORK CONTIN.. 5. Policies and Guidelines • Clear User Policies for New Employees and Vendors • Security policy and guidelines for staff 6. User Activity Monitoring 7. Data Breach Response Plan 8. Back up and Restore
  • 12. BEST PRACTICES -PROTECT OURSELF 1. Install anti-virus software and keep all computer software patched and updates. 2. Use a strong password • Password Vs Pass phrase 3. Log off public computers/Lock your computer 4. Keep personal information safe • Be wary of suspicious e-mails • Use secure Wi-Fi connections • properly delete any personal information before sell or dispose of your hardware
  • 13. 5. Limit social network information • you should be wary about how much personal information you post. 6. Download files only from trusted souses 7. Regular data Back up