SlideShare a Scribd company logo

How To Secure MIS

Download as PPTX, PDF
AaDi Malik
AaDi Malik

MANAGEMENT INFORMATION SYSTEM

BusinessTechnology
1 of 30
MALIK TOUQEER BBA(HONS) THE ISLAMIA UNIVERSITY BAHAWALPUR PAKISTAN
SECURING MANAGEMENT INFORMATION SYSTEM
Introduction to MIS An MIS provides managers with information and support for effective decision making, and provides feedback on daily operations. MIS is a system, which makes available the Right Information to the Right Person at the Right place at the Right Time in the Right Form and at Right Cost.
 The quality or state of being secure to be free from danger  Security is achieved using several strategies simultaneously or used in combination with one another  Security is recognized as essential to protect vital processes and the systems that provide those processes  Security is not something you buy, it is something you do What is security?
Vulnerability, Threat and Attack  A vulnerability:- is a weakness in security system Can be in design, implementation, etc. Can be hardware, or software  A threat:- is a set of circumstances that has the potential to cause loss or harm Or it’s a potential violation of security Threat can be: Accidental (natural disasters, human error, …) Malicious (attackers, insider fraud, …)  An attack:- is the actual violation of security
Why Systems are Vulnerable?  Hardware problems- • Breakdowns, configuration errors, damage from improper use or crime  Software problems- • Programming errors, installation errors, unauthorized changes)  Disasters- • Power failures, flood, fires, etc.  Use of networks and computers outside of firm’s control - • E.g. with domestic or offshore outsourcing vendors
SO HOW DO WE OVERCOME THESE PROBLEMS???
BUSINESS VALUE OF SECURITY AND CONTROL • Inadequate security and control may create serious legal liability. • Businesses must protect not only their own information assets but also those of customers, employees, and business partners. Failure to do so can lead to costly litigation for data exposure or theft. • A sound security and control framework that protects business information assets can thus produce a high return on investment.
ESTABLISHING A MANAGEMENT FRAMEWORK FOR SECURITY AND CONTROL  General controls: Establish framework for controlling design, security, and use of computer programs • Software controls • Hardware controls • Computer operations controls • Data security controls • Implementation controls
ESTABLISHING A MANAGEMENT FRAMEWORK FOR SECURITY AND CONTROL Application controls: • Input • Processing • Output Unique to each computerized application
CREATING A CONTROL ENVIRONMENT  Controls:- • Methods, policies, and procedures • Ensures protection of organization’s assets • Ensures accuracy and reliability of records, and operational adherence to management standards
Worldwide Damage from Digital Attacks
CREATING A CONTROL ENVIRONMENT  Disaster recovery plan: Runs business in event of computer outage  Load balancing: Distributes large number of requests for access among multiple servers
CREATING A CONTROL ENVIRONMENT • Mirroring: Duplicating all processes and transactions of server on backup server to prevent any interruption • Clustering: Linking two computers together so that a second computer can act as a backup to the primary computer or speed up processing
CREATING A CONTROL ENVIRONMENT Internet Security Challenges  Firewalls:- • Hardware and software controlling flow of incoming and outgoing network traffic • Prevent unauthorized users from accessing private networks • Two types: proxies and stateful inspection  Intrusion Detection System:- • Monitors vulnerable points in network to detect and deter unauthorized intruders
Figure 10-7 A Corporate Firewall
 Because they can  A large fraction of hacker attacks have been pranks  Financial Gain  Espionage  Venting anger at a company or organization  Terrorism Why do Hackers Attack?
Access Control - Physical USER RESPONSIBILITIES • Follow Security Procedures • Wear Identity Cards • Ask unauthorized visitor his credentials • Attend visitors in Reception and Conference Room only • Bring visitors in operations area without prior permission • Bring hazardous and combustible material in secure area • Practice “Piggybacking” • Bring and use pen drives, zip drives, ipods, other storage devices unless and otherwise authorized to do so
Password Guidelines  Always use at least 8 character password with combination of alphabets, numbers and special characters (*, %, @, #, $, ^)  Use passwords that can be easily remembered by you  Change password regularly as per policy  Use password that is significantly different from earlier passwords Use passwords which reveals your personal information or words found in dictionary Write down or Store passwords Share passwords over phone or Email Use passwords which do not match above complexity criteria
 Dictionary Attack  Hacker tries all words in dictionary to crack password  70% of the people use dictionary words as passwords  Brute Force Attack  Try all permutations of the letters & symbols in the alphabet  Hybrid Attack  Words from dictionary and their variations used in attack  Shoulder Surfing  Hackers slyly watch over peoples shoulders to steal passwords  Dumpster Diving  People dump their trash papers in garbage which may contain information to crack passwords Password Attacks - Types
Internet Usage Use internet services for business purposes only  Do not access internet through dial-up connectivity  Do not use internet for accessing auction sites  Do not use internet for hacking other computer systems  Do not use internet to download / upload commercial software / copyrighted material  Technology Department is continuously monitoring Internet Usage. Any illegal use of internet and other assets shall call for Disciplinary Action.
CREATING A CONTROL ENVIRONMENT Antivirus Software  Antivirus software: - Software that checks computer systems and drives for the presence of computer viruses and can eliminate the virus from the infected area • Wi-Fi Protected Access specification
This NEC PC has a biometric fingerprint reader for fast yet secure access to files and networks. New models of PCs are starting to use biometric identification to authenticate users
MANAGEMENT CHALLENGES  Implementing an effective security policy  Applying quality assurance standards in large systems projects  What are the most important software quality assurance techniques?  Why are auditing information systems and safeguarding data quality so important?
Solution Guidelines • Security and control must become a more visible and explicit priority and area of information systems investment. • Support and commitment from top management is required to show that security is indeed a corporate priority and vital to all aspects of the business. • Security and control should be the responsibility of everyone in the organization.
. . . LET US BUILD A HUMAN WALL ALONG WITH FIREWALL Human Wall Is Always Better Than A Firewall
How To Secure MIS
How To Secure MIS

Recommended

Components of scm
Components of scmComponents of scm
Components of scmShivani Kashyap
 
Supplier partnering
Supplier partneringSupplier partnering
Supplier partneringJubayer Alam Shoikat
 
Executive Compensation.pdf
Executive Compensation.pdfExecutive Compensation.pdf
Executive Compensation.pdfMuskanManchanda4
 
Supply chain management
Supply chain managementSupply chain management
Supply chain managementSagar Gadekar
 
Design of the production system
Design of the production systemDesign of the production system
Design of the production systemdarious demus
 
Contemporary issues in hrm
Contemporary issues in hrmContemporary issues in hrm
Contemporary issues in hrmprakhar07
 
Purchasing and vendor management
Purchasing and vendor managementPurchasing and vendor management
Purchasing and vendor managementNarendra Chaudhary
 
Motivation in research - Research Methodology - Manu Melwin Joy
Motivation in research - Research Methodology - Manu Melwin JoyMotivation in research - Research Methodology - Manu Melwin Joy
Motivation in research - Research Methodology - Manu Melwin Joymanumelwin
 

Recommended

Components of scm
Components of scmComponents of scm
Components of scmShivani Kashyap
 
Supplier partnering
Supplier partneringSupplier partnering
Supplier partneringJubayer Alam Shoikat
 
Executive Compensation.pdf
Executive Compensation.pdfExecutive Compensation.pdf
Executive Compensation.pdfMuskanManchanda4
 
Supply chain management
Supply chain managementSupply chain management
Supply chain managementSagar Gadekar
 
Design of the production system
Design of the production systemDesign of the production system
Design of the production systemdarious demus
 
Contemporary issues in hrm
Contemporary issues in hrmContemporary issues in hrm
Contemporary issues in hrmprakhar07
 
Purchasing and vendor management
Purchasing and vendor managementPurchasing and vendor management
Purchasing and vendor managementNarendra Chaudhary
 
Motivation in research - Research Methodology - Manu Melwin Joy
Motivation in research - Research Methodology - Manu Melwin JoyMotivation in research - Research Methodology - Manu Melwin Joy
Motivation in research - Research Methodology - Manu Melwin Joymanumelwin
 
Automation - Production and Operations Management
Automation - Production and Operations ManagementAutomation - Production and Operations Management
Automation - Production and Operations ManagementAfsana salam
 
Operating characteristics curve
Operating characteristics curveOperating characteristics curve
Operating characteristics curveChintan Trivedi
 
Employee involvement ppt
Employee involvement pptEmployee involvement ppt
Employee involvement pptSanthosh Veeramani
 
Bullwhip effect ppt
Bullwhip effect pptBullwhip effect ppt
Bullwhip effect pptpulak126
 
Statistical Quality Control
Statistical Quality ControlStatistical Quality Control
Statistical Quality ControlMahmudul Hasan
 
Supply Chain Management
Supply Chain ManagementSupply Chain Management
Supply Chain ManagementNavin Raj Saroj
 
Grievance & its handling procedure
Grievance & its handling procedureGrievance & its handling procedure
Grievance & its handling procedureManisha Srivastava
 
Inventory Control Final Ppt
Inventory Control Final PptInventory Control Final Ppt
Inventory Control Final Pptrajnikant
 
A view of procurement best practice
A view of procurement best practiceA view of procurement best practice
A view of procurement best practiceDr Gordon Murray
 
Finacial Management
Finacial ManagementFinacial Management
Finacial ManagementSagar Vetal
 
Chapter 9 - Motivation in HRM
Chapter 9 - Motivation in HRMChapter 9 - Motivation in HRM
Chapter 9 - Motivation in HRMakademisuria
 
Quality improvement and cost reduction
Quality improvement and cost reductionQuality improvement and cost reduction
Quality improvement and cost reductionShivani Chaudhari
 
Tools for capacity planning, measurement of capacity, capacity planning process
Tools for capacity planning, measurement of capacity, capacity planning processTools for capacity planning, measurement of capacity, capacity planning process
Tools for capacity planning, measurement of capacity, capacity planning processRohan Monis
 
Quality control methods
Quality control methodsQuality control methods
Quality control methodsMohamed Sharique Vellikan
 
Ppt data collection
Ppt data collectionPpt data collection
Ppt data collectionDynamic Research Centre & institute
 
Supply Chain Management, Basics
Supply Chain Management, BasicsSupply Chain Management, Basics
Supply Chain Management, BasicsRajendran Ananda Krishnan
 
Layout & mechanics of research report
Layout & mechanics of research reportLayout & mechanics of research report
Layout & mechanics of research reportashlinvilson
 
Facility layout ppt
Facility layout pptFacility layout ppt
Facility layout pptAnju Rana
 
Hml and two bin ppt by gulshan kumar
Hml and two bin ppt by gulshan kumarHml and two bin ppt by gulshan kumar
Hml and two bin ppt by gulshan kumarGULSHAN KUMAR
 
Inventory management in supply chain
Inventory management in supply chain Inventory management in supply chain
Inventory management in supply chain Sonia Peri
 
Management Information System Presentation
Management Information System PresentationManagement Information System Presentation
Management Information System PresentationAaDi Malik
 
Security and control in mis
Security and control in misSecurity and control in mis
Security and control in misGurjit
 

More Related Content

What's hot

Automation - Production and Operations Management
Automation - Production and Operations ManagementAutomation - Production and Operations Management
Automation - Production and Operations ManagementAfsana salam
 
Operating characteristics curve
Operating characteristics curveOperating characteristics curve
Operating characteristics curveChintan Trivedi
 
Bullwhip effect ppt
Bullwhip effect pptBullwhip effect ppt
Bullwhip effect pptpulak126
 
Statistical Quality Control
Statistical Quality ControlStatistical Quality Control
Statistical Quality ControlMahmudul Hasan
 
Grievance & its handling procedure
Grievance & its handling procedureGrievance & its handling procedure
Grievance & its handling procedureManisha Srivastava
 
Inventory Control Final Ppt
Inventory Control Final PptInventory Control Final Ppt
Inventory Control Final Pptrajnikant
 
A view of procurement best practice
A view of procurement best practiceA view of procurement best practice
A view of procurement best practiceDr Gordon Murray
 
Finacial Management
Finacial ManagementFinacial Management
Finacial ManagementSagar Vetal
 
Chapter 9 - Motivation in HRM
Chapter 9 - Motivation in HRMChapter 9 - Motivation in HRM
Chapter 9 - Motivation in HRMakademisuria
 
Quality improvement and cost reduction
Quality improvement and cost reductionQuality improvement and cost reduction
Quality improvement and cost reductionShivani Chaudhari
 
Tools for capacity planning, measurement of capacity, capacity planning process
Tools for capacity planning, measurement of capacity, capacity planning processTools for capacity planning, measurement of capacity, capacity planning process
Tools for capacity planning, measurement of capacity, capacity planning processRohan Monis
 
Layout & mechanics of research report
Layout & mechanics of research reportLayout & mechanics of research report
Layout & mechanics of research reportashlinvilson
 
Facility layout ppt
Facility layout pptFacility layout ppt
Facility layout pptAnju Rana
 
Hml and two bin ppt by gulshan kumar
Hml and two bin ppt by gulshan kumarHml and two bin ppt by gulshan kumar
Hml and two bin ppt by gulshan kumarGULSHAN KUMAR
 
Inventory management in supply chain
Inventory management in supply chain Inventory management in supply chain
Inventory management in supply chain Sonia Peri
 

What's hot (20)

Automation - Production and Operations Management
Automation - Production and Operations ManagementAutomation - Production and Operations Management
Automation - Production and Operations Management
 
Operating characteristics curve
Operating characteristics curveOperating characteristics curve
Operating characteristics curve
 
Employee involvement ppt
Employee involvement pptEmployee involvement ppt
Employee involvement ppt
 
Bullwhip effect ppt
Bullwhip effect pptBullwhip effect ppt
Bullwhip effect ppt
 
Statistical Quality Control
Statistical Quality ControlStatistical Quality Control
Statistical Quality Control
 
Supply Chain Management
Supply Chain ManagementSupply Chain Management
Supply Chain Management
 
Grievance & its handling procedure
Grievance & its handling procedureGrievance & its handling procedure
Grievance & its handling procedure
 
Inventory Control Final Ppt
Inventory Control Final PptInventory Control Final Ppt
Inventory Control Final Ppt
 
A view of procurement best practice
A view of procurement best practiceA view of procurement best practice
A view of procurement best practice
 
Finacial Management
Finacial ManagementFinacial Management
Finacial Management
 
Chapter 9 - Motivation in HRM
Chapter 9 - Motivation in HRMChapter 9 - Motivation in HRM
Chapter 9 - Motivation in HRM
 
Quality improvement and cost reduction
Quality improvement and cost reductionQuality improvement and cost reduction
Quality improvement and cost reduction
 
Tools for capacity planning, measurement of capacity, capacity planning process
Tools for capacity planning, measurement of capacity, capacity planning processTools for capacity planning, measurement of capacity, capacity planning process
Tools for capacity planning, measurement of capacity, capacity planning process
 
Quality control methods
Quality control methodsQuality control methods
Quality control methods
 
Ppt data collection
Ppt data collectionPpt data collection
Ppt data collection
 
Supply Chain Management, Basics
Supply Chain Management, BasicsSupply Chain Management, Basics
Supply Chain Management, Basics
 
Layout & mechanics of research report
Layout & mechanics of research reportLayout & mechanics of research report
Layout & mechanics of research report
 
Facility layout ppt
Facility layout pptFacility layout ppt
Facility layout ppt
 
Hml and two bin ppt by gulshan kumar
Hml and two bin ppt by gulshan kumarHml and two bin ppt by gulshan kumar
Hml and two bin ppt by gulshan kumar
 
Inventory management in supply chain
Inventory management in supply chain Inventory management in supply chain
Inventory management in supply chain
 

Similar to How To Secure MIS

Management Information System Presentation
Management Information System PresentationManagement Information System Presentation
Management Information System PresentationAaDi Malik
 
Security and control in mis
Security and control in misSecurity and control in mis
Security and control in misGurjit
 
IM Unit 4 Security and its a control.ppt
IM Unit 4 Security and its a control.pptIM Unit 4 Security and its a control.ppt
IM Unit 4 Security and its a control.pptRAJESH S
 
Security & control in mis
Security & control in misSecurity & control in mis
Security & control in misVishal Patyal
 
Meletis BelsisManaging and enforcing information security
Meletis BelsisManaging and enforcing information securityMeletis BelsisManaging and enforcing information security
Meletis BelsisManaging and enforcing information securityMeletis Belsis MPhil/MRes/BSc
 
Chapter 1 introduction(web security)
Chapter 1 introduction(web security)Chapter 1 introduction(web security)
Chapter 1 introduction(web security)Kirti Ahirrao
 
Software Security Engineering
Software Security EngineeringSoftware Security Engineering
Software Security EngineeringMuhammad Asim
 
Software security engineering
Software security engineeringSoftware security engineering
Software security engineeringaizazhussain234
 
Project Quality-SIPOCSelect a process of your choice and creat.docx
Project Quality-SIPOCSelect a process of your choice and creat.docxProject Quality-SIPOCSelect a process of your choice and creat.docx
Project Quality-SIPOCSelect a process of your choice and creat.docxwkyra78
 
Definitive Security Testing Checklist Shielding Your Applications against Cyb...
Definitive Security Testing Checklist Shielding Your Applications against Cyb...Definitive Security Testing Checklist Shielding Your Applications against Cyb...
Definitive Security Testing Checklist Shielding Your Applications against Cyb...Knoldus Inc.
 
chapter 3 ethics: computer and internet crime
chapter 3 ethics: computer and internet crimechapter 3 ethics: computer and internet crime
chapter 3 ethics: computer and internet crimemuhammad awais
 
The Open Group - ZT Commandments and Reference Model.pptx
The Open Group - ZT Commandments and Reference Model.pptxThe Open Group - ZT Commandments and Reference Model.pptx
The Open Group - ZT Commandments and Reference Model.pptxMark Simos
 
MS. Cybersecurity Reference Architecture
MS. Cybersecurity Reference ArchitectureMS. Cybersecurity Reference Architecture
MS. Cybersecurity Reference Architectureangelohammond
 
Week 09_Cyber security u.pdf
Week 09_Cyber security u.pdfWeek 09_Cyber security u.pdf
Week 09_Cyber security u.pdfdhanywahyudi17
 

Similar to How To Secure MIS (20)

Management Information System Presentation
Management Information System PresentationManagement Information System Presentation
Management Information System Presentation
 
Security and control in mis
Security and control in misSecurity and control in mis
Security and control in mis
 
IM Unit 4 Security and its a control.ppt
IM Unit 4 Security and its a control.pptIM Unit 4 Security and its a control.ppt
IM Unit 4 Security and its a control.ppt
 
Security & control in mis
Security & control in misSecurity & control in mis
Security & control in mis
 
Meletis BelsisManaging and enforcing information security
Meletis BelsisManaging and enforcing information securityMeletis BelsisManaging and enforcing information security
Meletis BelsisManaging and enforcing information security
 
Chapter 1 introduction(web security)
Chapter 1 introduction(web security)Chapter 1 introduction(web security)
Chapter 1 introduction(web security)
 
Software Security Engineering
Software Security EngineeringSoftware Security Engineering
Software Security Engineering
 
Security and Control.ppt
Security and Control.pptSecurity and Control.ppt
Security and Control.ppt
 
Software security engineering
Software security engineeringSoftware security engineering
Software security engineering
 
Project Quality-SIPOCSelect a process of your choice and creat.docx
Project Quality-SIPOCSelect a process of your choice and creat.docxProject Quality-SIPOCSelect a process of your choice and creat.docx
Project Quality-SIPOCSelect a process of your choice and creat.docx
 
Presentation 10.pptx
Presentation 10.pptxPresentation 10.pptx
Presentation 10.pptx
 
Definitive Security Testing Checklist Shielding Your Applications against Cyb...
Definitive Security Testing Checklist Shielding Your Applications against Cyb...Definitive Security Testing Checklist Shielding Your Applications against Cyb...
Definitive Security Testing Checklist Shielding Your Applications against Cyb...
 
chapter 3 ethics: computer and internet crime
chapter 3 ethics: computer and internet crimechapter 3 ethics: computer and internet crime
chapter 3 ethics: computer and internet crime
 
The Open Group - ZT Commandments and Reference Model.pptx
The Open Group - ZT Commandments and Reference Model.pptxThe Open Group - ZT Commandments and Reference Model.pptx
The Open Group - ZT Commandments and Reference Model.pptx
 
MS. Cybersecurity Reference Architecture
MS. Cybersecurity Reference ArchitectureMS. Cybersecurity Reference Architecture
MS. Cybersecurity Reference Architecture
 
Managing security threats in today’s enterprise
Managing security threats in today’s enterpriseManaging security threats in today’s enterprise
Managing security threats in today’s enterprise
 
Week 09_Cyber security u.pdf
Week 09_Cyber security u.pdfWeek 09_Cyber security u.pdf
Week 09_Cyber security u.pdf
 
It security cognic_systems
It security cognic_systemsIt security cognic_systems
It security cognic_systems
 
Cyber Security # Lec 5
Cyber Security # Lec 5Cyber Security # Lec 5
Cyber Security # Lec 5
 
Information Security Seminar
Information Security SeminarInformation Security Seminar
Information Security Seminar
 

Recently uploaded

Islamabad Escorts | Call 03274100048 | Escort Service in Islamabad
Islamabad Escorts | Call 03274100048 | Escort Service in IslamabadIslamabad Escorts | Call 03274100048 | Escort Service in Islamabad
Islamabad Escorts | Call 03274100048 | Escort Service in IslamabadAyesha Khan
 
Independent Call Girls Andheri Nightlaila 9967584737
Independent Call Girls Andheri Nightlaila 9967584737Independent Call Girls Andheri Nightlaila 9967584737
Independent Call Girls Andheri Nightlaila 9967584737Riya Pathan
 
BEST Call Girls In Greater Noida ✨ 9773824855 ✨ Escorts Service In Delhi Ncr,
BEST Call Girls In Greater Noida ✨ 9773824855 ✨ Escorts Service In Delhi Ncr,BEST Call Girls In Greater Noida ✨ 9773824855 ✨ Escorts Service In Delhi Ncr,
BEST Call Girls In Greater Noida ✨ 9773824855 ✨ Escorts Service In Delhi Ncr,noida100girls
 
Market Sizes Sample Report - 2024 Edition
Market Sizes Sample Report - 2024 EditionMarket Sizes Sample Report - 2024 Edition
Market Sizes Sample Report - 2024 EditionMintel Group
 
8447779800, Low rate Call girls in Tughlakabad Delhi NCR
8447779800, Low rate Call girls in Tughlakabad Delhi NCR8447779800, Low rate Call girls in Tughlakabad Delhi NCR
8447779800, Low rate Call girls in Tughlakabad Delhi NCRashishs7044
 
India Consumer 2024 Redacted Sample Report
India Consumer 2024 Redacted Sample ReportIndia Consumer 2024 Redacted Sample Report
India Consumer 2024 Redacted Sample ReportMintel Group
 
/:Call Girls In Indirapuram Ghaziabad ➥9990211544 Independent Best Escorts In...
/:Call Girls In Indirapuram Ghaziabad ➥9990211544 Independent Best Escorts In.../:Call Girls In Indirapuram Ghaziabad ➥9990211544 Independent Best Escorts In...
/:Call Girls In Indirapuram Ghaziabad ➥9990211544 Independent Best Escorts In...lizamodels9
 
Global Scenario On Sustainable and Resilient Coconut Industry by Dr. Jelfina...
Global Scenario On Sustainable and Resilient Coconut Industry by Dr. Jelfina...Global Scenario On Sustainable and Resilient Coconut Industry by Dr. Jelfina...
Global Scenario On Sustainable and Resilient Coconut Industry by Dr. Jelfina...ictsugar
 
Flow Your Strategy at Flight Levels Day 2024
Flow Your Strategy at Flight Levels Day 2024Flow Your Strategy at Flight Levels Day 2024
Flow Your Strategy at Flight Levels Day 2024Kirill Klimov
 
Pitch Deck Teardown: Geodesic.Life's $500k Pre-seed deck
Pitch Deck Teardown: Geodesic.Life's $500k Pre-seed deckPitch Deck Teardown: Geodesic.Life's $500k Pre-seed deck
Pitch Deck Teardown: Geodesic.Life's $500k Pre-seed deckHajeJanKamps
 
Call Girls In Connaught Place Delhi ❤️88604**77959_Russian 100% Genuine Escor...
Call Girls In Connaught Place Delhi ❤️88604**77959_Russian 100% Genuine Escor...Call Girls In Connaught Place Delhi ❤️88604**77959_Russian 100% Genuine Escor...
Call Girls In Connaught Place Delhi ❤️88604**77959_Russian 100% Genuine Escor...lizamodels9
 
Future Of Sample Report 2024 | Redacted Version
Future Of Sample Report 2024 | Redacted VersionFuture Of Sample Report 2024 | Redacted Version
Future Of Sample Report 2024 | Redacted VersionMintel Group
 
Lowrate Call Girls In Sector 18 Noida ❤️8860477959 Escorts 100% Genuine Servi...
Lowrate Call Girls In Sector 18 Noida ❤️8860477959 Escorts 100% Genuine Servi...Lowrate Call Girls In Sector 18 Noida ❤️8860477959 Escorts 100% Genuine Servi...
Lowrate Call Girls In Sector 18 Noida ❤️8860477959 Escorts 100% Genuine Servi...lizamodels9
 
8447779800, Low rate Call girls in New Ashok Nagar Delhi NCR
8447779800, Low rate Call girls in New Ashok Nagar Delhi NCR8447779800, Low rate Call girls in New Ashok Nagar Delhi NCR
8447779800, Low rate Call girls in New Ashok Nagar Delhi NCRashishs7044
 
Call Girls in DELHI Cantt, ( Call Me )-8377877756-Female Escort- In Delhi / Ncr
Call Girls in DELHI Cantt, ( Call Me )-8377877756-Female Escort- In Delhi / NcrCall Girls in DELHI Cantt, ( Call Me )-8377877756-Female Escort- In Delhi / Ncr
Call Girls in DELHI Cantt, ( Call Me )-8377877756-Female Escort- In Delhi / Ncrdollysharma2066
 
FULL ENJOY Call girls in Paharganj Delhi | 8377087607
FULL ENJOY Call girls in Paharganj Delhi | 8377087607FULL ENJOY Call girls in Paharganj Delhi | 8377087607
FULL ENJOY Call girls in Paharganj Delhi | 8377087607dollysharma2066
 
Ten Organizational Design Models to align structure and operations to busines...
Ten Organizational Design Models to align structure and operations to busines...Ten Organizational Design Models to align structure and operations to busines...
Ten Organizational Design Models to align structure and operations to busines...Seta Wicaksana
 
Youth Involvement in an Innovative Coconut Value Chain by Mwalimu Menza
Youth Involvement in an Innovative Coconut Value Chain by Mwalimu MenzaYouth Involvement in an Innovative Coconut Value Chain by Mwalimu Menza
Youth Involvement in an Innovative Coconut Value Chain by Mwalimu Menzaictsugar
 
Case study on tata clothing brand zudio in detail
Case study on tata clothing brand zudio in detailCase study on tata clothing brand zudio in detail
Case study on tata clothing brand zudio in detailAriel592675
 

Recently uploaded (20)

Islamabad Escorts | Call 03274100048 | Escort Service in Islamabad
Islamabad Escorts | Call 03274100048 | Escort Service in IslamabadIslamabad Escorts | Call 03274100048 | Escort Service in Islamabad
Islamabad Escorts | Call 03274100048 | Escort Service in Islamabad
 
Japan IT Week 2024 Brochure by 47Billion (English)
Japan IT Week 2024 Brochure by 47Billion (English)Japan IT Week 2024 Brochure by 47Billion (English)
Japan IT Week 2024 Brochure by 47Billion (English)
 
Independent Call Girls Andheri Nightlaila 9967584737
Independent Call Girls Andheri Nightlaila 9967584737Independent Call Girls Andheri Nightlaila 9967584737
Independent Call Girls Andheri Nightlaila 9967584737
 
BEST Call Girls In Greater Noida ✨ 9773824855 ✨ Escorts Service In Delhi Ncr,
BEST Call Girls In Greater Noida ✨ 9773824855 ✨ Escorts Service In Delhi Ncr,BEST Call Girls In Greater Noida ✨ 9773824855 ✨ Escorts Service In Delhi Ncr,
BEST Call Girls In Greater Noida ✨ 9773824855 ✨ Escorts Service In Delhi Ncr,
 
Market Sizes Sample Report - 2024 Edition
Market Sizes Sample Report - 2024 EditionMarket Sizes Sample Report - 2024 Edition
Market Sizes Sample Report - 2024 Edition
 
8447779800, Low rate Call girls in Tughlakabad Delhi NCR
8447779800, Low rate Call girls in Tughlakabad Delhi NCR8447779800, Low rate Call girls in Tughlakabad Delhi NCR
8447779800, Low rate Call girls in Tughlakabad Delhi NCR
 
India Consumer 2024 Redacted Sample Report
India Consumer 2024 Redacted Sample ReportIndia Consumer 2024 Redacted Sample Report
India Consumer 2024 Redacted Sample Report
 
/:Call Girls In Indirapuram Ghaziabad ➥9990211544 Independent Best Escorts In...
/:Call Girls In Indirapuram Ghaziabad ➥9990211544 Independent Best Escorts In.../:Call Girls In Indirapuram Ghaziabad ➥9990211544 Independent Best Escorts In...
/:Call Girls In Indirapuram Ghaziabad ➥9990211544 Independent Best Escorts In...
 
Global Scenario On Sustainable and Resilient Coconut Industry by Dr. Jelfina...
Global Scenario On Sustainable and Resilient Coconut Industry by Dr. Jelfina...Global Scenario On Sustainable and Resilient Coconut Industry by Dr. Jelfina...
Global Scenario On Sustainable and Resilient Coconut Industry by Dr. Jelfina...
 
Flow Your Strategy at Flight Levels Day 2024
Flow Your Strategy at Flight Levels Day 2024Flow Your Strategy at Flight Levels Day 2024
Flow Your Strategy at Flight Levels Day 2024
 
Pitch Deck Teardown: Geodesic.Life's $500k Pre-seed deck
Pitch Deck Teardown: Geodesic.Life's $500k Pre-seed deckPitch Deck Teardown: Geodesic.Life's $500k Pre-seed deck
Pitch Deck Teardown: Geodesic.Life's $500k Pre-seed deck
 
Call Girls In Connaught Place Delhi ❤️88604**77959_Russian 100% Genuine Escor...
Call Girls In Connaught Place Delhi ❤️88604**77959_Russian 100% Genuine Escor...Call Girls In Connaught Place Delhi ❤️88604**77959_Russian 100% Genuine Escor...
Call Girls In Connaught Place Delhi ❤️88604**77959_Russian 100% Genuine Escor...
 
Future Of Sample Report 2024 | Redacted Version
Future Of Sample Report 2024 | Redacted VersionFuture Of Sample Report 2024 | Redacted Version
Future Of Sample Report 2024 | Redacted Version
 
Lowrate Call Girls In Sector 18 Noida ❤️8860477959 Escorts 100% Genuine Servi...
Lowrate Call Girls In Sector 18 Noida ❤️8860477959 Escorts 100% Genuine Servi...Lowrate Call Girls In Sector 18 Noida ❤️8860477959 Escorts 100% Genuine Servi...
Lowrate Call Girls In Sector 18 Noida ❤️8860477959 Escorts 100% Genuine Servi...
 
8447779800, Low rate Call girls in New Ashok Nagar Delhi NCR
8447779800, Low rate Call girls in New Ashok Nagar Delhi NCR8447779800, Low rate Call girls in New Ashok Nagar Delhi NCR
8447779800, Low rate Call girls in New Ashok Nagar Delhi NCR
 
Call Girls in DELHI Cantt, ( Call Me )-8377877756-Female Escort- In Delhi / Ncr
Call Girls in DELHI Cantt, ( Call Me )-8377877756-Female Escort- In Delhi / NcrCall Girls in DELHI Cantt, ( Call Me )-8377877756-Female Escort- In Delhi / Ncr
Call Girls in DELHI Cantt, ( Call Me )-8377877756-Female Escort- In Delhi / Ncr
 
FULL ENJOY Call girls in Paharganj Delhi | 8377087607
FULL ENJOY Call girls in Paharganj Delhi | 8377087607FULL ENJOY Call girls in Paharganj Delhi | 8377087607
FULL ENJOY Call girls in Paharganj Delhi | 8377087607
 
Ten Organizational Design Models to align structure and operations to busines...
Ten Organizational Design Models to align structure and operations to busines...Ten Organizational Design Models to align structure and operations to busines...
Ten Organizational Design Models to align structure and operations to busines...
 
Youth Involvement in an Innovative Coconut Value Chain by Mwalimu Menza
Youth Involvement in an Innovative Coconut Value Chain by Mwalimu MenzaYouth Involvement in an Innovative Coconut Value Chain by Mwalimu Menza
Youth Involvement in an Innovative Coconut Value Chain by Mwalimu Menza
 
Case study on tata clothing brand zudio in detail
Case study on tata clothing brand zudio in detailCase study on tata clothing brand zudio in detail
Case study on tata clothing brand zudio in detail
 

How To Secure MIS

  • 1.
  • 2.
  • 3. MALIK TOUQEER BBA(HONS) THE ISLAMIA UNIVERSITY BAHAWALPUR PAKISTAN
  • 5. Introduction to MIS An MIS provides managers with information and support for effective decision making, and provides feedback on daily operations. MIS is a system, which makes available the Right Information to the Right Person at the Right place at the Right Time in the Right Form and at Right Cost.
  • 6.  The quality or state of being secure to be free from danger  Security is achieved using several strategies simultaneously or used in combination with one another  Security is recognized as essential to protect vital processes and the systems that provide those processes  Security is not something you buy, it is something you do What is security?
  • 7. Vulnerability, Threat and Attack  A vulnerability:- is a weakness in security system Can be in design, implementation, etc. Can be hardware, or software  A threat:- is a set of circumstances that has the potential to cause loss or harm Or it’s a potential violation of security Threat can be: Accidental (natural disasters, human error, …) Malicious (attackers, insider fraud, …)  An attack:- is the actual violation of security
  • 8. Why Systems are Vulnerable?  Hardware problems- • Breakdowns, configuration errors, damage from improper use or crime  Software problems- • Programming errors, installation errors, unauthorized changes)  Disasters- • Power failures, flood, fires, etc.  Use of networks and computers outside of firm’s control - • E.g. with domestic or offshore outsourcing vendors
  • 9. SO HOW DO WE OVERCOME THESE PROBLEMS???
  • 10. BUSINESS VALUE OF SECURITY AND CONTROL • Inadequate security and control may create serious legal liability. • Businesses must protect not only their own information assets but also those of customers, employees, and business partners. Failure to do so can lead to costly litigation for data exposure or theft. • A sound security and control framework that protects business information assets can thus produce a high return on investment.
  • 11. ESTABLISHING A MANAGEMENT FRAMEWORK FOR SECURITY AND CONTROL  General controls: Establish framework for controlling design, security, and use of computer programs • Software controls • Hardware controls • Computer operations controls • Data security controls • Implementation controls
  • 12. ESTABLISHING A MANAGEMENT FRAMEWORK FOR SECURITY AND CONTROL Application controls: • Input • Processing • Output Unique to each computerized application
  • 13. CREATING A CONTROL ENVIRONMENT  Controls:- • Methods, policies, and procedures • Ensures protection of organization’s assets • Ensures accuracy and reliability of records, and operational adherence to management standards
  • 14. Worldwide Damage from Digital Attacks
  • 15. CREATING A CONTROL ENVIRONMENT  Disaster recovery plan: Runs business in event of computer outage  Load balancing: Distributes large number of requests for access among multiple servers
  • 16. CREATING A CONTROL ENVIRONMENT • Mirroring: Duplicating all processes and transactions of server on backup server to prevent any interruption • Clustering: Linking two computers together so that a second computer can act as a backup to the primary computer or speed up processing
  • 17. CREATING A CONTROL ENVIRONMENT Internet Security Challenges  Firewalls:- • Hardware and software controlling flow of incoming and outgoing network traffic • Prevent unauthorized users from accessing private networks • Two types: proxies and stateful inspection  Intrusion Detection System:- • Monitors vulnerable points in network to detect and deter unauthorized intruders
  • 19.  Because they can  A large fraction of hacker attacks have been pranks  Financial Gain  Espionage  Venting anger at a company or organization  Terrorism Why do Hackers Attack?
  • 20. Access Control - Physical USER RESPONSIBILITIES • Follow Security Procedures • Wear Identity Cards • Ask unauthorized visitor his credentials • Attend visitors in Reception and Conference Room only • Bring visitors in operations area without prior permission • Bring hazardous and combustible material in secure area • Practice “Piggybacking” • Bring and use pen drives, zip drives, ipods, other storage devices unless and otherwise authorized to do so
  • 21. Password Guidelines  Always use at least 8 character password with combination of alphabets, numbers and special characters (*, %, @, #, $, ^)  Use passwords that can be easily remembered by you  Change password regularly as per policy  Use password that is significantly different from earlier passwords Use passwords which reveals your personal information or words found in dictionary Write down or Store passwords Share passwords over phone or Email Use passwords which do not match above complexity criteria
  • 22.  Dictionary Attack  Hacker tries all words in dictionary to crack password  70% of the people use dictionary words as passwords  Brute Force Attack  Try all permutations of the letters & symbols in the alphabet  Hybrid Attack  Words from dictionary and their variations used in attack  Shoulder Surfing  Hackers slyly watch over peoples shoulders to steal passwords  Dumpster Diving  People dump their trash papers in garbage which may contain information to crack passwords Password Attacks - Types
  • 23. Internet Usage Use internet services for business purposes only  Do not access internet through dial-up connectivity  Do not use internet for accessing auction sites  Do not use internet for hacking other computer systems  Do not use internet to download / upload commercial software / copyrighted material  Technology Department is continuously monitoring Internet Usage. Any illegal use of internet and other assets shall call for Disciplinary Action.
  • 24. CREATING A CONTROL ENVIRONMENT Antivirus Software  Antivirus software: - Software that checks computer systems and drives for the presence of computer viruses and can eliminate the virus from the infected area • Wi-Fi Protected Access specification
  • 25. This NEC PC has a biometric fingerprint reader for fast yet secure access to files and networks. New models of PCs are starting to use biometric identification to authenticate users
  • 26. MANAGEMENT CHALLENGES  Implementing an effective security policy  Applying quality assurance standards in large systems projects  What are the most important software quality assurance techniques?  Why are auditing information systems and safeguarding data quality so important?
  • 27. Solution Guidelines • Security and control must become a more visible and explicit priority and area of information systems investment. • Support and commitment from top management is required to show that security is indeed a corporate priority and vital to all aspects of the business. • Security and control should be the responsibility of everyone in the organization.
  • 28. . . . LET US BUILD A HUMAN WALL ALONG WITH FIREWALL Human Wall Is Always Better Than A Firewall