This document provides an overview of information security. It defines information security as protecting information systems, hardware, and data. It then describes different types of security including physical, personal, operations, communications, network, and information security. The document outlines several common threats to information systems such as unauthorized access, cyberespionage, malware, data leakage, mobile device attacks, social engineering, insiders, phishing, spam, and identity theft. It recommends various controls for protecting information systems, including data security plans, access controls, encryption, backups, and employee training.
Currently, market has a wide range of systems, products and services focused on computer security services: Antivirus, Antispyware, Firewalls, IPS, WAF, SIEM systems, etc.
All these measures are indispensable and have become a priority for any company or organization towards ensuring its assets, but social engineering plays with the advantage that you can use techniques that violate own vulnerabilities inherent in human beings and, as is well known, for this there is no patch or upgrade that provides effective protection against such attacks.
People is normally “the weak link in the chain”.
In this presentation we have covered the topic Data Security from the subject of Information Security. Where Data, Data Security, Security, Security Policy, Tools to secure data, Security Overview (Availability, Integrity, Authenticity, Confidentiality), Some myths and Dimensions of System Security and Security Issues are discussed.
Currently, market has a wide range of systems, products and services focused on computer security services: Antivirus, Antispyware, Firewalls, IPS, WAF, SIEM systems, etc.
All these measures are indispensable and have become a priority for any company or organization towards ensuring its assets, but social engineering plays with the advantage that you can use techniques that violate own vulnerabilities inherent in human beings and, as is well known, for this there is no patch or upgrade that provides effective protection against such attacks.
People is normally “the weak link in the chain”.
In this presentation we have covered the topic Data Security from the subject of Information Security. Where Data, Data Security, Security, Security Policy, Tools to secure data, Security Overview (Availability, Integrity, Authenticity, Confidentiality), Some myths and Dimensions of System Security and Security Issues are discussed.
In a world so connected, cyber security awareness is key to a safe online experience, because the weakest information security link to any organisation is the users of technology. This presentation speaks to basic cyber security awareness for everyday internet users
Effective security awareness training with basic needs for the organization and its employees. It should also be engaging and interactive, using a variety of formats such as videos, quizzes, simulations, and case studies.
Cyber Security Awareness Session for Executives and Non-IT professionalsKrishna Srikanth Manda
Cyber Security Awareness Session conducted by Lightracers Consulting, for Management and non-IT employees. In this learning presentation, we will look at - What is Cyber Crime, Types of Cyber crime, What is Cyber Security, Types of Threats, Social Engineering techniques, Identifying legitimate and secure websites, Protection measures, Cyber Law in India followed by a small quiz.
Infections cost organizations billions of dollars in lost time and productivity, as well as ransom payments and other indirect costs, like damage to a business’s reputation.
End-users will learn about password management, multi-factor authentication and how to secure their laptops and desktops while working remotely.
This session will teach professionals how to avoid becoming a statistic.
Agenda: Foundations of security awareness | Common threats | Three ways to secure your work environment | Best practices for users | The work from home checklist
Information Security Awareness for everyoneYasir Nafees
SAFE (which stands for Security Awareness For Everyone) is an information security awareness program designed to help organizations creating a well informed and risk-aware culture. SAFE focuses on learning to make it important for everyone to be fully informed and take responsibility to protect organization’s most important asset, “The Information”.
This Edureka PPT on "Application Security" will help you understand what application security is and measures taken to improve the security of an application often by finding, fixing and preventing security vulnerabilities.
Following are the topics covered in this PPT:
Introduction to Cybersecurity
What is Application Security?
What is an SQL Injection attack
Demo on SQL Injection
Follow us to never miss an update in the future.
Instagram: https://www.instagram.com/edureka_learning/
Facebook: https://www.facebook.com/edurekaIN/
Twitter: https://twitter.com/edurekain
LinkedIn: https://www.linkedin.com/company/edureka
The presentation explains about Data Security as an industrial concept. It addresses
its concern on Data Loss Prevention in detail, from what it is, its approach, the best practices and
common mistakes people make for the same. The presentation concludes with highlighting
Happiest Minds' expertise in the domain.
Learn more about Happiest Minds Data Security Service Offerings
http://www.happiestminds.com/IT-security-services/data-security-services/
Cybersecurity Awareness Training Presentation v1.0DallasHaselhorst
Note: There is an updated version of this slide deck available on SlideShare at
https://www.slideshare.net/DallasHaselhorst/cybersecurity-awareness-training-presentation-v11
--
Do you want an cybersecurity awareness training you can present at *your* business or in *your* community? Awesome!
We spent months putting together this training presentation on cybersecurity awareness. We then presented it multiple times and continued modifying the presentation based on feedback from attendees as well as feedback from those in the information security community. We are now releasing this in the hope it is a call to action for others in their communities.
The slides are available for download on our website. Download it and please present it in your own communities, e.g. at your local library, business events, co-working spaces, schools, etc. We also have a free cybersecurity quiz available on the site that is also based on the material.
Download the latest version as a Microsoft PowerPoint presentation (.pptx) or 'Make a Copy' in Google Slides.
https://www.treetopsecurity.com/slides
In a world so connected, cyber security awareness is key to a safe online experience, because the weakest information security link to any organisation is the users of technology. This presentation speaks to basic cyber security awareness for everyday internet users
Effective security awareness training with basic needs for the organization and its employees. It should also be engaging and interactive, using a variety of formats such as videos, quizzes, simulations, and case studies.
Cyber Security Awareness Session for Executives and Non-IT professionalsKrishna Srikanth Manda
Cyber Security Awareness Session conducted by Lightracers Consulting, for Management and non-IT employees. In this learning presentation, we will look at - What is Cyber Crime, Types of Cyber crime, What is Cyber Security, Types of Threats, Social Engineering techniques, Identifying legitimate and secure websites, Protection measures, Cyber Law in India followed by a small quiz.
Infections cost organizations billions of dollars in lost time and productivity, as well as ransom payments and other indirect costs, like damage to a business’s reputation.
End-users will learn about password management, multi-factor authentication and how to secure their laptops and desktops while working remotely.
This session will teach professionals how to avoid becoming a statistic.
Agenda: Foundations of security awareness | Common threats | Three ways to secure your work environment | Best practices for users | The work from home checklist
Information Security Awareness for everyoneYasir Nafees
SAFE (which stands for Security Awareness For Everyone) is an information security awareness program designed to help organizations creating a well informed and risk-aware culture. SAFE focuses on learning to make it important for everyone to be fully informed and take responsibility to protect organization’s most important asset, “The Information”.
This Edureka PPT on "Application Security" will help you understand what application security is and measures taken to improve the security of an application often by finding, fixing and preventing security vulnerabilities.
Following are the topics covered in this PPT:
Introduction to Cybersecurity
What is Application Security?
What is an SQL Injection attack
Demo on SQL Injection
Follow us to never miss an update in the future.
Instagram: https://www.instagram.com/edureka_learning/
Facebook: https://www.facebook.com/edurekaIN/
Twitter: https://twitter.com/edurekain
LinkedIn: https://www.linkedin.com/company/edureka
The presentation explains about Data Security as an industrial concept. It addresses
its concern on Data Loss Prevention in detail, from what it is, its approach, the best practices and
common mistakes people make for the same. The presentation concludes with highlighting
Happiest Minds' expertise in the domain.
Learn more about Happiest Minds Data Security Service Offerings
http://www.happiestminds.com/IT-security-services/data-security-services/
Cybersecurity Awareness Training Presentation v1.0DallasHaselhorst
Note: There is an updated version of this slide deck available on SlideShare at
https://www.slideshare.net/DallasHaselhorst/cybersecurity-awareness-training-presentation-v11
--
Do you want an cybersecurity awareness training you can present at *your* business or in *your* community? Awesome!
We spent months putting together this training presentation on cybersecurity awareness. We then presented it multiple times and continued modifying the presentation based on feedback from attendees as well as feedback from those in the information security community. We are now releasing this in the hope it is a call to action for others in their communities.
The slides are available for download on our website. Download it and please present it in your own communities, e.g. at your local library, business events, co-working spaces, schools, etc. We also have a free cybersecurity quiz available on the site that is also based on the material.
Download the latest version as a Microsoft PowerPoint presentation (.pptx) or 'Make a Copy' in Google Slides.
https://www.treetopsecurity.com/slides
System Security:
1. Security problem & User Authentication
2. Program, network And system Threats
3. Handling the Security problem
CONTACT ME AT: reddhisb@gmail.com
Network Security: A Four Point Analysis of Appliances vs. the CloudOpenDNS
When you're assessing network security solutions, you face two fundamental choices with dramatic consequences for protection, coverage, performance and manageability. Appliance-based solutions seek to arm organizations with visibility and control within their network environment. Cloud-based solutions promise easier setup, greater scalability, wider coverage and adaptive protection.
How do you weigh the promised benefits against the potential risks? Does one option offer distinct advantages over the other?
A talk on Fuzzy Topological Systems that was given at the Segundo Congresso Brasileiro de Sistemas Fuzzy, November 6--9, 2012, Natal, Rio Grande do Norte, Brazil.
In this short slide revision, I have made just a major and important summary on Internet Security, IS Security, CIA, Threats to Security on Networks and also there related controls.
Thank you,
Please comment and share your feedback.
Recruiting in the Digital Age: A Social Media MasterclassLuanWise
In this masterclass, presented at the Global HR Summit on 5th June 2024, Luan Wise explored the essential features of social media platforms that support talent acquisition, including LinkedIn, Facebook, Instagram, X (formerly Twitter) and TikTok.
Buy Verified PayPal Account | Buy Google 5 Star Reviewsusawebmarket
Buy Verified PayPal Account
Looking to buy verified PayPal accounts? Discover 7 expert tips for safely purchasing a verified PayPal account in 2024. Ensure security and reliability for your transactions.
PayPal Services Features-
🟢 Email Access
🟢 Bank Added
🟢 Card Verified
🟢 Full SSN Provided
🟢 Phone Number Access
🟢 Driving License Copy
🟢 Fasted Delivery
Client Satisfaction is Our First priority. Our services is very appropriate to buy. We assume that the first-rate way to purchase our offerings is to order on the website. If you have any worry in our cooperation usually You can order us on Skype or Telegram.
24/7 Hours Reply/Please Contact
usawebmarketEmail: support@usawebmarket.com
Skype: usawebmarket
Telegram: @usawebmarket
WhatsApp: +1(218) 203-5951
USA WEB MARKET is the Best Verified PayPal, Payoneer, Cash App, Skrill, Neteller, Stripe Account and SEO, SMM Service provider.100%Satisfection granted.100% replacement Granted.
Premium MEAN Stack Development Solutions for Modern BusinessesSynapseIndia
Stay ahead of the curve with our premium MEAN Stack Development Solutions. Our expert developers utilize MongoDB, Express.js, AngularJS, and Node.js to create modern and responsive web applications. Trust us for cutting-edge solutions that drive your business growth and success.
Know more: https://www.synapseindia.com/technology/mean-stack-development-company.html
Enterprise Excellence is Inclusive Excellence.pdfKaiNexus
Enterprise excellence and inclusive excellence are closely linked, and real-world challenges have shown that both are essential to the success of any organization. To achieve enterprise excellence, organizations must focus on improving their operations and processes while creating an inclusive environment that engages everyone. In this interactive session, the facilitator will highlight commonly established business practices and how they limit our ability to engage everyone every day. More importantly, though, participants will likely gain increased awareness of what we can do differently to maximize enterprise excellence through deliberate inclusion.
What is Enterprise Excellence?
Enterprise Excellence is a holistic approach that's aimed at achieving world-class performance across all aspects of the organization.
What might I learn?
A way to engage all in creating Inclusive Excellence. Lessons from the US military and their parallels to the story of Harry Potter. How belt systems and CI teams can destroy inclusive practices. How leadership language invites people to the party. There are three things leaders can do to engage everyone every day: maximizing psychological safety to create environments where folks learn, contribute, and challenge the status quo.
Who might benefit? Anyone and everyone leading folks from the shop floor to top floor.
Dr. William Harvey is a seasoned Operations Leader with extensive experience in chemical processing, manufacturing, and operations management. At Michelman, he currently oversees multiple sites, leading teams in strategic planning and coaching/practicing continuous improvement. William is set to start his eighth year of teaching at the University of Cincinnati where he teaches marketing, finance, and management. William holds various certifications in change management, quality, leadership, operational excellence, team building, and DiSC, among others.
[Note: This is a partial preview. To download this presentation, visit:
https://www.oeconsulting.com.sg/training-presentations]
Sustainability has become an increasingly critical topic as the world recognizes the need to protect our planet and its resources for future generations. Sustainability means meeting our current needs without compromising the ability of future generations to meet theirs. It involves long-term planning and consideration of the consequences of our actions. The goal is to create strategies that ensure the long-term viability of People, Planet, and Profit.
Leading companies such as Nike, Toyota, and Siemens are prioritizing sustainable innovation in their business models, setting an example for others to follow. In this Sustainability training presentation, you will learn key concepts, principles, and practices of sustainability applicable across industries. This training aims to create awareness and educate employees, senior executives, consultants, and other key stakeholders, including investors, policymakers, and supply chain partners, on the importance and implementation of sustainability.
LEARNING OBJECTIVES
1. Develop a comprehensive understanding of the fundamental principles and concepts that form the foundation of sustainability within corporate environments.
2. Explore the sustainability implementation model, focusing on effective measures and reporting strategies to track and communicate sustainability efforts.
3. Identify and define best practices and critical success factors essential for achieving sustainability goals within organizations.
CONTENTS
1. Introduction and Key Concepts of Sustainability
2. Principles and Practices of Sustainability
3. Measures and Reporting in Sustainability
4. Sustainability Implementation & Best Practices
To download the complete presentation, visit: https://www.oeconsulting.com.sg/training-presentations
Discover the innovative and creative projects that highlight my journey throu...dylandmeas
Discover the innovative and creative projects that highlight my journey through Full Sail University. Below, you’ll find a collection of my work showcasing my skills and expertise in digital marketing, event planning, and media production.
Cracking the Workplace Discipline Code Main.pptxWorkforce Group
Cultivating and maintaining discipline within teams is a critical differentiator for successful organisations.
Forward-thinking leaders and business managers understand the impact that discipline has on organisational success. A disciplined workforce operates with clarity, focus, and a shared understanding of expectations, ultimately driving better results, optimising productivity, and facilitating seamless collaboration.
Although discipline is not a one-size-fits-all approach, it can help create a work environment that encourages personal growth and accountability rather than solely relying on punitive measures.
In this deck, you will learn the significance of workplace discipline for organisational success. You’ll also learn
• Four (4) workplace discipline methods you should consider
• The best and most practical approach to implementing workplace discipline.
• Three (3) key tips to maintain a disciplined workplace.
"𝑩𝑬𝑮𝑼𝑵 𝑾𝑰𝑻𝑯 𝑻𝑱 𝑰𝑺 𝑯𝑨𝑳𝑭 𝑫𝑶𝑵𝑬"
𝐓𝐉 𝐂𝐨𝐦𝐬 (𝐓𝐉 𝐂𝐨𝐦𝐦𝐮𝐧𝐢𝐜𝐚𝐭𝐢𝐨𝐧𝐬) is a professional event agency that includes experts in the event-organizing market in Vietnam, Korea, and ASEAN countries. We provide unlimited types of events from Music concerts, Fan meetings, and Culture festivals to Corporate events, Internal company events, Golf tournaments, MICE events, and Exhibitions.
𝐓𝐉 𝐂𝐨𝐦𝐬 provides unlimited package services including such as Event organizing, Event planning, Event production, Manpower, PR marketing, Design 2D/3D, VIP protocols, Interpreter agency, etc.
Sports events - Golf competitions/billiards competitions/company sports events: dynamic and challenging
⭐ 𝐅𝐞𝐚𝐭𝐮𝐫𝐞𝐝 𝐩𝐫𝐨𝐣𝐞𝐜𝐭𝐬:
➢ 2024 BAEKHYUN [Lonsdaleite] IN HO CHI MINH
➢ SUPER JUNIOR-L.S.S. THE SHOW : Th3ee Guys in HO CHI MINH
➢FreenBecky 1st Fan Meeting in Vietnam
➢CHILDREN ART EXHIBITION 2024: BEYOND BARRIERS
➢ WOW K-Music Festival 2023
➢ Winner [CROSS] Tour in HCM
➢ Super Show 9 in HCM with Super Junior
➢ HCMC - Gyeongsangbuk-do Culture and Tourism Festival
➢ Korean Vietnam Partnership - Fair with LG
➢ Korean President visits Samsung Electronics R&D Center
➢ Vietnam Food Expo with Lotte Wellfood
"𝐄𝐯𝐞𝐫𝐲 𝐞𝐯𝐞𝐧𝐭 𝐢𝐬 𝐚 𝐬𝐭𝐨𝐫𝐲, 𝐚 𝐬𝐩𝐞𝐜𝐢𝐚𝐥 𝐣𝐨𝐮𝐫𝐧𝐞𝐲. 𝐖𝐞 𝐚𝐥𝐰𝐚𝐲𝐬 𝐛𝐞𝐥𝐢𝐞𝐯𝐞 𝐭𝐡𝐚𝐭 𝐬𝐡𝐨𝐫𝐭𝐥𝐲 𝐲𝐨𝐮 𝐰𝐢𝐥𝐥 𝐛𝐞 𝐚 𝐩𝐚𝐫𝐭 𝐨𝐟 𝐨𝐮𝐫 𝐬𝐭𝐨𝐫𝐢𝐞𝐬."
Business Valuation Principles for EntrepreneursBen Wann
This insightful presentation is designed to equip entrepreneurs with the essential knowledge and tools needed to accurately value their businesses. Understanding business valuation is crucial for making informed decisions, whether you're seeking investment, planning to sell, or simply want to gauge your company's worth.
At Techbox Square, in Singapore, we're not just creative web designers and developers, we're the driving force behind your brand identity. Contact us today.
Affordable Stationery Printing Services in Jaipur | Navpack n PrintNavpack & Print
Looking for professional printing services in Jaipur? Navpack n Print offers high-quality and affordable stationery printing for all your business needs. Stand out with custom stationery designs and fast turnaround times. Contact us today for a quote!
LA HUG - Video Testimonials with Chynna Morgan - June 2024Lital Barkan
Have you ever heard that user-generated content or video testimonials can take your brand to the next level? We will explore how you can effectively use video testimonials to leverage and boost your sales, content strategy, and increase your CRM data.🤯
We will dig deeper into:
1. How to capture video testimonials that convert from your audience 🎥
2. How to leverage your testimonials to boost your sales 💲
3. How you can capture more CRM data to understand your audience better through video testimonials. 📊
Falcon stands out as a top-tier P2P Invoice Discounting platform in India, bridging esteemed blue-chip companies and eager investors. Our goal is to transform the investment landscape in India by establishing a comprehensive destination for borrowers and investors with diverse profiles and needs, all while minimizing risk. What sets Falcon apart is the elimination of intermediaries such as commercial banks and depository institutions, allowing investors to enjoy higher yields.
4. SECURITYTYPES
• Physical Security : To protect Physical items, objects or areas
• Personal Security : To protect the individual or group of individuals who are authorized
• Operations Security : To protect the details of a particular operation or activities
• Communications Security : To protect communication media, technology and content
• Network Security :To protect networking components, connections and contents
• Information Security : To protect information assets
5. THREATSTOINFORMATIONSYSTEM
There are many information security threats that
we need to be constantly aware of and protect
against in order to ensure our sensitive
information remains secure. Some of the threats
are as follows:
6. UNAUTHORIZEDACCESS–
• The attempted or successful access of information or systems,
without permission or rights to do so.
Ensure you have a properly configured firewall, up to date
malware prevention software and all software has the latest
security updates.
Protect all sensitive information, utilizing encryption where
appropriate, and use strong passwords that are changed
regularly.
7. CYBERESPIONAGE
• The act of spying through the use of computers, involving the
covert access or ‘hacking’of company or government networks
to obtain sensitive information.
Be alert for social engineering attempts and
verify all requests for sensitive information.
Ensure software has the latest security updates, your network
is secure and monitor for unusual network behavior.
8. MALWARE
• A collective term for malicious software, such as viruses,
worms and trojans; designed to infiltrate systems and
information for criminal, commercial or destructive purposes.
Ensure you have a properly configured firewall, up to date
malware prevention and all software has the latest security
updates.
Do not click links or open attachments in emails from
unknown senders, visit un-trusted websites or install dubious
software.
9. DATALEAKAGE
• The intentional or accidental loss, theft or exposure of
sensitive company or personal information
Ensure all sensitive information stored on removable
storage media, mobile devices or laptops is encrypted
Be mindful of what you post online, check email recipients
before pressing send, and never email sensitive company
information to personal email accounts
10. MOBILEDEVICEATTACK
• The malicious attack on, or unauthorized access of mobile
devices and the information stored or processed by them;
performed wirelessly or through physical possession.
Keep devices with you at all times, encrypt all sensitive data
and removable storage media, and use strong passwords.
Avoid connecting to insecure, un-trusted public wireless
networks and ensure Bluetooth is in ‘undiscoverable’mode.
11. SOCIALENGINEERING
• Tricking and manipulating others by phone, email, online or in-
person, into divulging sensitive information, in order to access
company information or systems.
Verify all requests for sensitive information, no matter how
legitimate they may seem, and never share your passwords with
anyone – not even the helpdesk.
Never part with sensitive information if in doubt, and report
suspected social engineering attempts immediately.
12. INSIDERS
• An employee or worker with malicious intent to steal
sensitive company information, commit fraud or cause
damage to company systems or information
Ensure access to sensitive information is restricted to only
those that need it and revoke access when no longer
required
Report all suspicious activity or workers immediately
13. PHISHING
• A form of social engineering, involving the sending of legitimate
looking emails aimed at fraudulently extracting sensitive information
from recipients, usually to gain access to systems or for identity theft.
• Look out for emails containing unexpected or unsolicited requests for
sensitive information, or contextually relevant emails from unknown
senders.
• Never click on suspicious looking links within emails, and report all
suspected phishing attempts immediately.
14. SPAM
• Unsolicited email sent in bulk to many individuals, usually
for commercial gain, but increasingly for spreading
malware.
Only give your email to those you trust and never post
your address online for others to view.
Use a spam filter and never reply to spam emails or click
links within them.
15. IDENTITYTHEFT
• The theft of an unknowing individual’s personal information, in order
to fraudulently assume that individual’s identity to commit a crime,
usually for financial gain.
• Never provide personal information to un-trusted individuals or
websites.
• Ensure personal information is protected when stored and securely
disposed of when no longer needed.
16. PROTECTINGINFORMATIONSYSTEM
1. Data security is fundamental
Data security is crucial to all academic, medical and
business operations.
All existing and new business and data processes should
include a data security review to be sure data is safe from
loss and secured against unauthorized access.
17. 2. Plan ahead
Create a plan to review your data security status and
policies and create routine processes to access, handle and
store the data safely as well as archive unneeded data.
Make sure you and your colleagues know how to respond if
you have a data loss or data breach incident.
18. 3. Know what data you have
The first step to secure computing is knowing what data you
have and what levels of protection are required to keep the
data both confidential and safe from loss.
19. 4. Scale down the data
Keep only the data you need for routine current business,
safely archive or destroy older data, and remove it from all
computers and other devices (smart phones, laptops, flash
drives, external hard disks).
20. 5. Lock up!
Physical security is the key to safe and confidential computing.
All the passwords in the world won't get your laptop back if the
computer itself is stolen.
Back up the data to a safe place in the event of loss.
21. INFORMATIONSECURITYCONTROLS
Security is generally defined as the freedom from danger or
as the condition of safety.
Computer security, specifically, is the protection of data in a
system against unauthorized disclosure, modification, or
destruction and protection of the computer system itself
against unauthorized use, modification, or denial of service.
22. PHYSICALCONTROLS
It is the use of locks, security guards, badges, alarms, and similar
measures to control access to computers, related equipment
(including utilities), and the processing facility itself.
In addition, measures are required for protecting computers,
related equipment, and their contents from espionage, theft, and
destruction or damage by accident, fire, or natural disaster (e.g.,
floods and earthquakes).
23. TECHNICALCONTROLS
Involves the use of safeguards incorporated in computer
hardware, operations or applications software,
communications hardware and software, and related devices.
Technical controls are sometimes referred to as logical
controls.
24. TECHNICALCONTROLS
Preventive technical controls are used to prevent
unauthorized personnel or programs from gaining remote
access to computing resources. Examples of these controls
include:
o Access control software
o Antivirus software
o Library control systems
o Passwords
o Smart cards
o Encryption
o Dial-up access control and callback systems
25. ADMINISTRATIVECONTROLS
Consists of management constraints, operational
procedures, accountability procedures, and supplemental
administrative controls established to provide an acceptable
level of protection for computing resources.
In addition, administrative controls include procedures
established to ensure that all personnel who have access to
computing resources have the required authorizations and
appropriate security clearances.
26. ADMINISTRATIVECONTROLS
Preventive administrative controls are personnel-oriented techniques
for controlling people’s behavior to ensure the confidentiality,
integrity, and availability of computing data and programs. Examples
of preventive administrative controls include:
o Security awareness and technical training
o Separation of duties
o Procedures for recruiting and terminating employees
o Security policies and procedures
o Supervision.
o Disaster recovery, contingency, and emergency plans
o User registration for computer access