SlideShare a Scribd company logo

P3 m2

Download as PPTX, PDF
M
Matthew Horrigan
1 of 14
M A T T H E W H O R R I G A N HOW TO MINIMISE SECURITY BREACHES IN A NETWORK
POLICIES AND PROCEDURES Within an organisation, there must be policies set which govern what can be done by who, without these there would be several problems: Unsecure network, unsecure data, anyone can access anywhere. A data policy can be used to govern what kinds of data should be stored on the network as well as what happens to that data; Encryption, destruction or distribution. A Backup & Restore policy and procedure should be set in place so that the correct steps are taken when doing a backup (and when It should be done). There should also be a security policy on the network, this would govern how/what antivirus and antimalware software is run. A UAL (User Access List) can be put in place to control what a user can access this could include: Website Access, Network Access(networked drives), Software Installation and/or external media privileges. A leaving policy and procedure can help protect the network for when someone has left the company , their accounts and access methods should be disabled.
USER RESPONSIBILITY After a user has signed the policy sheet, what they do on the network is up to them and whether they will coincide with the agreement they have signed or not. This would include things like how they use their email account (for example, sending out confidential data to a personal email), how they keep their data (On a USB data stick is not as secure as on an encrypted network) or whether they are going to try and access any unauthorised materials (websites, downloads) through avoidance techniques like a proxy.
TRAINING Training all staff members is a basic thing that any company should do, this training will teach them the basics on how to keep their data safe and how to keep the network safe whilst using it. However, there is also the matter of keeping them trained, employees should be regularly trained to ensure that they have knowledge on the latest techniques that are used inside the network so that they can use them to their full advantage. This is often called “Continuous Professional Development”.
PHYSICAL SECURITY Physical Security involves protecting the physical access points of the network: Data storage rooms and network rooms (or any room that should not be access by everyone) should have a secure locking mechanism (ID scan or lock and key). The network should have limits on how many resources can be shared among the computers, to prevent one or two from eating up the entire network’s resources and crashing it. Secure entrance/exits, with a locking mechanism to access them as well as a security guard. This will prevent unauthorised access to grounds. CCTV cameras can help to prevent unlawful action, or to find the culprit if something has happened.
RISK ASSESSMENT & PENETRATION TESTING Risk assessment involves a thorough look at how the network can be damaged, this process is used to create new policies and procedures for the future protection of the network. Penetration testing should be used to help detect any faults or vulnerabilities in the physical access points of the network. Before this is run there should be policies set that determine what kind of backups and restore points should be generated, to prevent any accidental data loss. (or that the penetration testing should be run on a proxy network).
M2
IDENTIFICATION, AUTHENTICATION & AUTHORISATION When using any service, a user will be required to identify themselves, this is when they give something to the server that the server will then need to authenticate (to check whether it is real or fake, or ask for further details like unique numbers related to the person or a physical form of identification) and then the user will be authorised, if the details they entered are authentic and they are allowed to use the service.
TWO FACTOR AUTHENTICATION The two factor standard of authentication is when the user will need to provide two different types of authentication. This is much more secure than a single piece of authentication as it can be very hard to either forge two pieces or to find out what the second piece is. This type of authentication is used in many places, one of the most used places would be in ATM machines where a physical card is required as well a personal identification number.
USERNAME AND PASSWORD AUTHENTICATION The use of a username and password authentication method is that the username is unique and will only relate to one user. The password is not unique (as that may indicate to someone that the password is being used by someone else) but it should have minimum requirements for complexity. This access and authentication method is widely used across the internet, with accessing secure data areas or just accessing an online forum.
BIOMETRICS Biometrics is another authentication method. It is a very secure method of authenticating as it requires physical body parts of a human being (Which can be very hard to copy). Biometrics will use unique parts of the human body like feet, hands, finger prints, iris, ears and facial structure. Some biometric scanners are not as good as their expensive counterparts and as such, they will have a much higher FAR (False Acceptance Rate, where people are allowed access yet they are not on the database.) and FRR (False Rejection Rate, where people who have access are not allowed access.).
CRYPTOGRAPHY & DIGITAL CERTIFICATES Digital Certificates are where web pages are assigned a certificate that will tell the user that the webpage is secure and should be trusted. These certificates will contain information about what type of encryption (cryptography, the data is changed so that it cannot be read with being decrypted). These certificates are assigned by third party companies, which are also listed on a database so that the computer will be able to tell if the certificate was assigned by a verified company. The benefit of this is that it is easy for a user to determine whether the website they are visiting is the correct one (for example, when logging into an online banking webpage you may in fact be on a phishing website). A disadvantage of cryptography is that it can take a long time to encrypt and decrypt the data, or if the encryption is inadequate then a hacker can easily find out what the data was originally.
SCENARIO Suitable authentication methods for Internal Users: • Employees • Physical card to scan on entrance and exit of building. (security of on- site access, as well as in case there is an emergency a list of those who are on-site can be gained) • Login ID and password to access any system (user rank determines what they can access). (Limits who can access where and can prevent unauthorised access) • Physical card to scan to enter high security areas. (Prevent access to data storage or network rooms). • Network Manager • The same as Employees. • Number authenticator for administrative access (Generate random number based on PIN). (A unique number will help to prevent someone from being able to access the administrator account without having the physical device as well as the PIN number)
SCENARIO EXT. Suitable authentication methods for external users: • Digital Certificates for authenticity. This helps to tell the user that the website is secure and the correct one to be one for what they want. • User ID and password for user unique sections. This can prevent someone from obtaining personal information easily.

Recommended

Security Plan for Small Networks/Offices
Security Plan for Small Networks/Offices Security Plan for Small Networks/Offices
Security Plan for Small Networks/Offices Ajay Jassi
 
5 Step Data Security Plan for Small Businesses
5 Step Data Security Plan for Small Businesses5 Step Data Security Plan for Small Businesses
5 Step Data Security Plan for Small BusinessesWilkins Consulting, LLC
 
code of conduct
code of conductcode of conduct
code of conductDavid Waddell
 
System security
System securitySystem security
System securitysommerville-videos
 
Security Policy Checklist
Security Policy ChecklistSecurity Policy Checklist
Security Policy Checklistbackdoor
 
Computer security
Computer securityComputer security
Computer securityOZ Assignment help
 
IRJET- Preventing of Key-Recovery Attacks on Keyed Intrusion Detection System
IRJET- Preventing of Key-Recovery Attacks on Keyed Intrusion Detection SystemIRJET- Preventing of Key-Recovery Attacks on Keyed Intrusion Detection System
IRJET- Preventing of Key-Recovery Attacks on Keyed Intrusion Detection SystemIRJET Journal
 
Security Awareness Training
Security Awareness TrainingSecurity Awareness Training
Security Awareness TrainingDaniel P Wallace
 

Recommended

Security Plan for Small Networks/Offices
Security Plan for Small Networks/Offices Security Plan for Small Networks/Offices
Security Plan for Small Networks/Offices Ajay Jassi
 
5 Step Data Security Plan for Small Businesses
5 Step Data Security Plan for Small Businesses5 Step Data Security Plan for Small Businesses
5 Step Data Security Plan for Small BusinessesWilkins Consulting, LLC
 
code of conduct
code of conductcode of conduct
code of conductDavid Waddell
 
System security
System securitySystem security
System securitysommerville-videos
 
Security Policy Checklist
Security Policy ChecklistSecurity Policy Checklist
Security Policy Checklistbackdoor
 
Computer security
Computer securityComputer security
Computer securityOZ Assignment help
 
IRJET- Preventing of Key-Recovery Attacks on Keyed Intrusion Detection System
IRJET- Preventing of Key-Recovery Attacks on Keyed Intrusion Detection SystemIRJET- Preventing of Key-Recovery Attacks on Keyed Intrusion Detection System
IRJET- Preventing of Key-Recovery Attacks on Keyed Intrusion Detection SystemIRJET Journal
 
Security Awareness Training
Security Awareness TrainingSecurity Awareness Training
Security Awareness TrainingDaniel P Wallace
 
System Security-Chapter 1
System Security-Chapter 1System Security-Chapter 1
System Security-Chapter 1Vamsee Krishna Kiran
 
Security and control in Management Information System
Security and control in Management Information SystemSecurity and control in Management Information System
Security and control in Management Information SystemSatya P. Joshi
 
Security & control in management information system
Security & control in management information systemSecurity & control in management information system
Security & control in management information systemOnline
 
Disaster Proof
Disaster ProofDisaster Proof
Disaster ProofDigeratiGroup
 
Information system and security control
Information system and security controlInformation system and security control
Information system and security controlCheng Olayvar
 
Computer security concepts
Computer security conceptsComputer security concepts
Computer security conceptsG Prachi
 
Computer security basics
Computer security basicsComputer security basics
Computer security basicsSrinu Potnuru
 
Ancaman & kelemahan server
Ancaman & kelemahan serverAncaman & kelemahan server
Ancaman & kelemahan serverDedi Dwianto
 
06. security concept
06. security concept06. security concept
06. security conceptMuhammad Ahad
 
Disaster Proofing Your Computer Systems
Disaster Proofing Your Computer SystemsDisaster Proofing Your Computer Systems
Disaster Proofing Your Computer Systemsandrewcahill
 
NSA and PT
NSA and PTNSA and PT
NSA and PTRahmat Suhatman
 
Ics & computer security for nuclear facilities
Ics & computer security for nuclear facilitiesIcs & computer security for nuclear facilities
Ics & computer security for nuclear facilitiesomriyad
 
Introduction to Network Security
Introduction to Network SecurityIntroduction to Network Security
Introduction to Network SecurityJohn Ely Masculino
 
Security
SecuritySecurity
SecurityDr. Vardhan choubey
 
Managing i.t security
Managing i.t securityManaging i.t security
Managing i.t securityOriginalGSM
 
Cyber Security # Lec 3
Cyber Security # Lec 3 Cyber Security # Lec 3
Cyber Security # Lec 3 Kabul Education University
 
Cisco cybersecurity essentials chapter - 6
Cisco cybersecurity essentials chapter - 6Cisco cybersecurity essentials chapter - 6
Cisco cybersecurity essentials chapter - 6Mukesh Chinta
 
SegurançA Da InformaçãO Faat V1 4
SegurançA Da InformaçãO Faat V1 4SegurançA Da InformaçãO Faat V1 4
SegurançA Da InformaçãO Faat V1 4Rodrigo Piovesana
 
Basic Security Chapter 1
Basic Security Chapter 1Basic Security Chapter 1
Basic Security Chapter 1AfiqEfendy Zaen
 
The Importance of Security within the Computer Environment
The Importance of Security within the Computer EnvironmentThe Importance of Security within the Computer Environment
The Importance of Security within the Computer EnvironmentAdetula Bunmi
 
Unit 32 assignment 2
Unit 32 assignment 2Unit 32 assignment 2
Unit 32 assignment 2mikey132
 
Unit 8 assignment 1
Unit 8 assignment 1Unit 8 assignment 1
Unit 8 assignment 1KingHarribo
 

More Related Content

What's hot

Security and control in Management Information System
Security and control in Management Information SystemSecurity and control in Management Information System
Security and control in Management Information SystemSatya P. Joshi
 
Security & control in management information system
Security & control in management information systemSecurity & control in management information system
Security & control in management information systemOnline
 
Information system and security control
Information system and security controlInformation system and security control
Information system and security controlCheng Olayvar
 
Computer security concepts
Computer security conceptsComputer security concepts
Computer security conceptsG Prachi
 
Computer security basics
Computer security basicsComputer security basics
Computer security basicsSrinu Potnuru
 
Ancaman & kelemahan server
Ancaman & kelemahan serverAncaman & kelemahan server
Ancaman & kelemahan serverDedi Dwianto
 
06. security concept
06. security concept06. security concept
06. security conceptMuhammad Ahad
 
Disaster Proofing Your Computer Systems
Disaster Proofing Your Computer SystemsDisaster Proofing Your Computer Systems
Disaster Proofing Your Computer Systemsandrewcahill
 
Ics & computer security for nuclear facilities
Ics & computer security for nuclear facilitiesIcs & computer security for nuclear facilities
Ics & computer security for nuclear facilitiesomriyad
 
Introduction to Network Security
Introduction to Network SecurityIntroduction to Network Security
Introduction to Network SecurityJohn Ely Masculino
 
Managing i.t security
Managing i.t securityManaging i.t security
Managing i.t securityOriginalGSM
 
Cisco cybersecurity essentials chapter - 6
Cisco cybersecurity essentials chapter - 6Cisco cybersecurity essentials chapter - 6
Cisco cybersecurity essentials chapter - 6Mukesh Chinta
 
SegurançA Da InformaçãO Faat V1 4
SegurançA Da InformaçãO Faat V1 4SegurançA Da InformaçãO Faat V1 4
SegurançA Da InformaçãO Faat V1 4Rodrigo Piovesana
 
Basic Security Chapter 1
Basic Security Chapter 1Basic Security Chapter 1
Basic Security Chapter 1AfiqEfendy Zaen
 
The Importance of Security within the Computer Environment
The Importance of Security within the Computer EnvironmentThe Importance of Security within the Computer Environment
The Importance of Security within the Computer EnvironmentAdetula Bunmi
 

What's hot (20)

System Security-Chapter 1
System Security-Chapter 1System Security-Chapter 1
System Security-Chapter 1
 
Security and control in Management Information System
Security and control in Management Information SystemSecurity and control in Management Information System
Security and control in Management Information System
 
Security & control in management information system
Security & control in management information systemSecurity & control in management information system
Security & control in management information system
 
Disaster Proof
Disaster ProofDisaster Proof
Disaster Proof
 
Information system and security control
Information system and security controlInformation system and security control
Information system and security control
 
Computer security concepts
Computer security conceptsComputer security concepts
Computer security concepts
 
Computer security basics
Computer security basicsComputer security basics
Computer security basics
 
Ancaman & kelemahan server
Ancaman & kelemahan serverAncaman & kelemahan server
Ancaman & kelemahan server
 
06. security concept
06. security concept06. security concept
06. security concept
 
Disaster Proofing Your Computer Systems
Disaster Proofing Your Computer SystemsDisaster Proofing Your Computer Systems
Disaster Proofing Your Computer Systems
 
NSA and PT
NSA and PTNSA and PT
NSA and PT
 
Ics & computer security for nuclear facilities
Ics & computer security for nuclear facilitiesIcs & computer security for nuclear facilities
Ics & computer security for nuclear facilities
 
Introduction to Network Security
Introduction to Network SecurityIntroduction to Network Security
Introduction to Network Security
 
Security
SecuritySecurity
Security
 
Managing i.t security
Managing i.t securityManaging i.t security
Managing i.t security
 
Cyber Security # Lec 3
Cyber Security # Lec 3 Cyber Security # Lec 3
Cyber Security # Lec 3
 
Cisco cybersecurity essentials chapter - 6
Cisco cybersecurity essentials chapter - 6Cisco cybersecurity essentials chapter - 6
Cisco cybersecurity essentials chapter - 6
 
SegurançA Da InformaçãO Faat V1 4
SegurançA Da InformaçãO Faat V1 4SegurançA Da InformaçãO Faat V1 4
SegurançA Da InformaçãO Faat V1 4
 
Basic Security Chapter 1
Basic Security Chapter 1Basic Security Chapter 1
Basic Security Chapter 1
 
The Importance of Security within the Computer Environment
The Importance of Security within the Computer EnvironmentThe Importance of Security within the Computer Environment
The Importance of Security within the Computer Environment
 

Viewers also liked

Unit 32 assignment 2
Unit 32 assignment 2Unit 32 assignment 2
Unit 32 assignment 2mikey132
 
Unit 8 assignment 1
Unit 8 assignment 1Unit 8 assignment 1
Unit 8 assignment 1KingHarribo
 
Unit8 e-commerce
Unit8 e-commerce Unit8 e-commerce
Unit8 e-commerce adamlawson
 
ICT BTEC UNIT 2 P4 and M2
ICT BTEC UNIT 2 P4 and M2ICT BTEC UNIT 2 P4 and M2
ICT BTEC UNIT 2 P4 and M2OriginalGSM
 
Accessing the WAN: Ch4 - Network Security
Accessing the WAN: Ch4 - Network SecurityAccessing the WAN: Ch4 - Network Security
Accessing the WAN: Ch4 - Network SecurityAbdelkhalik Mosa
 
Packet Tracer Tutorial # 2
Packet Tracer Tutorial # 2Packet Tracer Tutorial # 2
Packet Tracer Tutorial # 2Abdul Basit
 
Packet Tracer Tutorial # 1
Packet Tracer Tutorial # 1Packet Tracer Tutorial # 1
Packet Tracer Tutorial # 1Abdul Basit
 
Network Security Threats and Solutions
Network Security Threats and SolutionsNetwork Security Threats and Solutions
Network Security Threats and SolutionsColin058
 

Viewers also liked (9)

Unit 32 assignment 2
Unit 32 assignment 2Unit 32 assignment 2
Unit 32 assignment 2
 
Unit 8 assignment 1
Unit 8 assignment 1Unit 8 assignment 1
Unit 8 assignment 1
 
Unit8 e-commerce
Unit8 e-commerce Unit8 e-commerce
Unit8 e-commerce
 
ICT BTEC UNIT 2 P4 and M2
ICT BTEC UNIT 2 P4 and M2ICT BTEC UNIT 2 P4 and M2
ICT BTEC UNIT 2 P4 and M2
 
Accessing the WAN: Ch4 - Network Security
Accessing the WAN: Ch4 - Network SecurityAccessing the WAN: Ch4 - Network Security
Accessing the WAN: Ch4 - Network Security
 
Packet Tracer Tutorial # 2
Packet Tracer Tutorial # 2Packet Tracer Tutorial # 2
Packet Tracer Tutorial # 2
 
Network security
Network security Network security
Network security
 
Packet Tracer Tutorial # 1
Packet Tracer Tutorial # 1Packet Tracer Tutorial # 1
Packet Tracer Tutorial # 1
 
Network Security Threats and Solutions
Network Security Threats and SolutionsNetwork Security Threats and Solutions
Network Security Threats and Solutions
 

Similar to P3 m2

Remote Access Policy Is A Normal Thing
Remote Access Policy Is A Normal ThingRemote Access Policy Is A Normal Thing
Remote Access Policy Is A Normal ThingKaren Oliver
 
Running head NETWORK INFRASTRUTCTURE AND SECURITYNETWORK INFR.docx
Running head NETWORK INFRASTRUTCTURE AND SECURITYNETWORK INFR.docxRunning head NETWORK INFRASTRUTCTURE AND SECURITYNETWORK INFR.docx
Running head NETWORK INFRASTRUTCTURE AND SECURITYNETWORK INFR.docxtoltonkendal
 
Information Technology Security Is Vital For The Success...
Information Technology Security Is Vital For The Success...Information Technology Security Is Vital For The Success...
Information Technology Security Is Vital For The Success...Brianna Johnson
 
Addressing Insider Threat using "Where You Are" as Fourth Factor Authentication
Addressing Insider Threat using "Where You Are" as Fourth Factor AuthenticationAddressing Insider Threat using "Where You Are" as Fourth Factor Authentication
Addressing Insider Threat using "Where You Are" as Fourth Factor AuthenticationPeter Choi
 
MACHINE LEARNING BASED SECURITY SYSTEM FOR OFFICE PREMISES
MACHINE LEARNING BASED SECURITY SYSTEM FOR OFFICE PREMISESMACHINE LEARNING BASED SECURITY SYSTEM FOR OFFICE PREMISES
MACHINE LEARNING BASED SECURITY SYSTEM FOR OFFICE PREMISESIRJET Journal
 
Ethical Hacking .pptx
Ethical Hacking .pptxEthical Hacking .pptx
Ethical Hacking .pptxjohnnymaaza
 
Ethical hacking and social engineering
Ethical hacking and social engineeringEthical hacking and social engineering
Ethical hacking and social engineeringSweta Kumari Barnwal
 
CSI-503 - 10. Security & Protection (Operating System)
CSI-503 - 10. Security & Protection (Operating System) CSI-503 - 10. Security & Protection (Operating System)
CSI-503 - 10. Security & Protection (Operating System) ghayour abbas
 
10.1.1.436.3364.pdf
10.1.1.436.3364.pdf10.1.1.436.3364.pdf
10.1.1.436.3364.pdfmistryritesh
 
IMPLEMENTATION PAPER ON MACHINE LEARNING BASED SECURITY SYSTEM FOR OFFICE PRE...
IMPLEMENTATION PAPER ON MACHINE LEARNING BASED SECURITY SYSTEM FOR OFFICE PRE...IMPLEMENTATION PAPER ON MACHINE LEARNING BASED SECURITY SYSTEM FOR OFFICE PRE...
IMPLEMENTATION PAPER ON MACHINE LEARNING BASED SECURITY SYSTEM FOR OFFICE PRE...IRJET Journal
 
Network security
Network securityNetwork security
Network securityAli Kamil
 
Elementary-Information-Security-Practices
Elementary-Information-Security-PracticesElementary-Information-Security-Practices
Elementary-Information-Security-PracticesOctogence
 
IRJET - Study Paper on Various Security Mechanism of Cloud Computing
IRJET - Study Paper on Various Security Mechanism of Cloud ComputingIRJET - Study Paper on Various Security Mechanism of Cloud Computing
IRJET - Study Paper on Various Security Mechanism of Cloud ComputingIRJET Journal
 
Strategies for Data Leakage Prevention
Strategies for Data Leakage PreventionStrategies for Data Leakage Prevention
Strategies for Data Leakage PreventionIRJET Journal
 
Introduction to Access Control Week6 Part1-IS Revis.docx
Introduction to Access Control Week6 Part1-IS Revis.docxIntroduction to Access Control Week6 Part1-IS Revis.docx
Introduction to Access Control Week6 Part1-IS Revis.docxmariuse18nolet
 

Similar to P3 m2 (20)

P3
P3P3
P3
 
Remote Access Policy Is A Normal Thing
Remote Access Policy Is A Normal ThingRemote Access Policy Is A Normal Thing
Remote Access Policy Is A Normal Thing
 
Running head NETWORK INFRASTRUTCTURE AND SECURITYNETWORK INFR.docx
Running head NETWORK INFRASTRUTCTURE AND SECURITYNETWORK INFR.docxRunning head NETWORK INFRASTRUTCTURE AND SECURITYNETWORK INFR.docx
Running head NETWORK INFRASTRUTCTURE AND SECURITYNETWORK INFR.docx
 
Information Technology Security Is Vital For The Success...
Information Technology Security Is Vital For The Success...Information Technology Security Is Vital For The Success...
Information Technology Security Is Vital For The Success...
 
Addressing Insider Threat using "Where You Are" as Fourth Factor Authentication
Addressing Insider Threat using "Where You Are" as Fourth Factor AuthenticationAddressing Insider Threat using "Where You Are" as Fourth Factor Authentication
Addressing Insider Threat using "Where You Are" as Fourth Factor Authentication
 
Zero Trust Model Presentation
Zero Trust Model PresentationZero Trust Model Presentation
Zero Trust Model Presentation
 
IMPLEMENTATION OF METHODS FOR TRANSACTION IN SECURE ONLINE BANKING
IMPLEMENTATION OF METHODS FOR TRANSACTION IN SECURE ONLINE BANKINGIMPLEMENTATION OF METHODS FOR TRANSACTION IN SECURE ONLINE BANKING
IMPLEMENTATION OF METHODS FOR TRANSACTION IN SECURE ONLINE BANKING
 
MACHINE LEARNING BASED SECURITY SYSTEM FOR OFFICE PREMISES
MACHINE LEARNING BASED SECURITY SYSTEM FOR OFFICE PREMISESMACHINE LEARNING BASED SECURITY SYSTEM FOR OFFICE PREMISES
MACHINE LEARNING BASED SECURITY SYSTEM FOR OFFICE PREMISES
 
Data security
Data securityData security
Data security
 
Module 3-cyber security
Module 3-cyber securityModule 3-cyber security
Module 3-cyber security
 
Ethical Hacking .pptx
Ethical Hacking .pptxEthical Hacking .pptx
Ethical Hacking .pptx
 
Ethical hacking and social engineering
Ethical hacking and social engineeringEthical hacking and social engineering
Ethical hacking and social engineering
 
CSI-503 - 10. Security & Protection (Operating System)
CSI-503 - 10. Security & Protection (Operating System) CSI-503 - 10. Security & Protection (Operating System)
CSI-503 - 10. Security & Protection (Operating System)
 
10.1.1.436.3364.pdf
10.1.1.436.3364.pdf10.1.1.436.3364.pdf
10.1.1.436.3364.pdf
 
IMPLEMENTATION PAPER ON MACHINE LEARNING BASED SECURITY SYSTEM FOR OFFICE PRE...
IMPLEMENTATION PAPER ON MACHINE LEARNING BASED SECURITY SYSTEM FOR OFFICE PRE...IMPLEMENTATION PAPER ON MACHINE LEARNING BASED SECURITY SYSTEM FOR OFFICE PRE...
IMPLEMENTATION PAPER ON MACHINE LEARNING BASED SECURITY SYSTEM FOR OFFICE PRE...
 
Network security
Network securityNetwork security
Network security
 
Elementary-Information-Security-Practices
Elementary-Information-Security-PracticesElementary-Information-Security-Practices
Elementary-Information-Security-Practices
 
IRJET - Study Paper on Various Security Mechanism of Cloud Computing
IRJET - Study Paper on Various Security Mechanism of Cloud ComputingIRJET - Study Paper on Various Security Mechanism of Cloud Computing
IRJET - Study Paper on Various Security Mechanism of Cloud Computing
 
Strategies for Data Leakage Prevention
Strategies for Data Leakage PreventionStrategies for Data Leakage Prevention
Strategies for Data Leakage Prevention
 
Introduction to Access Control Week6 Part1-IS Revis.docx
Introduction to Access Control Week6 Part1-IS Revis.docxIntroduction to Access Control Week6 Part1-IS Revis.docx
Introduction to Access Control Week6 Part1-IS Revis.docx
 

P3 m2

  • 1. M A T T H E W H O R R I G A N HOW TO MINIMISE SECURITY BREACHES IN A NETWORK
  • 2. POLICIES AND PROCEDURES Within an organisation, there must be policies set which govern what can be done by who, without these there would be several problems: Unsecure network, unsecure data, anyone can access anywhere. A data policy can be used to govern what kinds of data should be stored on the network as well as what happens to that data; Encryption, destruction or distribution. A Backup & Restore policy and procedure should be set in place so that the correct steps are taken when doing a backup (and when It should be done). There should also be a security policy on the network, this would govern how/what antivirus and antimalware software is run. A UAL (User Access List) can be put in place to control what a user can access this could include: Website Access, Network Access(networked drives), Software Installation and/or external media privileges. A leaving policy and procedure can help protect the network for when someone has left the company , their accounts and access methods should be disabled.
  • 3. USER RESPONSIBILITY After a user has signed the policy sheet, what they do on the network is up to them and whether they will coincide with the agreement they have signed or not. This would include things like how they use their email account (for example, sending out confidential data to a personal email), how they keep their data (On a USB data stick is not as secure as on an encrypted network) or whether they are going to try and access any unauthorised materials (websites, downloads) through avoidance techniques like a proxy.
  • 4. TRAINING Training all staff members is a basic thing that any company should do, this training will teach them the basics on how to keep their data safe and how to keep the network safe whilst using it. However, there is also the matter of keeping them trained, employees should be regularly trained to ensure that they have knowledge on the latest techniques that are used inside the network so that they can use them to their full advantage. This is often called “Continuous Professional Development”.
  • 5. PHYSICAL SECURITY Physical Security involves protecting the physical access points of the network: Data storage rooms and network rooms (or any room that should not be access by everyone) should have a secure locking mechanism (ID scan or lock and key). The network should have limits on how many resources can be shared among the computers, to prevent one or two from eating up the entire network’s resources and crashing it. Secure entrance/exits, with a locking mechanism to access them as well as a security guard. This will prevent unauthorised access to grounds. CCTV cameras can help to prevent unlawful action, or to find the culprit if something has happened.
  • 6. RISK ASSESSMENT & PENETRATION TESTING Risk assessment involves a thorough look at how the network can be damaged, this process is used to create new policies and procedures for the future protection of the network. Penetration testing should be used to help detect any faults or vulnerabilities in the physical access points of the network. Before this is run there should be policies set that determine what kind of backups and restore points should be generated, to prevent any accidental data loss. (or that the penetration testing should be run on a proxy network).
  • 7. M2
  • 8. IDENTIFICATION, AUTHENTICATION & AUTHORISATION When using any service, a user will be required to identify themselves, this is when they give something to the server that the server will then need to authenticate (to check whether it is real or fake, or ask for further details like unique numbers related to the person or a physical form of identification) and then the user will be authorised, if the details they entered are authentic and they are allowed to use the service.
  • 9. TWO FACTOR AUTHENTICATION The two factor standard of authentication is when the user will need to provide two different types of authentication. This is much more secure than a single piece of authentication as it can be very hard to either forge two pieces or to find out what the second piece is. This type of authentication is used in many places, one of the most used places would be in ATM machines where a physical card is required as well a personal identification number.
  • 10. USERNAME AND PASSWORD AUTHENTICATION The use of a username and password authentication method is that the username is unique and will only relate to one user. The password is not unique (as that may indicate to someone that the password is being used by someone else) but it should have minimum requirements for complexity. This access and authentication method is widely used across the internet, with accessing secure data areas or just accessing an online forum.
  • 11. BIOMETRICS Biometrics is another authentication method. It is a very secure method of authenticating as it requires physical body parts of a human being (Which can be very hard to copy). Biometrics will use unique parts of the human body like feet, hands, finger prints, iris, ears and facial structure. Some biometric scanners are not as good as their expensive counterparts and as such, they will have a much higher FAR (False Acceptance Rate, where people are allowed access yet they are not on the database.) and FRR (False Rejection Rate, where people who have access are not allowed access.).
  • 12. CRYPTOGRAPHY & DIGITAL CERTIFICATES Digital Certificates are where web pages are assigned a certificate that will tell the user that the webpage is secure and should be trusted. These certificates will contain information about what type of encryption (cryptography, the data is changed so that it cannot be read with being decrypted). These certificates are assigned by third party companies, which are also listed on a database so that the computer will be able to tell if the certificate was assigned by a verified company. The benefit of this is that it is easy for a user to determine whether the website they are visiting is the correct one (for example, when logging into an online banking webpage you may in fact be on a phishing website). A disadvantage of cryptography is that it can take a long time to encrypt and decrypt the data, or if the encryption is inadequate then a hacker can easily find out what the data was originally.
  • 13. SCENARIO Suitable authentication methods for Internal Users: • Employees • Physical card to scan on entrance and exit of building. (security of on- site access, as well as in case there is an emergency a list of those who are on-site can be gained) • Login ID and password to access any system (user rank determines what they can access). (Limits who can access where and can prevent unauthorised access) • Physical card to scan to enter high security areas. (Prevent access to data storage or network rooms). • Network Manager • The same as Employees. • Number authenticator for administrative access (Generate random number based on PIN). (A unique number will help to prevent someone from being able to access the administrator account without having the physical device as well as the PIN number)
  • 14. SCENARIO EXT. Suitable authentication methods for external users: • Digital Certificates for authenticity. This helps to tell the user that the website is secure and the correct one to be one for what they want. • User ID and password for user unique sections. This can prevent someone from obtaining personal information easily.