SlideShare a Scribd company logo

Recommending information security measures

Download as PPTX, PDF
Manish Singh
Manish Singh

Information Security

Self ImprovementTechnology
1 of 25
RECOMMENDING SECURITY MEASURES FOR INFORMATION SECURITY
INFORMATION SECURITY Information Security is the practice of defending information from unauthorised access, use, disclosure, disruption, modification, recording or destruction.
Why Information Security? • Information is critical to any business and paramount to the survival of any organisation in today‟s globalised digital economy. • Governments, military, corporations, financial institutions, etc. amass huge confidential information about their employees, customers, research & financial status. Most of this information is stored on computers and transmitted across networks to other computers. • Conventional warfare has been replaced by digital or cyber war. Rivals continue attempts to gain access to the adversaries information.
Some Examples • Bradley Manning, US soldier: involved in the biggest breach of classified data (7 Lakh Classified files, battlefield videos & diplomatic cables) in US History for providing files to Wikileaks. • A hacker stole a database from South Carolina‟s Deptt. Of Revenue, exposing 3.6 million Social Security numbers and 3.8 Lakh payment card records. More than 6.5 Lakh businesses were also compromised. • As per recent article of Indiatimes: As India‟s 108 bn $ IT Service industry is becoming the world‟s favoured outsourcing centre, India is emerging as a top destination for cyber data theft.
Computer Security Losses
In 1980 a computer cracked a 3-character password within one minute. DID YOU KNOW? In 2004 a computer virus infected 1 million computers within one hour. In 1999 a team of computers cracked a 56- character password within one day.
REASONS FOR ATTACKS • Fraud: These attacks are after credit card numbers, bank accounts, passwords…anything of use of themselves or sell for profit • Activism: Activists disagree with a particular political or social stance one takes, and want only to create chaos and embarrass the opponent organisation. • Industrial Espionage: Specific proprietary information is targeted either in rivalry or to make profit.
FORMS OF THREAT • Computer Viruses • Trojan Horse • Address Book Theft • Domain Name System Poisoning • Zombies (Enslaving of Computers), IP Spoofing (Replicating IP adress) • Password grabbers • Network Worms • Hijacked Home Pages • Denial of Service attacks • Phishing • Identity theft
Top Three Security Threats • Malware (Malicious Software) • Internet- Facing Applications • Social Engineering
Social Engineering Social Engineering is the art of deceptively influencing a person face to face, over the phone, via e mail, etc. to get the desired information. For an organisation with more than 30 employees one expert puts the success rate of social engineering at 100%. For eg.- •Convincing an employees to share a company password over the phone or chat •Tricking someone into opening a malicious e mail attachment •Sending a “free” hardware that‟s been pre- infected
TYPICAL SYMPTOMS – File deletion – File corruption – Visual effects – Pop-Ups – Erratic (and unwanted) behavior – Computer crashes
THREAT CONSEQUENCES • Unauthorized Disclosure – exposure, interception, inference, intrusion • Deception – masquerade, falsification, repudiation • Disruption – incapacitation, corruption, obstruction • Usurpation – misappropriation, misuse
Data Availability Data Integrity Data Confidentiality Pillars of Information Security: CIA
CONFIDENTIALITY Preventing disclosure of information to unauthorised individuals or systems. For eg. A Credit Card transaction. The system attempts to enforce confidentiality by encrypting the card number during transmission from buyer to seller.
INTEGRITY Maintaining and assuring the accuracy and consistency of data over its entire life- cycle. This means the data cannot be modified in an unauthorised or undetected manner.
AVAILABILITY The information must be available when it is needed, to ensure its utility. This means that the computing systems used to store and process the information, the security controls used to protect it , and the communication channels used to access it must be functioning correctly.
MEASURES FOR INFORMATION SECURITY Use a strong password • A strong password is the best way to protect yourself against identity theft and unauthorized access to your confidential information. Protect confidential information • Varied people have access to information that must not be shared, including the password. Familiarize yourself with the applicable laws and policies which govern these records and act accordingly.
Make sure operating system and virus protection are up- to-date • This will avoid vulnerability to hackers and others looking to steal information. Use secure and supported applications • Any software you install has the potential to be exploited by hackers, so be very careful to only install applications from a trusted source. The use of pirated software is illegal. Be wary of suspicious e-mails • Don't become a phishing victim. Never click on a link in an email; if you're tempted, cut and paste the url into your browser. That way, there's a good chance your browser will block the page if it's bad. And don't open email attachments until you've verified their legitimacy with the sender.
Store confidential information only on HSU servers • CDs, DVDs, and USB drives are all convenient ways to store data; the trouble is, they're just as convenient for thieves as for you. Wherever possible, store confidential information in your network folder or other protected central space. If you must store confidential information locally, you must encrypt it and then delete it as soon as you no longer need it. Back up your data … and make sure you can restore it • If your computer becomes infected, the hardware fails, you may be unable to retrieve important information. So make sure your data is backed up regularly - and test that backup from time to time to make sure that the restore works correctly.
Protect information in all its forms • Protecting your digital data is important. But paper and the human voice remain important elements of the security mix. Keep confidential printed information in locked file cabinets and shredded when no longer required. If you're talking about confidential information on the phone, take appropriate steps to ensure you're not overheard. Learn to be security-aware • Being aware and alert to the environment can prevent any disaster.
Important Points • Classified documents should be kept in special filing cabinets, special vaults etc. • It should be in the personal custody of the concern authorised official • These should be kept locked when not in use. • These should be numbered and logged • When passing from one authorised person to the next , written signed receipt should be taken. • Shouldn‟t be taken out of premises ideally , otherwise they should be sent only in sealed boxes in double sealed cover
• Never discuss office matters at public places • Do not carry home sensitive information • Do not use the phone to discuss sensitive information • Be careful of strangers • Wherever it is felt that something had happened, it should be immediately discussed so as to initiate damage control exercises Important Points
BASIC GUIDELINES • Do not take unusual precautions –this will attract attention – act normal • Persons having the confidential information should be made personally responsible for protecting the same • Security must be sensible or low profile • Security should be organised in depth
BASIC GUIDELINES • Enforce control of copies of documents • Proper control of waste paper and destruction • Check all meeting places for „bugs‟ • Be wary of consultants • Edit your journals • Nothing will remain secret, if more than two persons share the same
Security Technologies Used

Recommended

Hackers
HackersHackers
HackersMohamed Boudchiche
 
Hacking
Hacking Hacking
Hacking thajmohammed
 
Hackers Cracker Network Intruder
Hackers Cracker Network IntruderHackers Cracker Network Intruder
Hackers Cracker Network IntruderErdo Deshiant Garnaby
 
How to become Hackers .
How to become Hackers .How to become Hackers .
How to become Hackers .Greater Noida Institute Of Technology
 
Computer crime hacking
Computer crime hackingComputer crime hacking
Computer crime hackingtangytangling
 
Introduction to hackers
Introduction to hackersIntroduction to hackers
Introduction to hackersHarsh Sharma
 
Ethical Hacking
Ethical HackingEthical Hacking
Ethical HackingRohit Trimukhe
 
Computer Forensics
Computer ForensicsComputer Forensics
Computer ForensicsJyothishmathi Institute of Technology and Science Karimnagar
 

Recommended

Hackers
HackersHackers
HackersMohamed Boudchiche
 
Hacking
Hacking Hacking
Hacking thajmohammed
 
Hackers Cracker Network Intruder
Hackers Cracker Network IntruderHackers Cracker Network Intruder
Hackers Cracker Network IntruderErdo Deshiant Garnaby
 
How to become Hackers .
How to become Hackers .How to become Hackers .
How to become Hackers .Greater Noida Institute Of Technology
 
Computer crime hacking
Computer crime hackingComputer crime hacking
Computer crime hackingtangytangling
 
Introduction to hackers
Introduction to hackersIntroduction to hackers
Introduction to hackersHarsh Sharma
 
Ethical Hacking
Ethical HackingEthical Hacking
Ethical HackingRohit Trimukhe
 
Computer Forensics
Computer ForensicsComputer Forensics
Computer ForensicsJyothishmathi Institute of Technology and Science Karimnagar
 
Cyberterrorism
CyberterrorismCyberterrorism
CyberterrorismVarshil Patel
 
O'leary Cyber Secutiry
O'leary Cyber SecutiryO'leary Cyber Secutiry
O'leary Cyber Secutirysefreed
 
Computer crimes and forensics
Computer crimes and forensics Computer crimes and forensics
Computer crimes and forensics Avinash Mavuru
 
Hacking (1)
Hacking (1)Hacking (1)
Hacking (1)rishirvk1995
 
Introduction to Raspberry Pi
Introduction to Raspberry PiIntroduction to Raspberry Pi
Introduction to Raspberry PiCyberGuider IT Services Inc.
 
Digital citizenship
Digital citizenshipDigital citizenship
Digital citizenshipmalvin050
 
"Hacking"
"Hacking""Hacking"
"Hacking"Ameesha Indusarani
 
Information security fundamentals topic 2: Evolution of Information security
Information security fundamentals topic 2: Evolution of Information securityInformation security fundamentals topic 2: Evolution of Information security
Information security fundamentals topic 2: Evolution of Information securityNeha Raju k
 
Stop in the name of norton
Stop in the name of nortonStop in the name of norton
Stop in the name of nortonspkiely
 
What is Ethical hacking
What is Ethical hackingWhat is Ethical hacking
What is Ethical hackingSibghatullah Khattak
 
Proprietary Information
Proprietary InformationProprietary Information
Proprietary Informationhypknight
 
Application of security computer
Application of security computerApplication of security computer
Application of security computeribrahimzubairu2003
 
Computer forensics and Investigation
Computer forensics and InvestigationComputer forensics and Investigation
Computer forensics and InvestigationNeha Raju k
 
Ethicalhacking 130906120356-
Ethicalhacking 130906120356-Ethicalhacking 130906120356-
Ethicalhacking 130906120356-RAKESH SHARMA
 
Ethicalhacking
Ethicalhacking Ethicalhacking
Ethicalhacking Irvin Costa
 
Countering the Cyber Espionage Threat from China
Countering the Cyber Espionage Threat from ChinaCountering the Cyber Espionage Threat from China
Countering the Cyber Espionage Threat from ChinaMurray Security Services
 
Ethical hacking
Ethical hackingEthical hacking
Ethical hackingvishakha bhagwat
 
Computer forensics and investigation module 1 topic 2
Computer forensics and investigation module 1 topic 2Computer forensics and investigation module 1 topic 2
Computer forensics and investigation module 1 topic 2Neha Raju k
 
Hacking
HackingHacking
HackingHaider Akbar
 
H A C K I N Gjk,K
H A C K I N Gjk,KH A C K I N Gjk,K
H A C K I N Gjk,KHudzaifah Hud Azman
 
Information Security Awareness Training
Information Security Awareness TrainingInformation Security Awareness Training
Information Security Awareness TrainingRandy Bowman
 
Cyber Security Awareness Training by Win-Pro
Cyber Security Awareness Training by Win-ProCyber Security Awareness Training by Win-Pro
Cyber Security Awareness Training by Win-ProRonald Soh
 

More Related Content

What's hot

O'leary Cyber Secutiry
O'leary Cyber SecutiryO'leary Cyber Secutiry
O'leary Cyber Secutirysefreed
 
Computer crimes and forensics
Computer crimes and forensics Computer crimes and forensics
Computer crimes and forensics Avinash Mavuru
 
Digital citizenship
Digital citizenshipDigital citizenship
Digital citizenshipmalvin050
 
Information security fundamentals topic 2: Evolution of Information security
Information security fundamentals topic 2: Evolution of Information securityInformation security fundamentals topic 2: Evolution of Information security
Information security fundamentals topic 2: Evolution of Information securityNeha Raju k
 
Stop in the name of norton
Stop in the name of nortonStop in the name of norton
Stop in the name of nortonspkiely
 
Proprietary Information
Proprietary InformationProprietary Information
Proprietary Informationhypknight
 
Application of security computer
Application of security computerApplication of security computer
Application of security computeribrahimzubairu2003
 
Computer forensics and Investigation
Computer forensics and InvestigationComputer forensics and Investigation
Computer forensics and InvestigationNeha Raju k
 
Ethicalhacking 130906120356-
Ethicalhacking 130906120356-Ethicalhacking 130906120356-
Ethicalhacking 130906120356-RAKESH SHARMA
 
Countering the Cyber Espionage Threat from China
Countering the Cyber Espionage Threat from ChinaCountering the Cyber Espionage Threat from China
Countering the Cyber Espionage Threat from ChinaMurray Security Services
 
Computer forensics and investigation module 1 topic 2
Computer forensics and investigation module 1 topic 2Computer forensics and investigation module 1 topic 2
Computer forensics and investigation module 1 topic 2Neha Raju k
 

What's hot (20)

Cyberterrorism
CyberterrorismCyberterrorism
Cyberterrorism
 
O'leary Cyber Secutiry
O'leary Cyber SecutiryO'leary Cyber Secutiry
O'leary Cyber Secutiry
 
Computer crimes and forensics
Computer crimes and forensics Computer crimes and forensics
Computer crimes and forensics
 
Hacking (1)
Hacking (1)Hacking (1)
Hacking (1)
 
Introduction to Raspberry Pi
Introduction to Raspberry PiIntroduction to Raspberry Pi
Introduction to Raspberry Pi
 
Digital citizenship
Digital citizenshipDigital citizenship
Digital citizenship
 
"Hacking"
"Hacking""Hacking"
"Hacking"
 
Information security fundamentals topic 2: Evolution of Information security
Information security fundamentals topic 2: Evolution of Information securityInformation security fundamentals topic 2: Evolution of Information security
Information security fundamentals topic 2: Evolution of Information security
 
Stop in the name of norton
Stop in the name of nortonStop in the name of norton
Stop in the name of norton
 
What is Ethical hacking
What is Ethical hackingWhat is Ethical hacking
What is Ethical hacking
 
Proprietary Information
Proprietary InformationProprietary Information
Proprietary Information
 
Application of security computer
Application of security computerApplication of security computer
Application of security computer
 
Computer forensics and Investigation
Computer forensics and InvestigationComputer forensics and Investigation
Computer forensics and Investigation
 
Ethicalhacking 130906120356-
Ethicalhacking 130906120356-Ethicalhacking 130906120356-
Ethicalhacking 130906120356-
 
Ethicalhacking
Ethicalhacking Ethicalhacking
Ethicalhacking
 
Countering the Cyber Espionage Threat from China
Countering the Cyber Espionage Threat from ChinaCountering the Cyber Espionage Threat from China
Countering the Cyber Espionage Threat from China
 
Ethical hacking
Ethical hackingEthical hacking
Ethical hacking
 
Computer forensics and investigation module 1 topic 2
Computer forensics and investigation module 1 topic 2Computer forensics and investigation module 1 topic 2
Computer forensics and investigation module 1 topic 2
 
Hacking
HackingHacking
Hacking
 
H A C K I N Gjk,K
H A C K I N Gjk,KH A C K I N Gjk,K
H A C K I N Gjk,K
 

Similar to Recommending information security measures

Information Security Awareness Training
Information Security Awareness TrainingInformation Security Awareness Training
Information Security Awareness TrainingRandy Bowman
 
Cyber Security Awareness Training by Win-Pro
Cyber Security Awareness Training by Win-ProCyber Security Awareness Training by Win-Pro
Cyber Security Awareness Training by Win-ProRonald Soh
 
itsecurityawareness-v1-230413174238-5e7cba3c.pdf
itsecurityawareness-v1-230413174238-5e7cba3c.pdfitsecurityawareness-v1-230413174238-5e7cba3c.pdf
itsecurityawareness-v1-230413174238-5e7cba3c.pdfMansoorAhmed57263
 
IT Security Awareness-v1.7.ppt
IT Security Awareness-v1.7.pptIT Security Awareness-v1.7.ppt
IT Security Awareness-v1.7.pptOoXair
 
Cyber Security Awareness Session for Executives and Non-IT professionals
Cyber Security Awareness Session for Executives and Non-IT professionalsCyber Security Awareness Session for Executives and Non-IT professionals
Cyber Security Awareness Session for Executives and Non-IT professionalsKrishna Srikanth Manda
 
securityawareness.pptx
securityawareness.pptxsecurityawareness.pptx
securityawareness.pptxbinowe
 
securityawareness.pptx
securityawareness.pptxsecurityawareness.pptx
securityawareness.pptxreagan sapul
 
Securityawareness
SecurityawarenessSecurityawareness
SecurityawarenessJayfErika
 
It security in healthcare
It security in healthcareIt security in healthcare
It security in healthcareNicholas Davis
 
Unveiling the dark web. The importance of your cybersecurity posture
Unveiling the dark web. The importance of your cybersecurity postureUnveiling the dark web. The importance of your cybersecurity posture
Unveiling the dark web. The importance of your cybersecurity postureLourdes Paloma Gimenez
 
Basic practices for information & computer security
Basic practices for information & computer securityBasic practices for information & computer security
Basic practices for information & computer securityPrajktaGN
 
InformationSecurity
InformationSecurityInformationSecurity
InformationSecuritylearnt
 
CyberSecurity Cyber24x7.pdf
CyberSecurity Cyber24x7.pdfCyberSecurity Cyber24x7.pdf
CyberSecurity Cyber24x7.pdfVarinder K
 

Similar to Recommending information security measures (20)

Information Security Awareness Training
Information Security Awareness TrainingInformation Security Awareness Training
Information Security Awareness Training
 
Cyber Security Awareness Training by Win-Pro
Cyber Security Awareness Training by Win-ProCyber Security Awareness Training by Win-Pro
Cyber Security Awareness Training by Win-Pro
 
Information security
Information securityInformation security
Information security
 
it-security.ppt
it-security.pptit-security.ppt
it-security.ppt
 
Computer ethics
Computer ethicsComputer ethics
Computer ethics
 
itsecurityawareness-v1-230413174238-5e7cba3c.pdf
itsecurityawareness-v1-230413174238-5e7cba3c.pdfitsecurityawareness-v1-230413174238-5e7cba3c.pdf
itsecurityawareness-v1-230413174238-5e7cba3c.pdf
 
IT Security Awareness-v1.7.ppt
IT Security Awareness-v1.7.pptIT Security Awareness-v1.7.ppt
IT Security Awareness-v1.7.ppt
 
Cyber Security Awareness Session for Executives and Non-IT professionals
Cyber Security Awareness Session for Executives and Non-IT professionalsCyber Security Awareness Session for Executives and Non-IT professionals
Cyber Security Awareness Session for Executives and Non-IT professionals
 
Personal Threat Models
Personal Threat ModelsPersonal Threat Models
Personal Threat Models
 
Introduction to Cyber Security
Introduction to Cyber SecurityIntroduction to Cyber Security
Introduction to Cyber Security
 
cybersecurity
cybersecurity cybersecurity
cybersecurity
 
securityawareness.pptx
securityawareness.pptxsecurityawareness.pptx
securityawareness.pptx
 
securityawareness.pptx
securityawareness.pptxsecurityawareness.pptx
securityawareness.pptx
 
Securityawareness
SecurityawarenessSecurityawareness
Securityawareness
 
It security in healthcare
It security in healthcareIt security in healthcare
It security in healthcare
 
Unveiling the dark web. The importance of your cybersecurity posture
Unveiling the dark web. The importance of your cybersecurity postureUnveiling the dark web. The importance of your cybersecurity posture
Unveiling the dark web. The importance of your cybersecurity posture
 
Basic practices for information & computer security
Basic practices for information & computer securityBasic practices for information & computer security
Basic practices for information & computer security
 
InformationSecurity
InformationSecurityInformationSecurity
InformationSecurity
 
Cyber_Crime_Security.pptx
Cyber_Crime_Security.pptxCyber_Crime_Security.pptx
Cyber_Crime_Security.pptx
 
CyberSecurity Cyber24x7.pdf
CyberSecurity Cyber24x7.pdfCyberSecurity Cyber24x7.pdf
CyberSecurity Cyber24x7.pdf
 

Recently uploaded

REFLECTIONS Newsletter Jan-Jul 2024.pdf.pdf
REFLECTIONS Newsletter Jan-Jul 2024.pdf.pdfREFLECTIONS Newsletter Jan-Jul 2024.pdf.pdf
REFLECTIONS Newsletter Jan-Jul 2024.pdf.pdfssusere8ea60
 
social media chat application main ppt.pptx
social media chat application main ppt.pptxsocial media chat application main ppt.pptx
social media chat application main ppt.pptxsprasad829829
 
call girls in candolim beach 9870370636] NORTH GOA ..
call girls in candolim beach 9870370636] NORTH GOA ..call girls in candolim beach 9870370636] NORTH GOA ..
call girls in candolim beach 9870370636] NORTH GOA ..nishakur201
 
Lilac Illustrated Social Psychology Presentation.pptx
Lilac Illustrated Social Psychology Presentation.pptxLilac Illustrated Social Psychology Presentation.pptx
Lilac Illustrated Social Psychology Presentation.pptxABMWeaklings
 
(No.1)↠Young Call Girls in Sikanderpur (Gurgaon) ꧁❤ 9711911712 ❤꧂ Escorts
(No.1)↠Young Call Girls in Sikanderpur (Gurgaon) ꧁❤ 9711911712 ❤꧂ Escorts(No.1)↠Young Call Girls in Sikanderpur (Gurgaon) ꧁❤ 9711911712 ❤꧂ Escorts
(No.1)↠Young Call Girls in Sikanderpur (Gurgaon) ꧁❤ 9711911712 ❤꧂ EscortsDelhi Escorts Service
 
CALL ON ➥8923113531 🔝Call Girls Adil Nagar Lucknow best Female service
CALL ON ➥8923113531 🔝Call Girls Adil Nagar Lucknow best Female serviceCALL ON ➥8923113531 🔝Call Girls Adil Nagar Lucknow best Female service
CALL ON ➥8923113531 🔝Call Girls Adil Nagar Lucknow best Female serviceanilsa9823
 
The Selfspace Journal Preview by Mindbrush
The Selfspace Journal Preview by MindbrushThe Selfspace Journal Preview by Mindbrush
The Selfspace Journal Preview by MindbrushShivain97
 
办理西悉尼大学毕业证成绩单、制作假文凭
办理西悉尼大学毕业证成绩单、制作假文凭办理西悉尼大学毕业证成绩单、制作假文凭
办理西悉尼大学毕业证成绩单、制作假文凭o8wvnojp
 
Call Girls in Govindpuri Delhi 💯Call Us 🔝8264348440🔝
Call Girls in Govindpuri Delhi 💯Call Us 🔝8264348440🔝Call Girls in Govindpuri Delhi 💯Call Us 🔝8264348440🔝
Call Girls in Govindpuri Delhi 💯Call Us 🔝8264348440🔝soniya singh
 
《塔夫斯大学毕业证成绩单购买》做Tufts文凭毕业证成绩单/伪造美国假文凭假毕业证书图片Q微信741003700《塔夫斯大学毕业证购买》《Tufts毕业文...
《塔夫斯大学毕业证成绩单购买》做Tufts文凭毕业证成绩单/伪造美国假文凭假毕业证书图片Q微信741003700《塔夫斯大学毕业证购买》《Tufts毕业文...《塔夫斯大学毕业证成绩单购买》做Tufts文凭毕业证成绩单/伪造美国假文凭假毕业证书图片Q微信741003700《塔夫斯大学毕业证购买》《Tufts毕业文...
《塔夫斯大学毕业证成绩单购买》做Tufts文凭毕业证成绩单/伪造美国假文凭假毕业证书图片Q微信741003700《塔夫斯大学毕业证购买》《Tufts毕业文...ur8mqw8e
 
Call Girls in Kalyan Vihar Delhi 💯 Call Us 🔝8264348440🔝
Call Girls in Kalyan Vihar Delhi 💯 Call Us 🔝8264348440🔝Call Girls in Kalyan Vihar Delhi 💯 Call Us 🔝8264348440🔝
Call Girls in Kalyan Vihar Delhi 💯 Call Us 🔝8264348440🔝soniya singh
 
Cheap Rate ➥8448380779 ▻Call Girls In Mg Road Gurgaon
Cheap Rate ➥8448380779 ▻Call Girls In Mg Road GurgaonCheap Rate ➥8448380779 ▻Call Girls In Mg Road Gurgaon
Cheap Rate ➥8448380779 ▻Call Girls In Mg Road GurgaonDelhi Call girls
 
Dhule Call Girls #9907093804 Contact Number Escorts Service Dhule
Dhule Call Girls #9907093804 Contact Number Escorts Service DhuleDhule Call Girls #9907093804 Contact Number Escorts Service Dhule
Dhule Call Girls #9907093804 Contact Number Escorts Service Dhulesrsj9000
 
Call Girls Anjuna beach Mariott Resort ₰8588052666
Call Girls Anjuna beach Mariott Resort ₰8588052666Call Girls Anjuna beach Mariott Resort ₰8588052666
Call Girls Anjuna beach Mariott Resort ₰8588052666nishakur201
 
Call Girls In Andheri East Call US Pooja📞 9892124323 Book Hot And
Call Girls In Andheri East Call US Pooja📞 9892124323 Book Hot AndCall Girls In Andheri East Call US Pooja📞 9892124323 Book Hot And
Call Girls In Andheri East Call US Pooja📞 9892124323 Book Hot AndPooja Nehwal
 
办理国外毕业证学位证《原版美国montana文凭》蒙大拿州立大学毕业证制作成绩单修改
办理国外毕业证学位证《原版美国montana文凭》蒙大拿州立大学毕业证制作成绩单修改办理国外毕业证学位证《原版美国montana文凭》蒙大拿州立大学毕业证制作成绩单修改
办理国外毕业证学位证《原版美国montana文凭》蒙大拿州立大学毕业证制作成绩单修改atducpo
 
Reinventing Corporate Philanthropy_ Strategies for Meaningful Impact by Leko ...
Reinventing Corporate Philanthropy_ Strategies for Meaningful Impact by Leko ...Reinventing Corporate Philanthropy_ Strategies for Meaningful Impact by Leko ...
Reinventing Corporate Philanthropy_ Strategies for Meaningful Impact by Leko ...Leko Durda
 
8377087607 Full Enjoy @24/7-CLEAN-Call Girls In Chhatarpur,
8377087607 Full Enjoy @24/7-CLEAN-Call Girls In Chhatarpur,8377087607 Full Enjoy @24/7-CLEAN-Call Girls In Chhatarpur,
8377087607 Full Enjoy @24/7-CLEAN-Call Girls In Chhatarpur,dollysharma2066
 
Postal Ballot procedure for employees to utilise
Postal Ballot procedure for employees to utilisePostal Ballot procedure for employees to utilise
Postal Ballot procedure for employees to utiliseccsubcollector
 

Recently uploaded (20)

REFLECTIONS Newsletter Jan-Jul 2024.pdf.pdf
REFLECTIONS Newsletter Jan-Jul 2024.pdf.pdfREFLECTIONS Newsletter Jan-Jul 2024.pdf.pdf
REFLECTIONS Newsletter Jan-Jul 2024.pdf.pdf
 
social media chat application main ppt.pptx
social media chat application main ppt.pptxsocial media chat application main ppt.pptx
social media chat application main ppt.pptx
 
call girls in candolim beach 9870370636] NORTH GOA ..
call girls in candolim beach 9870370636] NORTH GOA ..call girls in candolim beach 9870370636] NORTH GOA ..
call girls in candolim beach 9870370636] NORTH GOA ..
 
Lilac Illustrated Social Psychology Presentation.pptx
Lilac Illustrated Social Psychology Presentation.pptxLilac Illustrated Social Psychology Presentation.pptx
Lilac Illustrated Social Psychology Presentation.pptx
 
(No.1)↠Young Call Girls in Sikanderpur (Gurgaon) ꧁❤ 9711911712 ❤꧂ Escorts
(No.1)↠Young Call Girls in Sikanderpur (Gurgaon) ꧁❤ 9711911712 ❤꧂ Escorts(No.1)↠Young Call Girls in Sikanderpur (Gurgaon) ꧁❤ 9711911712 ❤꧂ Escorts
(No.1)↠Young Call Girls in Sikanderpur (Gurgaon) ꧁❤ 9711911712 ❤꧂ Escorts
 
CALL ON ➥8923113531 🔝Call Girls Adil Nagar Lucknow best Female service
CALL ON ➥8923113531 🔝Call Girls Adil Nagar Lucknow best Female serviceCALL ON ➥8923113531 🔝Call Girls Adil Nagar Lucknow best Female service
CALL ON ➥8923113531 🔝Call Girls Adil Nagar Lucknow best Female service
 
The Selfspace Journal Preview by Mindbrush
The Selfspace Journal Preview by MindbrushThe Selfspace Journal Preview by Mindbrush
The Selfspace Journal Preview by Mindbrush
 
办理西悉尼大学毕业证成绩单、制作假文凭
办理西悉尼大学毕业证成绩单、制作假文凭办理西悉尼大学毕业证成绩单、制作假文凭
办理西悉尼大学毕业证成绩单、制作假文凭
 
Call Girls in Govindpuri Delhi 💯Call Us 🔝8264348440🔝
Call Girls in Govindpuri Delhi 💯Call Us 🔝8264348440🔝Call Girls in Govindpuri Delhi 💯Call Us 🔝8264348440🔝
Call Girls in Govindpuri Delhi 💯Call Us 🔝8264348440🔝
 
escort service sasti (*~Call Girls in Paschim Vihar Metro❤️9953056974
escort service sasti (*~Call Girls in Paschim Vihar Metro❤️9953056974escort service sasti (*~Call Girls in Paschim Vihar Metro❤️9953056974
escort service sasti (*~Call Girls in Paschim Vihar Metro❤️9953056974
 
《塔夫斯大学毕业证成绩单购买》做Tufts文凭毕业证成绩单/伪造美国假文凭假毕业证书图片Q微信741003700《塔夫斯大学毕业证购买》《Tufts毕业文...
《塔夫斯大学毕业证成绩单购买》做Tufts文凭毕业证成绩单/伪造美国假文凭假毕业证书图片Q微信741003700《塔夫斯大学毕业证购买》《Tufts毕业文...《塔夫斯大学毕业证成绩单购买》做Tufts文凭毕业证成绩单/伪造美国假文凭假毕业证书图片Q微信741003700《塔夫斯大学毕业证购买》《Tufts毕业文...
《塔夫斯大学毕业证成绩单购买》做Tufts文凭毕业证成绩单/伪造美国假文凭假毕业证书图片Q微信741003700《塔夫斯大学毕业证购买》《Tufts毕业文...
 
Call Girls in Kalyan Vihar Delhi 💯 Call Us 🔝8264348440🔝
Call Girls in Kalyan Vihar Delhi 💯 Call Us 🔝8264348440🔝Call Girls in Kalyan Vihar Delhi 💯 Call Us 🔝8264348440🔝
Call Girls in Kalyan Vihar Delhi 💯 Call Us 🔝8264348440🔝
 
Cheap Rate ➥8448380779 ▻Call Girls In Mg Road Gurgaon
Cheap Rate ➥8448380779 ▻Call Girls In Mg Road GurgaonCheap Rate ➥8448380779 ▻Call Girls In Mg Road Gurgaon
Cheap Rate ➥8448380779 ▻Call Girls In Mg Road Gurgaon
 
Dhule Call Girls #9907093804 Contact Number Escorts Service Dhule
Dhule Call Girls #9907093804 Contact Number Escorts Service DhuleDhule Call Girls #9907093804 Contact Number Escorts Service Dhule
Dhule Call Girls #9907093804 Contact Number Escorts Service Dhule
 
Call Girls Anjuna beach Mariott Resort ₰8588052666
Call Girls Anjuna beach Mariott Resort ₰8588052666Call Girls Anjuna beach Mariott Resort ₰8588052666
Call Girls Anjuna beach Mariott Resort ₰8588052666
 
Call Girls In Andheri East Call US Pooja📞 9892124323 Book Hot And
Call Girls In Andheri East Call US Pooja📞 9892124323 Book Hot AndCall Girls In Andheri East Call US Pooja📞 9892124323 Book Hot And
Call Girls In Andheri East Call US Pooja📞 9892124323 Book Hot And
 
办理国外毕业证学位证《原版美国montana文凭》蒙大拿州立大学毕业证制作成绩单修改
办理国外毕业证学位证《原版美国montana文凭》蒙大拿州立大学毕业证制作成绩单修改办理国外毕业证学位证《原版美国montana文凭》蒙大拿州立大学毕业证制作成绩单修改
办理国外毕业证学位证《原版美国montana文凭》蒙大拿州立大学毕业证制作成绩单修改
 
Reinventing Corporate Philanthropy_ Strategies for Meaningful Impact by Leko ...
Reinventing Corporate Philanthropy_ Strategies for Meaningful Impact by Leko ...Reinventing Corporate Philanthropy_ Strategies for Meaningful Impact by Leko ...
Reinventing Corporate Philanthropy_ Strategies for Meaningful Impact by Leko ...
 
8377087607 Full Enjoy @24/7-CLEAN-Call Girls In Chhatarpur,
8377087607 Full Enjoy @24/7-CLEAN-Call Girls In Chhatarpur,8377087607 Full Enjoy @24/7-CLEAN-Call Girls In Chhatarpur,
8377087607 Full Enjoy @24/7-CLEAN-Call Girls In Chhatarpur,
 
Postal Ballot procedure for employees to utilise
Postal Ballot procedure for employees to utilisePostal Ballot procedure for employees to utilise
Postal Ballot procedure for employees to utilise
 

Recommending information security measures

  • 2. INFORMATION SECURITY Information Security is the practice of defending information from unauthorised access, use, disclosure, disruption, modification, recording or destruction.
  • 3. Why Information Security? • Information is critical to any business and paramount to the survival of any organisation in today‟s globalised digital economy. • Governments, military, corporations, financial institutions, etc. amass huge confidential information about their employees, customers, research & financial status. Most of this information is stored on computers and transmitted across networks to other computers. • Conventional warfare has been replaced by digital or cyber war. Rivals continue attempts to gain access to the adversaries information.
  • 4. Some Examples • Bradley Manning, US soldier: involved in the biggest breach of classified data (7 Lakh Classified files, battlefield videos & diplomatic cables) in US History for providing files to Wikileaks. • A hacker stole a database from South Carolina‟s Deptt. Of Revenue, exposing 3.6 million Social Security numbers and 3.8 Lakh payment card records. More than 6.5 Lakh businesses were also compromised. • As per recent article of Indiatimes: As India‟s 108 bn $ IT Service industry is becoming the world‟s favoured outsourcing centre, India is emerging as a top destination for cyber data theft.
  • 6. In 1980 a computer cracked a 3-character password within one minute. DID YOU KNOW? In 2004 a computer virus infected 1 million computers within one hour. In 1999 a team of computers cracked a 56- character password within one day.
  • 7. REASONS FOR ATTACKS • Fraud: These attacks are after credit card numbers, bank accounts, passwords…anything of use of themselves or sell for profit • Activism: Activists disagree with a particular political or social stance one takes, and want only to create chaos and embarrass the opponent organisation. • Industrial Espionage: Specific proprietary information is targeted either in rivalry or to make profit.
  • 8. FORMS OF THREAT • Computer Viruses • Trojan Horse • Address Book Theft • Domain Name System Poisoning • Zombies (Enslaving of Computers), IP Spoofing (Replicating IP adress) • Password grabbers • Network Worms • Hijacked Home Pages • Denial of Service attacks • Phishing • Identity theft
  • 9. Top Three Security Threats • Malware (Malicious Software) • Internet- Facing Applications • Social Engineering
  • 10. Social Engineering Social Engineering is the art of deceptively influencing a person face to face, over the phone, via e mail, etc. to get the desired information. For an organisation with more than 30 employees one expert puts the success rate of social engineering at 100%. For eg.- •Convincing an employees to share a company password over the phone or chat •Tricking someone into opening a malicious e mail attachment •Sending a “free” hardware that‟s been pre- infected
  • 11. TYPICAL SYMPTOMS – File deletion – File corruption – Visual effects – Pop-Ups – Erratic (and unwanted) behavior – Computer crashes
  • 12. THREAT CONSEQUENCES • Unauthorized Disclosure – exposure, interception, inference, intrusion • Deception – masquerade, falsification, repudiation • Disruption – incapacitation, corruption, obstruction • Usurpation – misappropriation, misuse
  • 14. CONFIDENTIALITY Preventing disclosure of information to unauthorised individuals or systems. For eg. A Credit Card transaction. The system attempts to enforce confidentiality by encrypting the card number during transmission from buyer to seller.
  • 15. INTEGRITY Maintaining and assuring the accuracy and consistency of data over its entire life- cycle. This means the data cannot be modified in an unauthorised or undetected manner.
  • 16. AVAILABILITY The information must be available when it is needed, to ensure its utility. This means that the computing systems used to store and process the information, the security controls used to protect it , and the communication channels used to access it must be functioning correctly.
  • 17. MEASURES FOR INFORMATION SECURITY Use a strong password • A strong password is the best way to protect yourself against identity theft and unauthorized access to your confidential information. Protect confidential information • Varied people have access to information that must not be shared, including the password. Familiarize yourself with the applicable laws and policies which govern these records and act accordingly.
  • 18. Make sure operating system and virus protection are up- to-date • This will avoid vulnerability to hackers and others looking to steal information. Use secure and supported applications • Any software you install has the potential to be exploited by hackers, so be very careful to only install applications from a trusted source. The use of pirated software is illegal. Be wary of suspicious e-mails • Don't become a phishing victim. Never click on a link in an email; if you're tempted, cut and paste the url into your browser. That way, there's a good chance your browser will block the page if it's bad. And don't open email attachments until you've verified their legitimacy with the sender.
  • 19. Store confidential information only on HSU servers • CDs, DVDs, and USB drives are all convenient ways to store data; the trouble is, they're just as convenient for thieves as for you. Wherever possible, store confidential information in your network folder or other protected central space. If you must store confidential information locally, you must encrypt it and then delete it as soon as you no longer need it. Back up your data … and make sure you can restore it • If your computer becomes infected, the hardware fails, you may be unable to retrieve important information. So make sure your data is backed up regularly - and test that backup from time to time to make sure that the restore works correctly.
  • 20. Protect information in all its forms • Protecting your digital data is important. But paper and the human voice remain important elements of the security mix. Keep confidential printed information in locked file cabinets and shredded when no longer required. If you're talking about confidential information on the phone, take appropriate steps to ensure you're not overheard. Learn to be security-aware • Being aware and alert to the environment can prevent any disaster.
  • 21. Important Points • Classified documents should be kept in special filing cabinets, special vaults etc. • It should be in the personal custody of the concern authorised official • These should be kept locked when not in use. • These should be numbered and logged • When passing from one authorised person to the next , written signed receipt should be taken. • Shouldn‟t be taken out of premises ideally , otherwise they should be sent only in sealed boxes in double sealed cover
  • 22. • Never discuss office matters at public places • Do not carry home sensitive information • Do not use the phone to discuss sensitive information • Be careful of strangers • Wherever it is felt that something had happened, it should be immediately discussed so as to initiate damage control exercises Important Points
  • 23. BASIC GUIDELINES • Do not take unusual precautions –this will attract attention – act normal • Persons having the confidential information should be made personally responsible for protecting the same • Security must be sensible or low profile • Security should be organised in depth
  • 24. BASIC GUIDELINES • Enforce control of copies of documents • Proper control of waste paper and destruction • Check all meeting places for „bugs‟ • Be wary of consultants • Edit your journals • Nothing will remain secret, if more than two persons share the same