Lecture10 - Lecture 10 Information Security Objectives What...

Info iconThis preview shows page 1. Sign up to view the full content.

View Full Document Right Arrow Icon
This is the end of the preview. Sign up to access the rest of the document.

Unformatted text preview: Lecture 10 Information Security Objectives What is information security? First Line of Defense People Second Line of Defense Technology Information Security Policies vs. Information Security Plan Three Primary Security Areas: authentication and authorization prevention and resistance detection and response Information Security Information security a broad term encompassing the protection of information from accidental or intentional misuse by persons inside or outside an organization Lines of Defense Organizations can implement information security lines of defense through: people technology The biggest issue surrounding information security is not a technical issue, but a people issue The first line of defense is through people First Line of Defense People 38% of security incidents originate within the organization The first line of defense an organization should follow to help combat insider issues is to develop information security policies and an information security plan First Line of Defense People Information Security Policies vs. Information Security Plan Information security policies identify the rules required to maintain information security Information security plan details how an organization will implement the information security policies Second Line of Defense Technology 1. Authentication and authorization 2. Prevention and resistance 3. Detection and response Three primary information security areas Authentication vs. Authorization Authentication a method for confirming users' identities Authorization the process of giving someone permission to do or have something Authentication 1. Something the user knows such as a user ID and password 2. Something the user has such as a smart card or token 3. Something that is part of the user such as a fingerprint or voice signature The most secure type of authentication involves a combination of the following: Something the User Knows User ID and passwords are the most common way to identify individual users Identity theft the forging of someone's identity for the purpose of fraud Phishing a technique to gain personal information for the purpose of identity theft Amount of Identity Thefts (billions) Something the User Has Smart card a device that is around the same size as a credit card, containing embedded technologies that can store information and small amounts of software to perform some limited processing Something the user has; for example, smart card Something that is part of the user Biometrics the identification of a user based on a physical characteristic, such as a fingerprint, iris, face, voice, or handwriting This is by far the best and most effective way to manage authentication Unfortunately, this method can be costly and intrusive Prevention and Resistance 1. Content filtering 2. Encryption 3. Firewalls Technologies available to help prevent and build resistance to attacks include: Content Filtering Spam a form of unsolicited e mail Organizations can use content filtering technologies to filter e mail and prevent emails containing sensitive information from transmitting and stop spam and viruses from spreading Content Filtering Worldwide corporate losses caused by spam (in billions) Encryption Encryption scrambles information into an alternative form that requires a key or password to decrypt the information Public Private key encryption uses two keys: a public key that everyone can have and a private key for only the recipient If the information was encrypted, the person stealing the information would be unable to read it Firewalls Firewall hardware and/or software that guards a private network by analyzing the information leaving and entering the network One of the most common defenses for preventing a security breach is a firewall Detection and Response If prevention and resistance strategies fail and there is a security breach, an organization can use detection and response technologies to mitigate the damage Antivirus software is the most common type of detection and response technology Hacker Whitehat hacker Blackhat hacker Hacker people very knowledgeable about computers who use their knowledge to invade other people's computers Virus Worm Backdoor program Polymorphic virus and worm Virus software written with malicious intent to cause annoyance or damage Denialofservice attack (DoS) Denial of service (DoS) attacks disable infrastructure devices (usually web servers) by flooding them with an overwhelming number of service requests Distributed denialofservice attack (DDoS) ...
View Full Document

This note was uploaded on 04/18/2008 for the course BUS 2700 taught by Professor Rienzo during the Spring '07 term at Western Michigan.

Ask a homework question - tutors are online