Access change make changes to original data

Info icon This preview shows pages 3–6. Sign up to view the full content.

View Full Document Right Arrow Icon
Access Change – make changes to original data Operations Jobs n Computer Operator – backups, system console, mounting tapes, hardware, software n Operations Analyst – works with application developers, maintenance programmers and computer operators n Job Control Analyst – responsible for overall job control quality n Production Scheduler – planning and timing of processing n Production Control Analyst – printing and distribution of reports n Tape Librarian – collects tapes, manages off-site storage Record Retention - Records should be maintained according to management, legal, audit and tax requirements Data Remanence – Data left on media after it has been erased Due care and Due Diligence – Security Awareness, Signed Acceptance of Employee Computer Use Policy
Image of page 3

Info icon This preview has intentionally blurred sections. Sign up to view the full version.

View Full Document Right Arrow Icon
Documentation – procedures for operations, contingency plans, security polices and procedures Operation Controls Resource Protection n Protecting Resources from disclosure alteration or misuse n Hardware – routers, firewalls, computers, printers n Software – libraries, vendor software, OS software n Data Resource – backup data, user data, logs Hardware Controls n Hardware Maintenance n Requires physical and logical access by support and vendors n Supervision of vendors and maintenance, background checks n Maintenance Accounts n Disable maintenance accounts when not needed n Rename default passwords n Diagnostic Port Control n Specific ports for maintenance n Should be blocked from external access n Hardware Physical Controls – require locks and alarms n Sensitive operator terminals n Media storage rooms n Server and communications equipment n Modem pools and circuit rooms Software Controls n Anti-virus Management – prevent download of viruses n Software Testing – formal rigid software testing process n Software Utilities – control of powerful utilities n Safe software Storage – prevent modification of software and copies of backups n Back up Controls – test and restore backups Privileged Entity Controls –“ privileged operations functions” n Extended special access to system commands n Access to special parameters n Access to system control program – some only run in particular state Media Resource Protection Media Security Controls – prevent the loss of sensitive information when the media is stored outside the system n Logging – log the use of the media, provides accountability n Access Control – physical access control n Proper Disposal – sanitization of data – rewriting, degaussing, destruction Media Viability Controls – protect during handling, shipping and storage n Marking – label and mark media, bar codes n Handling – physical protection of data n Storage – security and environmental protection from heat, humidity, liquids, dust, smoke, magnetism Physical Protection Protection from physical access n Hardware – routers, firewalls, computers, printers n Software – libraries, vendor software, OS software
Image of page 4
Physical piggybacking –
Image of page 5

Info icon This preview has intentionally blurred sections. Sign up to view the full version.

View Full Document Right Arrow Icon
Image of page 6
This is the end of the preview. Sign up to access the rest of the document.

{[ snackBarMessage ]}

What students are saying

  • Left Quote Icon

    As a current student on this bumpy collegiate pathway, I stumbled upon Course Hero, where I can find study resources for nearly all my courses, get online help from tutors 24/7, and even share my old projects, papers, and lecture notes with other students.

    Student Picture

    Kiran Temple University Fox School of Business ‘17, Course Hero Intern

  • Left Quote Icon

    I cannot even describe how much Course Hero helped me this summer. It’s truly become something I can always rely on and help me. In the end, I was not only able to survive summer classes, but I was able to thrive thanks to Course Hero.

    Student Picture

    Dana University of Pennsylvania ‘17, Course Hero Intern

  • Left Quote Icon

    The ability to access any university’s resources through Course Hero proved invaluable in my case. I was behind on Tulane coursework and actually used UCLA’s materials to help me move forward and get everything together on time.

    Student Picture

    Jill Tulane University ‘16, Course Hero Intern