It requires use of a key for decoding certificate

This preview shows page 80 - 82 out of 82 pages.

It requires use of a key for decoding. Certificate authority—manages distribution of keys on a busy Web site. Secure Sockets Layer (SSL)—popular public key encryption method. Virus Monitoring and Prevention Virus prevention Purchase and install antivirus software. Update frequently. Do not download data from unknown sources. Flash drives, disks, Web sites Delete (without opening) e-mails from unknown sources. Do not blindly open e-mail attachments Even if they come from a known source. Report any viruses to the IT department. Audit-Control Software
Image of page 80

Subscribe to view the full document.

Keeps track of computer activity Spots suspicious action Audit trail Record of users Record of activities IT department needs to monitor this activity. Secure Data Centers Specialized facilities are important. Technical Requirements Power Cooling How do organizations reliably protect themselves from threats? Ensuring Availability High-availability facilities To ensure uninterrupted service Self-sufficient Backup cooling systems Raised floors (to more easily reconfigure systems) Built to withstand storms Collocation facilities UPS servers need 24/7/365 reliability Human Safeguards Use of federal and state laws as well as ethics Computer Forensics Use of formal investigative techniques to evaluate digital information Evaluation of storage devices for traces of illegal activity Now common in murder cases Restoration of deleted files Honeypots used to entice and catch hackers and crackers Example: DarkMarket Some criminals have special “booby-trap” programs to destroy evidence. IS Controls, Auditing, and Sarbanes-Oxley Act Information Systems control specific IT processes designed to ensure reliability of information Controls should be a combination of three types: Preventive controls Detective controls Corrective controls Hierarchy of IS Controls Types of IS Controls Policies
Image of page 81
Define aim and objectives. Standards Support the requirements of policies. Organization and management Define the lines of reporting. Physical and environmental controls Protect the organization’s IS assets. Types of IS Controls (cont’d) Systems software controls Enable applications and users to utilize the systems. Systems development and acquisition controls Ensure systems meet the organization’s needs. Application-based controls Ensures correct input, processing, storage, and output of data; maintain record of data as it moves through the system. IS Auditing Information Systems audit Performed by external auditors to help organizations assess the state of their IS controls. To determine necessary changes To assure the IS availability, confidentiality, and integrity Risk assessment Determine what type of risks the IS infrastructure faces.
Image of page 82

{[ snackBarMessage ]}

Get FREE access by uploading your study materials

Upload your study materials now and get free access to over 25 million documents.

Upload now for FREE access Or pay now for instant access
Christopher Reinemann
"Before using Course Hero my grade was at 78%. By the end of the semester my grade was at 90%. I could not have done it without all the class material I found."
— Christopher R., University of Rhode Island '15, Course Hero Intern

Ask a question for free

What students are saying

  • Left Quote Icon

    As a current student on this bumpy collegiate pathway, I stumbled upon Course Hero, where I can find study resources for nearly all my courses, get online help from tutors 24/7, and even share my old projects, papers, and lecture notes with other students.

    Student Picture

    Kiran Temple University Fox School of Business ‘17, Course Hero Intern

  • Left Quote Icon

    I cannot even describe how much Course Hero helped me this summer. It’s truly become something I can always rely on and help me. In the end, I was not only able to survive summer classes, but I was able to thrive thanks to Course Hero.

    Student Picture

    Dana University of Pennsylvania ‘17, Course Hero Intern

  • Left Quote Icon

    The ability to access any university’s resources through Course Hero proved invaluable in my case. I was behind on Tulane coursework and actually used UCLA’s materials to help me move forward and get everything together on time.

    Student Picture

    Jill Tulane University ‘16, Course Hero Intern