Computer Security - PowerPoint PPT Presentation

1 / 14
About This Presentation
Title:

Computer Security

Description:

Security is a critical area of any information system, and the ... Viruses, Hoax and inviting emails, Chain letters (spam) 68% acknowledge financial loss ... – PowerPoint PPT presentation

Number of Views:21
Avg rating:3.0/5.0
Slides: 15
Provided by: mikeas
Category:

less

Transcript and Presenter's Notes

Title: Computer Security


1
Computer Security
Mike Asoodeh Ray Dejean Office of
Technology Southeastern Louisiana University
2
  • Security is a critical area of any information
    system, and the question is not is the
    information system vulnerable? but how
    vulnerable is it?.

3
Security Realities
  • Impenetrable security doesnt exist
  • Too many facts, not enough information
  • Human-made environment

4
Facts
  • Recent attacks on seemingly "secure" sites such
    as The White House, DOD, FBI and Microsoft.com
    have proven that despite massive public and
    private investment in cyber defense technology
    and methodology, hackers continue to pose a
    serious threat to the "information
    infrastructure."

5
Facts
  • These days invasions are experienced directly
    (perhaps for the first time) by the growing
    masses of casual web surfers. Personal protection
    techniques available
  • What you know
  • What you have
  • What you are

6
Facts
  • Computer related attacks double annually
  • Viruses, Hoax and inviting emails, Chain letters
    (spam)
  • 68 acknowledge financial loss
  • 90 not reported
  • 74 used internet connection as POA

7
Classical Security Model
  • Isolated islands behind protective barriers
  • Security management was mainly access control
    administration of limited numbers of system users
    (a.k.a. Employees)

8
Traditional Access Points
9
eBusiness Model
  • Open to partners
  • Open to customers
  • Open to hackers, thieves, malicious code

10
New Access Points
11
A Systemic Approach to Security
  • Identification of the risks to the environment
    and business
  • Development of a security policy that is
    consistent with business objectives and
    requirements
  • Translation of policy into practice through
    technology and operational Best Practices
  • Business continuity Plan
  • Properly trained and trustworthy staff

12
New Security Considerations
  • Internet / Intranet Attacks
  • Vandalism/hacktivism
  • Denial of service
  • Virus and other malicious code infection
  • Information theft
  • Intrusion
  • Exploitation of assets

13
New Security Considerations
  • Trust
  • Identity of partners
  • Identity of customers
  • Identity of employees

14
New Security Considerations
  • Privacy and protection of identity
  • prevent data interception and data spoofing with
    a Policy Based Access Control
  • Who can access data?
  • Who can invoke service?
  • Who can impact system?
  • Are our Assets protected?
Write a Comment
User Comments (0)
About PowerShow.com