This document discusses information security and threats. It begins by defining information security, its primary goals of confidentiality, integrity and availability, and related terms like IT security and information assurance. It then outlines several common threats like unauthorized access, cyber espionage, malware, data leakage, mobile device attacks, spam, and identity theft. Finally, it discusses different types of information security controls including physical, technical and administrative controls to help protect information systems.
2. DEFINITION:
• The protection of information and its elements including system,
hardware that use, store and transmit the information
PRIMARY GOALS
CIA triangle known as security triad tells the primary goals of IS
Confidentiality
• Making sure that those who should not see information
Integrity
• Making sure that the information has not been changed from its original
Availability
• Making sure that the information is available for use when you need it.
3. What is Information Security?
• Known as InfoSec, which is the practice of defending information from unauthorized access,
use, disclosure, disruption, modification, perusal, inspection, recording or destruction.
• It is a general term that can be used regardless of the form the data may take (electronic,
physical, etc...)
• I.T. Security: Sometimes referred to as computer security, Information Technology Security
is information security applied to technology (most often some form of computer system).
• It is worthwhile to note that a computer does not necessarily mean a home desktop. A
computer is any device with a processor and some memory.
• IT security specialists: are almost always found in any major enterprise/establishment due to
the nature and value of the data within larger businesses.
• Information assurance: The act of ensuring that data is not lost when critical issues arise.
• These issues include but are not limited to: natural disasters, computer/server malfunction,
physical theft, or any other instance where data has the potential of being lost.
• Since most information is stored on computers in our modern era, information assurance is
typically dealt with by IT security specialists.
• One of the most common methods of providing information assurance is to have an off-site
backup of the data in case one of the mentioned issues arise.
4. Threats to Information System?
• There are many information security threats that we need to be constantly aware of and
protect against in order to ensure our sensitive information remains secure.
Unauthorized Access – Enter at your own risk
The attempted or successful access of information or systems, without permission or rights to do so.
Ensure you have a properly configured firewall, up to date malware prevention software and all software has the
latest security updates.
Protect all sensitive information, utilizing encryption where appropriate, and use strong passwords that are changed
regularly.
Cyber Espionage – Hey, get off my network!
The act of spying through the use of computers, involving the covert access or ‘hacking’ of company or
government networks to obtain sensitive information.
Be alert for social engineering attempts and verify all requests for sensitive information.
Ensure software has the latest security updates, your network is secure and monitor for unusual network behavior.
Malware – You installed what?!
A collective term for malicious software, such as viruses, worms and trojans; designed to infiltrate systems and
information for criminal, commercial or destructive purposes.
Ensure you have a properly configured firewall, up to date malware prevention and all software has the latest
security updates.
Do not click links or open attachments in emails from unknown senders, visit un-trusted websites or install dubious
software.
Data Leakage – I seek what you leak.
The intentional or accidental loss, theft or exposure of sensitive company or personal information
Ensure all sensitive information stored on removable storage media, mobile devices or laptops is encrypted
Be mindful of what you post online, check email recipients before pressing send, and never email sensitive company
information to personal email accounts
5. Threats to Information System?
Mobile Device Attack – Lost, but not forgotten.
The malicious attack on, or unauthorized access of mobile devices and the information stored or processed by them;
performed wirelessly or through physical possession.
Keep devices with you at all times, encrypt all sensitive data and removable storage media, and use strong
passwords.
Avoid connecting to insecure, un-trusted public wireless networks and ensure Bluetooth is in ‘undiscoverable’ mode.
Spam – Email someone else
Unsolicited email sent in bulk to many individuals, usually for commercial gain, but increasingly for spreading
malware.
Only give your email to those you trust and never post your address online for others to view.
Use a spam filter and never reply to spam emails or click links within them.
Mobile Device Attack – Lost, but not forgotten.
The theft of an unknowing individual’s personal information, in order to fraudulently assume that individual’s identity
to commit a crime, usually for financial gain.
Never provide personal information to un-trusted individuals or websites.
Ensure personal information is protected when stored and securely disposed of when no longer needed.
6. Protecting Information System
Information Security Controls
Computer security, specifically, is the protection of data in a system against unauthorized
disclosure, modification, or destruction and protection of the computer system itself against
unauthorized use, modification, or denial of service.
Physical Controls
It is the use of locks, security guards, badges, alarms, and similar measures to control access to
computers, related equipment (including utilities), and the processing facility itself.
In addition, measures are required for protecting computers, related equipment, and their
contents from espionage, theft, and destruction or damage by accident, fire, or natural disaster
(e.g., floods and earthquakes).
Technical Controls
Involves the use of safeguards incorporated in computer hardware, operations or applications
software, communications hardware and software, and related devices.
Technical controls are sometimes referred to as logical controls.
Preventive technical controls are used to prevent unauthorized personnel or programs from
gaining remote access to computing resources. Examples of these controls include:
•Access control software
•Antivirus software
•Library control systems
•Passwords
7. Protecting Information System
• Smart cards
• Encryption
• Dial-up access control and callback systems
Administrative Controls
Consists of management constraints, operational procedures, accountability procedures, and
supplemental administrative controls established to provide an acceptable level of protection
for computing resources.
In addition, administrative controls include procedures established to ensure that all personnel
who have access to computing resources have the required authorizations and appropriate
security clearances.
Preventive administrative controls are personnel-oriented techniques for controlling people’s
behavior to ensure the confidentiality, integrity, and availability of computing data and
programs. Examples of preventive administrative controls include:
• Security awareness and technical training
• Separation of duties
• Procedures for recruiting and terminating employees
• Security policies and procedures
• Supervision.
• Disaster recovery, contingency, and emergency plans
• User registration for computer access
8. Internet Security?
In 1980 a computer cracked a 3-character password within one minute.
In 1999 a team of computers cracked a 56-character password within one day.
In 2004 a computer virus infected 1 million computers within one hour.
1.Computer Virus:
•Needs a host file
•Copies itself
•Executable
2.Network Worm
•No host (self-contained)
•Copies itself
•Executable
3.Trojan Horse:
•No host (self-contained)
•Does not copy itself
•Imposter Program