210 likes | 426 Views
Chapter 2 Information Security Overview. The Executive Guide to Information Security manual. Introduction. Infor Security Programs requires solutions from: People Process Technology People administers security programs & processes to ensure info are protected
E N D
Chapter 2 Information Security Overview The Executive Guide to Information Security manual
Introduction • Infor Security Programs requires solutions from: • People • Process • Technology • People administers security programs & processes to ensure info are protected • Using Technology, Layered Security (defense in depth) can be develop to protect information assets.
Overview • Information Security Principles & components of Info Sec program for Enterprises • Review of major security technologies & best practices • Foundation for more in-depth security review in subsequent classes.
3 Major components of Info. Sec. Program • Peopleplay a critical role in Information Security . • Processes provides guidelines for securing information assets • Technologyenables security programs to be executed. • What is the weakest link in Info Sec.?
People • Having the right people in Key positions is paramount to a successful Security Program. WHY??? • Skills • Change management • SOD • Many other reasons
Process • Provides a framework/standards for People to execute security operations • What are some of the processes? • Policies • Procedures • Guidelines • Work Aids • Training • Risks & Security Assessments • Access on the Principle of Lease Privilege (Need-to-Know) • Others • Process serves as the “glue” bwt PEOPLE & TECH to ensure Security Programs are operating effectively
The most vast and complicated component of the Security Program. Why is Technology the most complicated components? • Variety of products currently in market • Products don’t all work in sync together • Need special knowledge to run different security applications. • Constant upgrades/maintenance to ensure product operates in an optimal manner
Defense – in – Depth • Layer security for • Gateway – entryway btw 1 part of the environment to another (internet to network) • Server – PCs that performs shared functions (ERP, SAP, PeopleSoft) • Client – desktops, laptops, PDAs, others that employees used daily • 4 Major zones for defense • External (internet) • Extranet • Intranet • Missions Critical systems
Today’s Security Technology • Authentication, Authorization & Accounting (AAA) • Firewalls/Virtual Private Network (VPN) • Anti-Virus software • Intrusion Detection/Intrusion Prevention (IDS/IPS) • Content filtering • Encryption
Authentication, Authorization & Accounting (AAA) What are some examples of Security tools? • Access Control List (ACL) • RSA tokens • Smart cards • Biometric What is a 2 factor authentication? • Something you know • Something you have
Privilege Access • What is privilege access? • Admin, Super user, sys admin, utility, etc. • How should privilege access be controlled? • Limit access, daily/wkly/monthly monitoring, mandatory access change control, etc. • What is Single Sign on (SSO) & how should this be controlled? • Access on the concept of Lease privilege • Monitor & timely removal of access when not in use for 30 days. • Periodic password change
Firewalls • What is a firewall? • Filters electronic traffics to allow only certain types of information to flow to the CO’s network • What are the 3 type of firewalls? • Packet Filtering – reviews the header/address • Statefull Inspection- verify the inbound packet matches the outbound request (identifies legitimacy of source ie addresses on a letter) • Proxy firewall-read & rewrite ea. packet to only allow valid messages to pass to the network. More secure at a slower speed.
Virtual Private Networks (VPN) • What is VPN? • Tool that enables secure connection the network when using public network (internet) • Use encryption to protect data (tunnel) • Uses hardware & software combo to secure access
Anti-Virus Software • Why should you install updated anti-virus? • Prevent pc infection from virus, worms, Trojan horse, malware in general • Virus vs Worms- what is the difference? • Signature vs Heuristic virus • Signature relays on know pattern • Heuristic looks for pattern of potential virus (lots of false positives)
Vulnerability Management • Network based & Host based • Network base identify know vulnerabilities on the network • Host based scan physical devices ( servers) • Patch management • Intrusion Detection System (IDS) • Intrusion Prevention System (IPS) • Content Filtering • Encryption (symmetric & asymetric)
Summary Key Points • Effective info sec program use a combination of People, Process & Technology • People are the weakest link, therefore, it is the most important aspect of the program • Processis the gel that binds People & Technology to effectively protect information assets • Technology can be use to layer security for Defense –in-Depth approach to protect information asset.