07-02-2013, 10:26 AM
Security Management of Information Technology
Security Management .pptx (Size: 1.62 MB / Downloads: 33)
Security Management
The goal of security management is the accuracy, integrity, and safety of all information system processes and resources.
Tools of Security Management
Internetworked Security Defenses
Encryption
Firewalls
Denial of Service Defenses
E-mail Monitoring
Virus defenses
Other security measures to protect systems and Network
Security codes
Back up files
Security monitors
Biometric security
Computer Failure Controls
Fault tolerant System
Disaster Recovery
Internetworked Security Defenses
Encryption
Data is transmitted in scrambled form
It is unscrambled by computer systems for authorized users only
The most widely used method uses a pair of public and private keys unique to each individual
Firewalls
A gatekeeper system that protects a company’s intranets and other computer networks from intrusion
Provides a filter and safe transfer point for access to/from the Internet and other networks
Important for individuals who connect to the Internet with DSL or cable modems
Can deter hacking, but cannot prevent it
Denial of Service Defenses
Steps the organisation’ s can take to protect themselves from DDOS attacks ( distributed denial of service )
At the zombie machines
set and enforce security policies
Scan for vulnerabilities
At the ISP
monitor and block traffic spikes
At the victim’s website
create backup servers and network connections
Other Security Measures
Security Codes
multilevel password system used to gain access into the system
Encrypted passwords
Smart cards with microprocessors
Backup Files
duplicate files of data or programs
Security Monitors
software that monitors the use of computer systems and networks and protects them from unauthorized use, fraud, and destruction
Biometrics
computer devices that measure physical traits that make each individual unique
Voice recognition, fingerprints, retina scan
Computer Failure Controls
devices used to prevent computer failure or minimize its effects
Preventive maintenance
Arrange backups with a disaster recovery organization
Auditing IT Security
IT Security Audits
Performed by internal or external auditors
Review and evaluation of security measures and management policies
Goal is to ensure that that proper and adequate measures and policies are in place