iinformation security

12

Information Security What it mean ?? Protect Information Set rules for Expected behavior of users Authorise security personal to monitor, probe & investigate Define and authorize consequences of violation Help to track to compliance with regulation

Upload: amitmujumdar

Post on 19-Jun-2015

195 views

Category:

Documents

0 download

Report

Download

Tags:

Embed Size (px):

DESCRIPTION

IT's most important aspect is covered

TRANSCRIPT

Page 1: Iinformation security

Information Security

What it mean ??

Protect Information Set rules for Expected behavior of users Authorise security personal to monitor, probe & investigate

Define and authorize consequences of violation Help to track to compliance with regulation

Page 2: Iinformation security

Audience groups

Management – All Levels Technical Staff End Users IT Engineers

Page 3: Iinformation security

In relation with

Data Management Information Ownership Roles & Responsibility Risk Management Implementation of IT Policy Security awareness training

Page 4: Iinformation security

Roles & Responsibility

For Data Classification – Roles & Responsibility Information Owner Information Custodian Application Owner User Manager Security Administrator End User

Page 5: Iinformation security

Information Security

Information Security should be handled through Data Management Responsibility / Ownership of data Unattended Computers Control over software usage Data Transfer Discipline with Internet Usage

Page 6: Iinformation security

Steps towards Information Security

Identification of current Vulnerabilities Data Management

Required Attention Ownership, Reporting on utilisation

Priority List Critical Information centers (Imp dept , Billing section, service counter desk info)

Compliance Department Manual on data management

Security Awareness Training

Audit Verification Process

Page 7: Iinformation security

Information Ownership

Observation Suggestion Expected Result

Process Owners are not aware of their responsibility about their data Management.

Data management should be implemented by Department Data Policy. It should be followed with prime responsibility by everyone and its responsibility lies with process owners.

Training should be provided by Process owners to end users to follow data management as per department data policy.

Through Ownership, the data security will be enhanced at department level.

Page 8: Iinformation security

Risk Management

Risks can be identified & reduced, but never eliminated .

Risk of data transfer is minimized by control over followings

USB mass storage – Should be Prohibited Optical Drives – Should be Prohibited Data transfer using allowed USB drives – Should be

Recorded Internet access – Should be controlled Server Data – Should be controlled by Access Control Policy

Page 9: Iinformation security

Risk Management Continued

CCTV Surveillance will be useful for : - Prevention & deterrent for theft Establishment of an anti fraud culture Event Recordings

Page 10: Iinformation security

IT Policy

A proper IT policy will be useful to enforce Information security.

Components of effective IT Policy• Purpose

• Authorization

• Scope

• Measurement expectations

• Exception Procedure

• Accountability

• Listing of Risk Management Practices

Page 11: Iinformation security

Training

Security Awareness Must be driven from Top to Bottom Must be comprehensive to all the way to usb pen

drives

Training Programs• Should be part of Induction program

• Part of regular training for employees

• For all levels of management to end users

• Evaluation of audience

Page 12: Iinformation security

Information Security

Thank You

INTRODUZIONE - Compuprint · 2019-03-14 · Compuprint Compuprint PProducts roducts IInformation nformation Thanks for choosing the Compuprint 9065-9080 printer models. Your printer

D l Cataract Iinformation

der Stadt Bad Schandau und der Gemeinden Rathmannsdorf ...2 Amtsblatt Bad Schandau Nr. 25/2015 iInformation Aus dem Inhalt Öffnungszeiten Informationen aus dem Rathaus Aus den Gemeinden

Quick Guide: Sharing Patient Informationlhp.leedsth.nhs.uk/LeedsPathways/files/adultsafeguarding/... · 2018-09-24 · 2. INTRODUCTION. IInformation sharing is an important issue

UNIVERSAL SERVICE FUND: $2.25 BILLION TECHNOLOGY … · If ti T tS t D iInformation Transport ... • 1969 ARPANET Department of Defense1969 ... • El t i b ki i f tiElectronic banking

NextGen Release Notes, - AHN) iInformation/5.4.29+Release+Notes.pdfor redistributed to anyone other than licensed users without prior, ... EPM Enhancements 4 Use ... The release notes

CURRICULUM VITAE - Kenyatta University...1 CURRICULUM VITAE 1.0: PERSONAL IINFORMATION NAME: - Charles Nyakiti Orawo HOME ADDRESS: - P.O. Box 4004, KISUMU, KENYA. MOBILE: - +254 733447718

Partie A INNOVATION - evoREG · technology. S=Support of ... Banking IPR and Innovation and Standards and ... Une if iinformation peut‐être dé idécrite avant tout comme un

PC210-10M0 PC210LC - komatsu.co.za · PC210/210LC-10M0 IInformation & Communication Technology (ICT) & KOMTRAXnformation & Communication Technology (ICT) & KOMTRAX †Large multi

High Speed, Low Power Current Comparators with HysteresisHigh Speed, Low Power Current Comparators with Hysteresis Neeraj K. Chasta Dhirubhai Ambani Institute of Iinformation & Communication

Part · 2013-05-27 · 36 Korea Electric Engineers Association 2004. 7 Part Electric Engineers Technology Iinformation CONTENTS. 37. Electric Engineers Technology information 38 Korea

Organization and regulation of financial systems S8 DMCrenaud.bourles.perso.centrale-marseille.fr/Cours/Organization_and... · BModels for banking regulation ... IInformation IIncentives

Module 55: IInformation GGathering, Part 11: … 5.pdfInclusiveness at Work 51 Module 5 Module 55: IInformation GGathering, Part 11: AAvailable FFacts Developing Your Scope and Strategy

信息工程 IInformation Engineeringnformation Engineering · Info Infrastructure Design Lab plus major electives Engineering Physics Calculus for Engineers Linear Algebra & Vector

Engineering - Iinformation for teenagers

sgfibre.com.pksgfibre.com.pk/assets/Annual-Report-2014.pdf · COMPANY IINFORMATION Board of Directors Mrs.Zubaida Khatoon Mr. Sohail Ahmed Mr. Asim Ahmed ... Technology Trade Private

Reports/Annual Report 2002.pdf · CORPORATE IINFORMATION BOARD OF ... products and services by introducing latest technology based innovations such as Internet banking …

Sicherheitsaspekte bei der Nutzung mobiler Applikationen ... · Technology Law & Law and Informatics Starting April 2011 Prof. Dr. Reiser Junior Professor for Security in IInformation

信息工程 IInformation Engineeringnformation …Intro to Engineering Design Problem Solving by Programming Principles of Communications Systems, Communications Lab Data Structures,

danube-inco.net€¦ · Publisher: Government oof tthe RRepublic oof MMacedonia Commission ffor IInformation TTechnology Working Group: Goce Armenski, Assistant at the Informatics

BAL-7 BBOF BBRONZE AAND BSOF BBRONZE WITH ......BAL-7 30BBOF BBRONZE AAND 30BSOF BBRONZE WITH SSTAINLESS SSTEEL TRIM ORDERING IINFORMATION FULL-PORT, TTHREE-PIECE BBALL VALVES 1⁄

THE CHALLENGES & OPORTUNITIESipenconsulting.com/yahoo_site_admin/assets/docs/P8_Jon_Respati... · THE CHALLENGES & OPORTUNITIES 1. ... – PidProvide accurate if iinformation on the

CURRICULUM VITAE - creativearts.ku.ac.kecreativearts.ku.ac.ke/images/2020/ProfCharlesNyakiti0120.pdf · 1 curriculum vitae 1.0: personal iinformation name: - charles nyakiti orawo

15.578 Global Information Systems: Communications ... · Technology, Strategy, and Organizational Factors ... Banking BancOne Credit Cards ... IInformation management services

Assessing Access tto IInformation, Participation, and ...pdf.wri.org/taiguide.pdf · ii Note to the Reader This version of Assessing Access to Information, Participation, and Justice

Module 77: IInformation GGathering, Part 33: CCompiling ...nonprofitinclusiveness.org/files/Module 7.pdf · Inclusiveness at Work 61 Module 7 Module 77: IInformation GGathering, Part

visIT 2002international nr - Fraunhofer IOSB · Traffic IInformation Technology Unfortunately, there have recently ... actions (electronic banking), to serve as a play station or

CINEMOOD. Quick Start Guide€¦ · IINFORMATION ABOUT CERTIFICATES SEE IN FULL USER MANUAL TECHNICAL CHARACTERISTICS Dimensions Size: 3,14’’ х 3,14’’ х 3,14’’ Weight:

信息工程 IInformation Engineeringnformation Engineering · With solid IT knowledge, strong problem solving skills, and good communication abilities, our graduates have very promising

F0 o019 IINFORMATION ON.LY RADIOACTIVE …dissolution to be included in the abstracted models used for PA calculations, evaluate how the models can be used to calculate bounding values

Holonomy groups - University of Adelaide · IHolonomy groups encode geometric information IInformation about solutions to “geometric” differential equations can be obtained by

IBM Banking Competence Center (BCC) · IBM Banking Competence Center (BCC) ... IInformation Technology Services ... IBM Banking Competence Center Offering Portfolio

Quantum IInformation Processing in Brain Systems and · PDF fileQuantum IInformation Processing in Brain Systems and ... when a issue becomes "hot," fashion- sequences of these differences

Spatial Knowledge Management in Urban Local … · Institutional Knowledge and Technology Management By.Luz.Consuelo.Muguruza.Minaya,.Walter.Menacho.Gallardo ... is iinformation exchanged,

HUMAN RESOURCE IINFORMATION SYSTEM · PDF fileSystem Doc. • Development • User Acceptance, Test, Data Conversion • Parallel Run & UAT • Go Live Implementation Stage (5 Months