Professional Documents
Culture Documents
To plan measures to support these goals organizations first must be aware of the possible risks to their information
resources including hardware, applications and data and networks.
In October 1990, a major earthquake hit the San Francisco area, the head quartered wanted to obtain information
concerning the status of their operations, they need information but their companys info was not computerized, there
was a paper file containing all the desired info but no one knew who had it or where it could be found, after 5 hours the
file was found.
Controls
- Constraints and other measures imposed on a user or a system and can be used to secure systems against the
risks
Common controls
Program robustness and data entry controls robust;can perform what is intended to do and can resist
inappropriate usage,i.e., incorrect data entry; a highly robust program includes code that promptly
produces a clear message if a user either errs(make a mistake) or tries to circumvent a process; i.e., tel #,
e-add(proper format)
Controls also means of translating business policies into system features, an error appear if the debtor
has an existing rent
Effective way to control system use when dealing a transaction-processing system where it limits on the
numerical values that can be either entered into quantitative fields or output through processing; set
upper limit
Backup automatic duplicate of data is the easiest way to protect against loss of data caused by natural
disasters, computer viruses and human errors; use redundant arrays of inexpensive disks(RAIDS);however
due to great developments in telecommunications corporations prefer to back up data at remote site
through communications lines
Access controls one of the most serious threats to security
- measures taken to ensure that only those who are authorized have access to a
computer or network or to certain applications or data
Most common way to control access is using an access code and pword(change frequently, force to
change, using pword in the past); physical access controls like biometrics like finger prints, retinal pictures, voiceprints
Atomic transactions ensures that only full entry occurs in all the appropriate files; sale
transaction(invoice, shipping, accounts receivable, commission); not only control for malfunction but also
against fraud
Audit trail a series of documented facts that help detect who recorded which transactions, at what
time, and under whose approval; where there is a transaction an employees info is needed;helps
uncover undesirable acts; important tool of electronic data processing(EDP) auditor whose job is to find
erroneous cases and investigate them
Integrating Security into Development
Experience shows that it is much less expensive to incorporate measures into a system during development than to
impose them onto existing system
Security Standards
Systems developers use established standards when evaluating a systems degree of security
Orange Book originally written for military ISs now used by the IT industry as a guide
4 security levels:
1. Decision A: Verify Protection
2. Decision B: Mandatory Protection
3. Decision C: Discretionary Protection
4. Decision D: Minimal Protection or No Protection
Subclasses are numbered with 1 indicating the lowest; orange book does not address networking
issues(ISO/IEC standard)
ISO Standard provide a common set of requirements for the security functions of IT products and
systems and for assurance measures applied to them during a security evaluation ; the evaluation
results may help consumers determine the product is secure enough for the intended application;
experience shows that once a set of standards is established it becomes a reference for many in the
industry and they start to incorporate the standards in their products
Separation of Duties
most important measures to prevent abuse of ISs and criminal inside jobs is the separation of duties, it allows
checks and balances and minimize the possibility of criminal behavior
Separation of Duties in Systems development
Trapdoors are built into software by the original programmers to allow the programmers or their
collaborators access to particular applications or database. Test and fixes the weak points before the
system is introduced for use
Security Responsibilities
Separation of Duties while using the Systems is desirable when it involves financial and accounting
activities that may be subject to fraud or theft, financial institutions the electronic transfer of funds
cannot be executed unless 2 employees join their passwords to trigger the transaction; extremely
powerful control on a systems security
Network Controls
-use of networked systems increases and because of this fewer computers are standalone machines; networked
systems have their own security needs; once a user enters a network security measures using access code and
pwords are similar to any computer system; however, some additional precautions against unauthorized use on
networks can be implemented like the ff:
Callback some orgs open their systems for employees to work from home and it is more prone to
security breaches; a popular measure against unauthorized remote access is called callback
When a modem dials into a system, a special application asks for the telephone number from which the
call has been made; if the number authorized, the system disconnects and dials that number. If the
number does not match a number on its list of authorized numbers, the system does not allow access.
Encryption when communicating sensitive information via a public, parties must authenticate each
other and keep the message secret.
- coding a message into a form unreadable to an interceptor
Authentication the process of ensuring that the person, who sends a message to or receives a
message from you, is indeed that person.
Encryption programs are used to scramble information transmitted over the networks so that an
interceptor will receive unintelligible data. The original message is called plaintext; the coded message is
called ciphertext. Encryption is done by using a mathematical algorithm, which is the formula and a key.
The key is the combination of bits that must be used to figure out the formula.
Symmetric when both the sender and recipient use the same key
The recipient must have the key before the encrypted message text is recieved
Asymmetric comprising two keys: one is public and the other is private; also called
public-key encryption
the public key is distributed widely and may be known to everyone; a private key is
secret and known only to the recipient of the message; when the sender wants to send a
message to the recipient he uses the recipients public key to encrypt the message then
uses his own private key to decrypt
Encryption Strength referring to how much time it would take to figure out the key and decrypt
a ciphertext ; the strength greatly depends on the number of bits making up the key
Because of the restrictions, some companies have moved their development and sales
departments to other countries
SSL and other public-key encryption standards let companies and individuals use digital
certificates
Digital Certificate the equivalent of a physical ID card; it contains a public key and a digital signature;
certificate authorities have arrangements with financial corporations
Digital signature a digital code that uniquely identifies the sender of a message
The recipient of an encrypted message uses the certificate authoritys public key to decode the digital
certificate attached to the message, verifies it as issued by the certificate authority and then obtains the
senders public key and identification information held within the certificated. With this information, the
recipient can send an encrypted reply.
Using the web, encryption and authentication take place automatically and are transparent to users.
There is an indication in the browsers window if the communication is secure; Closed Padlock by double
clicking you can see certificates issuers name, date it was issued and expiry date
Firewalls - the best defense against unauthorized access to systems over the Internet; which is software
whose purpose is to block access to computing resources; a safer way to prevent unauthorized access to
an IS via a web site is to use a completely separate server for the resources meant to be accessible to net
surfers but this approach is inconvenient when dealing with dynamic, time-dependent information;
firewalls are also used to keep unauthorized software away computer virus and other rogue software
Recovery Measures
Security measures may reduce undesirable mishaps, but nobody can control all disasters. To be prepared for disasters
when they occur, orgs must have recovery measures. Orgs that depend on ISs for their daily business often use
redundancy, running two computers parallel, to protect against loss of data and business.
Fault tolerant - one computer is down, the work will continue on the other computer
to prepare for mishaps a program called disaster recovery plan which details what should be done and by whom
Business recovery plan or business resumption plan - considers factors beyond just computers and ISs
1. Obtain management's commitment to the plan - once magmt is committed, it should appoint a business recovery
coordinator who will develop the plan and execute it if disasters occurs
2. establish a planning committee - comprise a representative from all business units
3. perform risk assessment and impact analysis - assesses which operations would be hurt by disasters and how
long the org could continue to operate the damage resources
4. prioritize recovery needs - the disaster recovery coordinator ranks each IS application according to its effect on
an organization's ability to achieve its mission
a. critical: applications that cannot be replaced with manual systems under any circumstances
b. Vital: applications that can be replaced with manual systems for brief period
c. sensitive: applications that can be replaced with acceptable manual systems for an extended period of
time, though at great cost
d. noncritical: applications that can be interrupted for an extended period of time at little or no cost to the
organization
5. select a recovery plan - alternatives are evaluated considering the advantages and disadvantages in terms of risk
reduction, cost,and the speed at which the employee can adjust the alternative
6. select vendors - if it is determined that an external vendor can better respond to the disaster than in-house staff
and provide better alternate system then he will be the most cost-effective is selected while considering the
factors like telecommunications, experience and capacity to support current applications
7. develop and implement the plan - includes organizational and vendor responsibilities and the sequence of events
take place
8. test the plan - includes a walk-through with each business unit, simulations as if real disaster had occurred, if no
damage it is being deliberate and implement the plan
9. continually test and evaluate must be tested periodically
the plan should include the key personnel and their responsibilities; must be examined periodically and update if
necessary; the plan must be changed to reflect the new environment and the changes must be thoroughly tested;
a copy of the plan should be kept off-site, because if a disaster occurs
The cost of damage is the aggregate of all the potential damages multiplied by their respective probabilities, as follows:
n
Cost of potential Damage = Cost-of-disruption x probability-of-disruption
i=1