Information Systems Program Security Information Systems in Business James Lee Security confidentiality, integrity, and availability for all components of computer systems Information Systems Security Network Security Threats of Network Security Safeguards of Network Security Firewall Encryption VPN – Virtual Private Network SSL – Secure Sockets Layer Information Systems Security the processes and methodologies involved with keeping information confidential, available, and assuring its integrity • Access controls, which prevent unauthorized personnel from entering or accessing a system. • Protecting information no matter where that information is, i.e. in transit (such as in an email) or in a storage area. • The detection and remediation of security breaches, as well as documenting those events. Network Security Network Security is the process of taking physical and software preventative measures to protect the underlying networking infrastructure from unauthorized access, misuse, malfunction, modification, destruction, or improper disclosure, thereby creating a secure platform for computers, users and programs to perform their permitted critical functions within a secure environment. With network security in place, (1) organizations are protected against business disruption, which helps keep employees productive. (2) Network security helps your company meet mandatory regulatory compliance. Because network security helps protect your customers' data, it reduces the risk of legal action from data theft. Ultimately, (3) network security helps protect a business's reputation, which is one of its most important assets. Threats of Network Security Many network security threats today are spread over the Internet. The most common include: • • • • • • • Viruses, worms, and Trojan horses Spyware and adware Zero-day attacks, also called zero-hour attacks Hacker attacks Denial of service attacks Data interception and theft Identity theft https://blackmoreops.com/wp-content/uploads/2015/10/Free-DOS-Attack-Tools-DoS-attack-blackMORE-Ops.jpg Safeguards of Network Security • Anti-virus - a program or set of programs that are designed to prevent, search for, detect, and remove software viruses, and other malicious software like worms, trojans, adware, and more • Anti-spyware - a type of malware that is installed on a computer without the user's knowledge in order to collect information about them • Intrusion prevention systems (IPS), to identify fast-spreading threats, such as zero-day or zero-hour attacks (A zero-day (also known as zero-hour or 0-day or day zero) vulnerability is an undisclosed computer-software vulnerability that hackers can exploit to adversely affect computer programs, data, additional computers or a network.) • Firewall, to block unauthorized access to your network • Virtual Private Networks (VPNs), to provide secure remote access The Best Free Anit-virus & Anti-spyware Software: BitDefender Antivirus, Panda Antivirus, AVG Anti-Virus, Ad-Aware Anti-Virus, MalwareBytes AntiMalware, SpyBot Search and Destroy, Avast Antivirus, Emsisoft Emergency Kit, HijackThis, SUPERAntiSpyware Firewall A firewall is a software program or piece of hardware that helps screen out hackers, viruses, and worms that try to reach your computer over the Internet. Packet filtering, or stateless firewalls work by inspecting individual packets in isolation. As such, they are unaware of connection state and can only allow or deny packets based on individual packet headers. Stateful firewalls are able to determine the connection state of packets, which makes them much more flexible than stateless firewalls. They work by collecting related packets until the connection state can be determined before any firewall rules are applied to the traffic. Application firewalls go one step further by analyzing the data being transmitted, which allows network traffic to be matched against firewall rules that are specific to individual services or applications. These are also known as proxy-based firewalls. In addition to firewall software, which is available on all modern operating systems, firewall functionality can also be provided by hardware devices, such as routers or firewall appliances. https://c.s-microsoft.com/en-us/CMSImages/firewall-skinny-firewall.jpg?version=30e47166-974a-5dc4-79c8-8693b9af4c1a Encryption The translation of data into a secret code. Encryption is the most effective way to achieve data security. To read an encrypted file, you must have access to a secret key or password that enables you to decrypt it. Unencrypted data is called plain text ; encrypted data is referred to as cipher text. Asymmetric Encryption http://2we26u4fam7n16rz3a44uhbe1bq2.wpengine.netdna-cdn.com/wp-content/uploads/061112_1445_Chapter7The11.jpg Symmetric Encryption https://ckhung.github.io/a/m/13/symmetric-encryption.gif VPN – Virtual Private Network A VPN or Virtual Private Network is a method used to add security and privacy to private and public networks, like WiFi Hotspots and the Internet. http://s.hswstatic.com/gif/vpn-1.gif SSL– Secure Sockets Layer the standard security technology for establishing an encrypted link between a web server and a browser https://www.powersolution.com/wp-content/uploads/2013/04/SSL-flowchart.png References https://www.sans.org/network-security/ http://www.cisco.com/cisco/web/solutions/small_business/resource_center/articles/secure_my_business/what_is_netw ork_security/index.html?referring_site=smartnavRD https://www.techopedia.com/definition/24840/information-systems-security-infosec http://www.webopedia.com/TERM/E/encryption.html https://www.whatismyip.com/what-is-a-vpn/ https://en.wikipedia.org/wiki/Zero-day_(computing) https://www.webroot.com/us/en/home/resources/tips/pc-security/security-what-is-anti-virus-software https://www.techopedia.com/definition/23142/anti-spyware http://www.techradar.com/news/software/applications/best-free-anti-spyware-and-anti-malware-software-1321656 https://www.microsoft.com/en-us/safety/pc-security/firewalls-whatis.aspx https://www.digitalocean.com/community/tutorials/what-is-a-firewall-and-how-does-it-work
Purchase answer to see full attachment