Information Systems
Program
Security
Information Systems in Business
James Lee
Security
confidentiality, integrity, and availability for all components of computer systems
Information Systems Security
Network Security
Threats of Network Security
Safeguards of Network Security
Firewall
Encryption
VPN – Virtual Private Network
SSL – Secure Sockets Layer
Information Systems Security
the processes and methodologies involved with keeping information confidential, available, and assuring
its integrity
• Access controls, which prevent unauthorized personnel from
entering or accessing a system.
• Protecting information no matter where that information is, i.e. in
transit (such as in an email) or in a storage area.
• The detection and remediation of security breaches, as well as
documenting those events.
Network Security
Network Security is the process of taking physical
and software preventative
measures to protect the underlying networking infrastructure from unauthorized access, misuse,
malfunction, modification, destruction, or improper disclosure, thereby creating a secure platform for
computers, users and programs to perform their permitted critical functions within a secure
environment.
With network security in place, (1) organizations are protected against
business
disruption, which helps keep employees productive. (2) Network security helps your company
meet mandatory regulatory compliance. Because network security helps protect your
customers' data, it reduces the risk of legal action from data theft. Ultimately, (3) network security
helps protect a business's reputation, which is one of its most important assets.
Threats of Network Security
Many network security threats today are spread over the Internet. The most common include:
•
•
•
•
•
•
•
Viruses, worms, and Trojan horses
Spyware and adware
Zero-day attacks, also called zero-hour attacks
Hacker attacks
Denial of service attacks
Data interception and theft
Identity theft
https://blackmoreops.com/wp-content/uploads/2015/10/Free-DOS-Attack-Tools-DoS-attack-blackMORE-Ops.jpg
Safeguards of Network Security
• Anti-virus - a program or set of programs that are designed to prevent, search for, detect, and
remove software viruses, and other malicious software like worms, trojans, adware, and more
• Anti-spyware - a type of malware that is installed on a computer without the user's knowledge
in order to collect information about them
• Intrusion prevention systems (IPS), to identify fast-spreading threats, such as zero-day
or zero-hour attacks (A zero-day (also known as zero-hour or 0-day or day zero) vulnerability is
an undisclosed computer-software vulnerability that hackers can exploit to adversely affect
computer programs, data, additional computers or a network.)
• Firewall, to block unauthorized access to your network
• Virtual Private Networks (VPNs), to provide secure remote access
The Best Free Anit-virus & Anti-spyware Software:
BitDefender Antivirus, Panda Antivirus, AVG Anti-Virus, Ad-Aware Anti-Virus, MalwareBytes AntiMalware, SpyBot Search and Destroy, Avast Antivirus, Emsisoft Emergency Kit, HijackThis,
SUPERAntiSpyware
Firewall
A firewall is a software program or piece of hardware that helps screen out hackers, viruses, and worms that try to reach
your computer over the Internet.
Packet filtering, or stateless firewalls work by inspecting individual
packets in isolation. As such, they are unaware of connection state and can only allow or
deny packets based on individual packet headers.
Stateful firewalls are able to determine the connection state of packets, which
makes them much more flexible than stateless firewalls. They work by collecting related
packets until the connection state can be determined before any firewall rules are
applied to the traffic.
Application firewalls go one step further by analyzing the data being transmitted,
which allows network traffic to be matched against firewall rules that are specific to
individual services or applications. These are also known as proxy-based firewalls.
In addition to firewall software, which is available on all modern operating systems,
firewall functionality can also be provided by hardware devices, such as routers or
firewall appliances.
https://c.s-microsoft.com/en-us/CMSImages/firewall-skinny-firewall.jpg?version=30e47166-974a-5dc4-79c8-8693b9af4c1a
Encryption
The translation of data into a secret code. Encryption is the most effective way to achieve data security. To
read an encrypted file, you must have access to a secret key or password that enables you to decrypt it.
Unencrypted data is called plain text ; encrypted data is referred to as cipher text.
Asymmetric Encryption
http://2we26u4fam7n16rz3a44uhbe1bq2.wpengine.netdna-cdn.com/wp-content/uploads/061112_1445_Chapter7The11.jpg
Symmetric Encryption
https://ckhung.github.io/a/m/13/symmetric-encryption.gif
VPN – Virtual Private Network
A VPN or Virtual Private Network is a method used to add security and privacy to private and public
networks, like WiFi Hotspots and the Internet.
http://s.hswstatic.com/gif/vpn-1.gif
SSL– Secure Sockets Layer
the standard security technology for establishing an encrypted link between a web server and a browser
https://www.powersolution.com/wp-content/uploads/2013/04/SSL-flowchart.png
References
https://www.sans.org/network-security/
http://www.cisco.com/cisco/web/solutions/small_business/resource_center/articles/secure_my_business/what_is_netw
ork_security/index.html?referring_site=smartnavRD
https://www.techopedia.com/definition/24840/information-systems-security-infosec
http://www.webopedia.com/TERM/E/encryption.html
https://www.whatismyip.com/what-is-a-vpn/
https://en.wikipedia.org/wiki/Zero-day_(computing)
https://www.webroot.com/us/en/home/resources/tips/pc-security/security-what-is-anti-virus-software
https://www.techopedia.com/definition/23142/anti-spyware
http://www.techradar.com/news/software/applications/best-free-anti-spyware-and-anti-malware-software-1321656
https://www.microsoft.com/en-us/safety/pc-security/firewalls-whatis.aspx
https://www.digitalocean.com/community/tutorials/what-is-a-firewall-and-how-does-it-work
Purchase answer to see full
attachment