It Security Procedures and Guidelines: Adrija Sen
It Security Procedures and Guidelines: Adrija Sen
ADRIJA SEN
INTRODUCTION
Major advantage of computer data storage. All data and information stored. Minimizes paper work. Networking of branches and banks provide service through internet or mobile. Expose the data across the globe. Serious problem relating to data integrity and security.
THREATS
Accidental damages (beyond ones control) Environmental hazards, Errors and Omissions. Malicious damages (more serious nature)
Most common cause to computer installations, equipment and data. ENVIRONMENTAL HAZARDS Spikes in power and improper grounding (earthing). Excessive humidity, water seepage and the floods. Radio transmissions affecting data transmissions. ERRORS AND OMISSIONS System design and process development. Program maintenance and while carrying out correction procedures. Data entry at the time of terminal operations.
ACCIDENTAL DAMAGES
MALICIOUS DAMAGES
A computerized environment provides a number of new opportunities for fraudsters. Primarily due to the ease with which fraudsters can hide their actions on computer systems From disgruntled employees who wish to disrupt the service From individuals with wrong intentions to use technology for perpetration fraud for financial gains.
Interruption in banking services. Services get affected immediately - links to automated teller machines, POS or other electronic networks are brought down. Insufficient processing capacity to cope with the additional load. Lead to suspension of the banking facility unless adequate contingency plans have been specified and tested beforehand. Consequential cost of serious system failure exceeds cost of replacing damaged equipment, data or software. Loss of time.
Securities Fraud
Special program - utility program used to make unauthorized changes to computerized records that bypass the normal control facilities built into the computer systems. Unauthorized manipulation to programs or data that bypasses password is to remove the relevant files from primary location, transport these to another computer and returned after manipulation. Unauthorized amendments made to the payment instructions prior to their entry into the computer system. Unauthorized changes to programs made during routine development or maintenance which cause program to generate accounts or remove records of transaction.
Securities fraud
A practice that induces investors to make purchase or sale decisions on the basis of false information, frequently resulting in losses, in violation of the securities laws.
Theft of financial resources from organization, suppliers or customers
Network Security
Network:A network'' has been defined as any set of interlinking lines resembling a net, a network of roads parallel and interconnected system, a computer network is simply a system of interconnected computers.
Network Security:Controlling system to prevent any accidental and/or intentional data loss.
Hackers:-
It is a term used by some to mean "a clever programmer" and by others, especially those in popular media, to mean "someone who tries to break into computer systems."
Cryptography
Antivirus
Firewall
Antivirus
Anti-virus is the name given to software that detects and removes viruses from messages. By removing viruses at the email server, all internal mail clients are protected AND all customers are protected from receiving viruses too.
Firewalls
A system designed to prevent unauthorized access to or from a private network. Firewalls can be implemented in both Hardware and Software, or a combination of both. Firewalls are frequently used to prevent unauthorized Internet users from accessing private networks connected to the Internet, especially Intranet. All messages entering or leaving the intranet pass through the firewall, which examines each message and blocks those that do not meet the specified Security criteria.
Advantages
1. 2. 3. 4. 5. Network security safeguard our data from.. Hackers Unauthorized access Viruses Network security makes our system Robust Network security makes the system Reliable
Plain text
Cypher text
CRYPTOGRAPHY
Ciphertext
Internet
Plaintext
Encrypt
Decrypt
Plaintext
K
User
K
Server
KEY series of characters which is fabricated carefully using numerical values to encode a message. can be read by person in possession of that key or any other related key. This type of cryptography is very powerful and uses public keys. KEY SECRECY Public key code are not the secrecy issues. Private key must be secret and not shared with anyone. Private key compromised security is threatened.
COMPUTER SECURITY
COMPUTER SECURITY
Physical Security
Logical Security
Network Security
Biometric Security
Intrusion prevention locking, guarding Intrusion detection Disturbance sensors Barrier detectors Buried line detectors Surveillance Document security Power protection Water protection Fire protection Contingency planning
PHYSICAL SECURITY
Make complete and detailed inventory of all hardware and equipment. Make use of alarm systems to prevent equipment being stolen. Regularly take backup of all software, data and databases on a backup media. Keep the backup in secure and protected place. Encrypt confidential data/information. Entry in office premises should be restricted Proper systems for identification of outsiders in the premises.
DOCUMENT SECURITY
Prepare inventory of all important records. Identify persons responsible for different types of records. Classify and store the records which are vital to the bank. Dispose off all those records which are not required. Transfer all important records to safe storage media. Hard copies should be secured in plastic containers.
LOGICAL SECURITY
Related with software access control. Software resources and applications require to be protected. Barrier to be maintained between the users and software resources. Access control to resources is based on 2 levels:Authorization Authentication of authorized person. Data Base Administrator (DBA) provides rights to different types of users to access particular software. Authentication Process of verification of identity of user who is going to login into the system.
Some computer systems provide special levels of security. Multi-access control involved at User level Only authorized user can enter the program Terminal level If user knows password of the system itself, he/she can go further. Menu level If the user knows the password for reaching next level he can go further. File level If the user knows the password to manipulate file, only he/she can do so Application level If the user knows the password for running the application, only he/she can do so
Internal access control Involve particular information like date, time, identification of user, etc. Limiting the number of unsuccessful attempt System gets locked when wrong password is entered for specific number of times. Limiting audit trail Back up is created itself and even the access situations can be known. Limiting access of the users to directories Access of users limited only to particular directories or subdirectories or files and packages. Encryption of data and files Can be opened only through symmetric and asymmetric key.
Data and resources are shared on LAN. Network requires great deal of security from intruders. Physical intrusion When intruders has physical access to nodes. - Can use computer to get the network. - Can remove peripherals from system - From one system, data can be sent to another system in unauthorized manner. System intrusion Intruder is a person, has some rights to use user account. - If no proper checks in system, intruder may enter different packages to gain administrative advantages for which he is not authorised.
NETWORK SECURITY
Remote intrusion When intruder tries to penetrate a system from remote location across the network Hacking.
BIOMETRIC SECURITY
Technique to measure physical characteristics which is capable of verifying the identity of an individual Two types:Physiological More reliable Behavioural
Physiological Technology involves Finger or Hand Pattern Recognition Highest level of identification; mature and reliable technology Voice recognition Pattern of pronouncing words; frequency characterisation and mannerism taken into account in these techniques. Iris Recognition Freshly taken video picture of iris is compared with stored template. Behavioural Technology Signature recognition
THANK YOU