Scribd Logo
Carica

Benvenuto in Scribd!

  • It Security

    Caricato da

    verarvind
    35 visualizzazioni32 pagine
    security

    Copyright

    © © All Rights Reserved

    Formati disponibili

    PDF, TXT o leggi online da Scribd

    Hai trovato utile questo documento?

    Questo contenuto è inappropriato?

    Segnala questo documento
    security

    Copyright:

    © All Rights Reserved
    Scarica in formato PDF, TXT o leggi online su Scribd
    Segnala contenuti inappropriati
    35 visualizzazioni32 pagine

    It Security

    Caricato da

    verarvind
    security

    Copyright:

    © All Rights Reserved
    Scarica in formato PDF, TXT o leggi online su Scribd
    Segnala contenuti inappropriati
    di 32

    E3-E4 CFA

    IT Security

    For BSNL internal circulation only

    Information Sensitivity
    Information is the most important asset of corporate
    wealth
    Quality information is hard to acquire and easy to
    lose.
    Information Nature : Easy to move and easy to alter
    and this aspect has added insecurity dimension to
    information.
    For BSNL internal circulation only

    Information Security
    Vital if Information is on Network
    Means to achieve security may be technical, the
    goals are economical
    The loss of information can adversely affect the
    business continuity and even the image of the
    company

    For BSNL internal circulation only

    What is Information Security


    ISO 17799:2000 defines this as the preservation of:
    Confidentiality
    Ensuring that information is accessible only to those
    authorized to have access

    Integrity
    Safeguarding the accuracy and completeness of
    information and processing methods

    Availability
    Ensuring that authorized users have access to information
    and associated assets when required
    For BSNL internal circulation only

    How to Secure Information?


    It involves
    The security at all levels viz.
    Network
    OS
    Application
    Data

    For BSNL internal circulation only

    Security Attacks
    Who is Attacker/Hacker?
    Internal
    External

    For BSNL internal circulation only

    Hacking is not difficult


    Attack tools are available
    Ready made exploits
    Attack Tools (e.g.)
    Port Scanners (Fport, Hping2 ..)
    Vulnerability Scanners (Retina)
    Password Crackers (John the Ripper..)

    For BSNL internal circulation only

    Indications of Infection
    Attack tools are available
    Poor System Performance
    Abnormal System Behavior
    Unknown Services are running
    Crashing of Applications
    Change in file extension or contents
    Hard Disk is Busy
    For BSNL internal circulation only

    Security Incidents - Reasons

    Malware (Malicious Codes)


    Known Vulnerabilities
    Configuration Errors

    For BSNL internal circulation only

    Various Malicious Codes

    Virus
    Worms
    Trojan Horses
    Bots
    Key Loggers
    Adware and Spyware
    For BSNL internal circulation only

    Some known Vulnerability


    Patch: MS03-026
    Jul. 16, 2003

    Aug. 11, 2003

    MSBlaster.A

    Window
    26 days

    Patch: MS02-039
    Jul. 24, 2002

    Jan. 25, 2003

    Slammer

    185 days
    Patch: MS00-078
    Oct.17, 2000

    Sept. 18, 2001


    336 days

    Nimda
    Window of time from patch availability to outbreak is shrinking

    For BSNL internal circulation only

    Vulnerable Configurations

    Default Accounts
    Default Passwords
    Un-necessary Services
    Remote Access
    Logging and Audit Disabled
    Access Controls on Files
    For BSNL internal circulation only

    Information Security Management

    Start With a Focused Methodology


    Evaluate the Organization's IT Infrastructure
    Explore Departmental and IT Controls
    Identify Gaps and Establish Controls

    For BSNL internal circulation only

    Vulnerability Management
    Lifecycle

    For BSNL internal circulation only

    Create Usage Policy Statements


    Start With a Focused Methodology
    Outline Users Roles and Responsibilities
    Identify specific actions that can result in punitive
    actions;
    Outline Partner Use Statement
    Outline Administrator Use Statement

    For BSNL internal circulation only

    Conduct A Risk Analysis


    Identify Risk to Network, Network Resources and Data.
    Identify Portions of the Network, Assign a threat rating to
    each portion and apply appropriate level of security.
    Assign each network resource Low, Medium or High
    Risk Level
    Identify the types of Users for each resource

    For BSNL internal circulation only

    Monitoring Security of Network


    Monitor for any changes in Configuration of High risk
    Devices
    Monitor Failed Login Attempts
    Unusual Traffic
    Changes to the Firewall Configuration
    Connection setups through Firewalls
    Monitor Server Logs

    For BSNL internal circulation only

    Approach to Info Security:


    Defense in Depth

    For BSNL internal circulation only

    How to Secure Information?

    Application
    N/W
    RDBMS
    NOS
    Clients/Users

    Server
    For BSNL internal circulation only

    Defensive Measure - OS
    Firewalls are used for Perimeter Defence
    Using Firewall Access Control Policy is Implemented.
    It controls all internal and external traffic.

    For BSNL internal circulation only

    Perimeter Defence
    Firewalls are used for Perimeter Defence
    Keep up-to-date Security Patches and update releases
    for OS
    Install up-to-date Antivirus Software
    Harden OS by turning off unnecessary clients, Services
    and features

    For BSNL internal circulation only

    Defensive Measure
    User Application
    Keep up-to-date Security Patches and update releases
    for Application Package
    Dont Install Programs of unknown origin
    Precautions with Emails
    Protection from Phishing attacks
    Securing Web Browsers

    For BSNL internal circulation only

    Database Security Aspects


    User Management
    Password Management
    Managing Allocation of Resources to Users
    Backup and Recovery
    Auditing

    For BSNL internal circulation only

    Password Management

    Password
    history

    Account
    locking

    User

    Setting up
    profiles

    Password
    expiration
    and aging

    Password
    verification

    For BSNL internal circulation only

    Setting Resource Limits


    Number of Concurrent Sessions
    Elapsed Connect Time
    Period of Inactive Time
    Total CPU time
    Number of Datablocks

    For BSNL internal circulation only

    Backup and Recovery Issues


    Protect the database from numerous types of
    failures
    Increase Mean-Time-Between_Failures (MTBF)
    Decrease Mean-Time-To-Recover
    Minimize Data Loss

    For BSNL internal circulation only

    Auditing
    Auditing is the monitoring of selected user data
    base actions and is used to :Investigate suspicious database activity
    Manage your audit trail
    Monitor the growth of the audit trail
    Protect the audit trail from unauthorized access

    For BSNL internal circulation only

    Summary of Action Plan


    Secure Physical Access
    Remove Unnecessary Services
    Secure Perimeter
    Proper Network Administration
    Apply Patches in Time
    Antivirus Software
    Data Backup
    Encrypt Sensitive Data
    Install IDS
    Proper Monitoring

    For BSNL internal circulation only

    BSNL Information Security Policy


    BSNL has formulated its Information Security Policy
    and circulated for its implementation during
    December 2008. The BISP consists of two sections:
    Section A
    This provides the directives and policies that would
    be followed in ICT facilities within BSNL to provide
    secure computing environment for BSNL
    employees and business to run. The policies are
    formulated around 11 domains of security. These
    are:

    For BSNL internal circulation only

    BSNL Information Security Policy


    Section A
    Information Classification and Control
    Physical and Environmental Security
    Personnel Security
    Logical Access Control
    Computing Environment Management
    Network Security
    Internet Security
    System Development and Maintenance
    Business Continuity Planning
    Compliance
    Third Party and Outsourcing Services
    For BSNL internal circulation only

    BSNL Information Security Policy


    Section B
    This provides the technical solution support to the
    policies mentioned within the policy document. It is
    intended to allow policy makers and architects
    within BSNL to prepare solutions around the
    various security requirements as proposed in
    Section A.
    All BSNL employees are to implement BISP and
    Violation of these Policy Standards may result in
    immediate disciplinary action.
    For BSNL internal circulation only

    For BSNL internal circulation only

    Potrebbero piacerti anche