Using Your Knowledge – Security Threats
description
Transcript of Using Your Knowledge – Security Threats
Using Your Knowledge –Security Threats
Chapter 12 page 491 Q2MGS 3040-03
Group BOmotayo Adeniyi, Micale Baptiste, Robert Kuhl
Claudia Murcia, Deborah Stroud
Consider the 15 categories of threat in Figure 12-1 below Source
Human Error Malicious Activity Natural Disasters
Unauthorized data disclosure
Procedural mistakes
Pretexting PhishingSpoofingSniffing Computer crime
Disclosure during recovery
Problem Incorrect data modification
Procedural mistakes Incorrect procedures Ineffective accounting controlsSystem errors
HackingComputer crime
Incorrect datarecovery
Faulty service Procedural mistakes Development and installation errors
Computer crimeUsurpation
Service improperlyrestored
Denial of Service Accidents DOS attacks Service interruption
Loss of infrastructure
Accidents TheftTerrorist activity
Property loss
Using Your Knowledge
Describe the three most serious threats to each of the following businesses:• Local Workout Studio• Neighborhood accounting firm• Dentist’s office• Honda dealership
The three most serious threats to a local workout studio are:
• Unauthorized data disclosure
o Human Error - when someone inadvertently releases
data in violation of policy
o Computer crime - breaking into networks to steal data such as customer information, or employee's personal information
The three most serious threats to a local workout studio con't
• Incorrect data modification
o System errors - caused by employees when
procedures are followed incorrectly or procedures have been designed incorrectly
• Faulty service - service impropertly restored
Using Your Knowledge
The three most serious threats in a neighborhood accounting firm are:
o Hacker- A person or thing that hacks. Also it’s when a person doesn’t have the authority or official power to have the access to a computer system.
o Viruses- A segment of self- replicating code planted illegally in a computer program, often to damage or shut down a system or network.
o Inside threats Losing client records Theft of client records Unauthorized discussions with third parties about client
information
Using Your Knowledge
What to do about threats: o One of the most important aspects in dealing with internal
threats is through control. You want to control access to only those who should have access. Document control can take several forms:
Using passwords to gain access to network resources as well as within a document in order to maintain security
Using document management software to control access to documents
Using the file security system built into the server operating system to secure documents in folders with access for those users who require access
Using Your Knowledge
Dentist’s office - The three most serious threats
o Procedural mistakes Human error Improper internal control of systems that process financial
datao Computer crime
Hacking - attempts to steal customer datao Denial of service attacks
Inadvertent shutdown of Web server by starting a computationally intensive application
Malicious hacker can flood a Web server with artificial traffic so legitimate traffic can't get through
Using Your Knowledge
Honda dealership -The three most serious threats Unauthorized data disclosure Human Error occuring by human error when someone inadvertently releases data in violation of policy. Loss of infrastructure Accidents human accidents can cause loss of infrastructure
Using Your Knowledge Honda dealership-The three most serious threats Incorrect data Modification Malicious Activity Hacking-Although some people hack for the sheer joy of doing it, others hack for the malicious purpose of stealing or modifying data.
Using Your Knowledge - Security Threats
Chapter 12 Group B
The End!! Thank you for
your time!