security and disaster recover
DESCRIPTION
Security and Disaster Recover. Security Objectives. Balance between effectiveness and difficulty to use Difficult to intrude Detect intrusion Prevent alteration of info. Vulnerabilities. Passwords Records (paper/data) Dial-up Shared Transmission Equipment rooms/closets Remote Access - PowerPoint PPT PresentationTRANSCRIPT
Security and Disaster Recover
Security Objectives
• Balance between effectiveness and difficulty to use
• Difficult to intrude
• Detect intrusion
• Prevent alteration of info
Vulnerabilities
PasswordsRecords (paper/data)
Dial-upShared Transmission
Equipment rooms/closetsRemote Access
Access to DatabasesOthers?
Methods
• Physical– Lock/keys– Terminal/Server locked– Limiting access
• Encryption• Authentication• Log-in Procedures/Passwords• Transaction Audits• Others?
Security Checklist
• Procedures (operational/personnel/emergency)
• Access Control
• Information Control
• Personnel/property safeguards
Abuse
• Internal or external
• Intentional or unintentional
Disaster Recovery
• What is a disaster?– Fire– Flood– Acts of God– Theft– Malicious destruction– Loss of access or data– Compromised data
Disaster Recovery Plan
• Define the particular disaster
• Determine impact ($)
• Develop emergency plan (per disaster)– Immediate actions/responsibilities
• Develop backup plan
• Develop recovery plan