1 IT Security TCS Internal 2 IT Security TCS Internal Information Security means protecting information and information systems from unauthorized access, use, disclosure, disruption, modification, perusal, inspection, recording or destruction. CIA triad (confidentiality, integrity and availability) is one of the core principles of information security. Most of the information is now collected, processed and stored on electronic computers and transmitted across networks to other computers. What is IT Security Why IT Security The value of information Protecting the information Information breaches 3 IT Security TCS Internal CIA Triangle (Confidentiality, Integrity, Availability) Understanding Core Security Principles 4 IT Security TCS Internal Confidentiality : information that should stay secret stays secret and only those persons authorized to access should have provided the access. Allowing anonymous access to sensitive information is poor security measures against confidentiality. Integrity : The prevention of erroneous modification of information Authorized users are probably the biggest cause of errors and omissions and the alteration of data. Storing incorrect data with in the system can be as bad as losing data. Malicious attackers can modify, delete or corrupt info. Availability : The prevention of unauthorized with holding of information and resources. This does not apply just personnel with holding information. Information should be freely available as possible to authorized users. 5 IT Security TCS Internal Physical Security: Video Surveillance Perimeter Fencing and Walls Signs Security Guards Alarm Systems Motion detectors and Intrusion detectors Biometrics 6 IT Security TCS Internal Access Control And Authentication: Any method used to verify a persons identity and protect systems against unauthorized access. It is a preventive measure. Password or PIN Smart card Biometric or Finger print Identification > Authentication Authorization 7 IT Security TCS Internal Attacks and Malicious Codes : Protection against viruses and Malware is a necessary protection for every type of computing device, from portable devices to Server. Computer protection suites that include antivirus, anti-malware, anti-adware, and anti-phishing protection. These programs can use some or all of the following techniques to protect users and systems: Real time protection to block infection. Periodic scans for known and suspected threats Automatic updates on a frequent basis Renewable subscriptions to obtain updated threat signatures. Links to virus and threat encyclopedias 8 IT Security TCS Internal Vulnerability : A vulnerability is a weakness in a system. This one is pretty straight forward because vulnerabilities are commonly labeled as such in advisories and even in the media. When you apply a security patch to a system, youre doing so to address a vulnerability. Threat : A threat is an event, natural or man-made, that can cause damage to your system. Threats include people trying to break into your network to steal information, fires, tornados, floods, social engineering, malicious employees, etc. Anything that can cause damage to your systems is basically a threat to those systems. 9 IT Security TCS Internal Risk : Risk is perhaps the most important of all these definitions since the main mission of information security officers is to manage it. Risk is the chance of something bad happening 10 IT Security TCS Internal Virus : A computer virus is a program capable of continually replicating with little or no user intervention. A virus can also interfere with computer operations by multiplying itself to fill up disk space or randomly access memory space, secretly infecting your computer. Often viruses are disguised as games, images,attachments, website URLs, shared files or links or files in instant messages. The most effective mechanism for combating viruses are installing anti-virus software and keeping the anti-virus signature up-to-date. Anti-Virus : 11 IT Security TCS Internal Malware : Malware is short for malicious software. Malware is a broad term that encompasses computer viruses, worms, Trojan horses, spyware, adware, and others. Malware is designed to interfere with normal computer operation, usually giving hackers a chance to gain access to your computer and collect sensitive personal information. Programs which can combat malware in two ways: Real time protection against the installation of malware software on a computer. Detection and removal of malware already installed onto a computer. Anti-Malware : 12 IT Security TCS Internal Spyware : Spyware is malicious computer program that does exactly what its name implies-i.e., spies on you. After downloading itself onto your computer either through anyou opened, website you visited or a program you downloaded, spyware scans your hard drive for personal information and your internet browsing habits. Some spyware programs contain key loggers that will record personal data you enter in to websites. Some spyware can interfere with your computer's system settings, which can result in a slower internet connection. Use Firewall Update the software with latest patches Protection Install Anti-Spyware Protection Surf and Download safely 13 IT Security TCS Internal Adware : Adware is any software that, once installed on your computer, tracks your internet browsing habits and sends you popups containing advertisements related to the sites and topics you've visited. While this type of software may sound innocent, and even helpful, it consumes and slows down your computer's processor and internet connection speed. Additionally, some adware has keyloggers and spyware built into the program, leading to greater damage to your computer and possible invasion of your private data. Selective in downloads Beware of clickable advertisements Protection 14 IT Security TCS Internal Worm : A worm is a type of virus that spreads through your computer by creating duplicates of itself on other drives, systems and networks. One feature that makes worms so dangerous is that they can send copies of themselves to other computers across a network via, an infected webpage, and instant messages.. 15 IT Security TCS Internal Trojan Horse : A Trojan horse is a program that either pretends to have, or is described as having, a set of useful or desirable features but actually contains damaging code. Generally, you receive Trojan horses thoughs, infected webpages, instant message, or downloading services like games, movies, and apps. True Trojan horses are not technically viruses, since they do not replicate; however, many viruses and worms use Trojan horse tactics to initially infiltrate a system. Although Trojans are not technically viruses, they can be just as destructive. 16 IT Security TCS Internaland Internet: Spam Spoofing Phishing 17 IT Security TCS Internal Unsolicited bulkmessages. the recipient has not granted verifiable permission for the message to be sent the message is sent as part of a larger collection of messages, all having substantially identical content. a message is spam if it is both Unsolicited and Bulk. Spam 18 IT Security TCS Internal Spoof Website A spoof website is one that mimics another website to lure you into disclosing confidential information. To make spoof sites seem legitimate, spoof web sites use the names, logos, graphics and even code of the real company's site. SpoofA spoofhas the "From:" header of the, and possibly other headers as well, set to theaddress of a different sender, to lure the recipient to read and act on the. Spoofing 19 IT Security TCS Internal Phishing (or hoax)s appear to be from a well-known company but can put you at risk. Although they can be difficult to spot, they generally ask you to click a link back to a spoof web site and provide, update or confirm sensitive personal information. To bait you, they may allude to an urgent or threatening condition concerning your account. Even if you don't provide what they ask for, simply clicking the link could subject you to background installations of key logging software or viruses. Phishing 20 IT Security TCS Internal A pharming attack redirects users from the legitimate website they intend to visit and lead them to malicious ones, without the users' knowledge or consent. A malicious site can look exactly the same as the genuine site. But when users enter their login name and password, the information is captured.ed viruses that rewrite local host files on individual PCs, and DNS poising have been used to conduct pharming attacks. Even if the user types the correct web address, the user can be directed to the false, malicious site. Pharming 21 IT Security TCS Internal Install Antivirus Software Updated with latest AV Definitions Stay informed about recent threads Scan all new files with virus-scanning software before opening. Start by running anti-spyware software on a regular basis. Ensure least privilege Protect your computer with a firewall Ensure required security in the browsers Dont install unwanted Active X Controls Best Practices 22 IT Security TCS Internal McAfee Norton Malwarebytes Symantec Avast Major Antivirus Software 23 IT Security TCS Internal Group Policies Least Privilege, Software Installation restrictions, Access and authentications Security Patches through centralized servers Monitoring and Reporting Servers Centralized Antivirus Management Firewall and proxy servers IDS(Intrusion Detection Systems) and IPS(Intrusion Prevention Systems) Filtering and data protection utilities (Ex:RFS, DLP, DES etc) User Access Control and Security in Browsers Network Access Protection Ex: NAC and MAC binding Enterprise Environments 24 IT Security TCS Internal Reference Links https://www.youtube.com/watch?v=6p_q_Xp--Rs https://www.youtube.com/watch?v=ODuH6mtxuo8 https://www.youtube.com/watch?v=y8a3QoTg4VQ https://www.youtube.com/watch?v=_qNd22tijWw 25 Thank you