Escolar Documentos
Profissional Documentos
Cultura Documentos
A Connected World
Today, More people have access to the Internet than EVER before:
World Population = 2,405,518,376 (34.3 %) North America = 273,785,413 (78.6%) Teens Online 95%
(InternetWorldStats.com/Stats.htm)
(PewInternet.org)
Our emerging youth will present a much greater risk due to their perception of open source life and living within Notopia - a boundary-less world filled with eroded ethics and principles.
Due to the loss of boundaries, the online world is remodeling concepts of legality, right/wrong, and Private/Confidential materials. As the Digital babies mature, the need to increase security will follow with them
It is the responsibility of the organization that collects, stores, and disseminates confidential data to maintain both its security and availability to those persons it was collected for.
By requiring security, there is an inference to an amount of value this data represents to the agency or person(s) the data concerns
Given value, data now has a proportionate level of risk if it is lost, stolen, or misused.
Law Enforcement
Criminal data is held within the National Crime Information Centers (NCIC) at their Criminal Justice Information Services Division (CJIS) in West Virginia These agencies may choose to further restrict access and broaden the range of what is considered Confidential data (barring FOIA request in some cases and even then are still
responsible for preventing sensitive information from leaking)
Confidential Data
Craft fitting policies & SOPs to provide clear directives for personnel to handle and Protect the valuable data Routinely review their policies and SOPs to insure that they evolve along with risks Track infractions to model corrective training and provide risk data
Physical Security
Primary means of preventing access to workstations, servers, teletypes, fax machines, printers, and other monitoring devices
All access points must be locked to prevent noncleared personnel from access or viewing sensitive/confidential data
Technology - Hardware
Limit outside access from both Internet and local networks without clearance by using:
Firewalls limit network communications based on network protocols, activity, ports, and types of communication MPLS Can be used to connect geographically separate locations, intelligently route network packets, create VPNs to encapsulate data
Encryption Levels (AES [128 -256] Advanced Encryption Standard) and other advancing encryption schemes
Authentication
Domain Level
Dual Authentication
Primary
Secondary
Serves as bound medium to facilitate security measures while reducing user's burden of extra passwords
Encryption
By itself, may be weak use in conjunction with the previous devices mentioned
Hardware
Frees up computing resources and increases speed Increased up-front costs Ease of implementation as needed Decreased Cost Decreased speeds and increased CPU strain Whole drives/arrays Folders Files
Software
Implementations
Hardware
Can be less expensive financially Decreases overall network performance, while minimally affecting workstation resources and speed
Software
Best use scenario includes centralized updates and configurations via Group Policies Can be configured at workstation level for specialized projects May cause interference with applications and websites
Wetware- Humans
Social Engineering
Social Engineering
Various government organizations still use placards to keep the mindset of their personnel on guard against mindhackers
Confirm knowledge of SOPs, protocols, and personnel Identification and access rights
Never discuss sensitive information concerning security infrastructures and their access data
Pressure Testing
Who are responsible for each measure, and can they quickly implement their tasks In case of Loss or Intrusion, review who needs to be notified
Invite Certified Security Personnel to assess your organizations security measures used to protect the Confidential Data
Methods of Testing
Intrusion Testing
Check Logs
Often Forgotten
Patches
Updates
Security Forums/Groups