Information systems are vulnerable to destruction, error, and abuse due to several factors: malicious software like viruses, hackers and computer crimes, and internal threats from employees. Securing information systems through controls, policies, risk assessment, disaster recovery planning, and auditing is important for business. Key tools for protection include identity management, firewalls, intrusion detection, encryption, and ensuring system availability and software quality.
Information systems are vulnerable to destruction, error, and abuse due to several factors: malicious software like viruses, hackers and computer crimes, and internal threats from employees. Securing information systems through controls, policies, risk assessment, disaster recovery planning, and auditing is important for business. Key tools for protection include identity management, firewalls, intrusion detection, encryption, and ensuring system availability and software quality.
Information systems are vulnerable to destruction, error, and abuse due to several factors: malicious software like viruses, hackers and computer crimes, and internal threats from employees. Securing information systems through controls, policies, risk assessment, disaster recovery planning, and auditing is important for business. Key tools for protection include identity management, firewalls, intrusion detection, encryption, and ensuring system availability and software quality.
Information systems are vulnerable to destruction, error, and abuse due to several factors: malicious software like viruses, hackers and computer crimes, and internal threats from employees. Securing information systems through controls, policies, risk assessment, disaster recovery planning, and auditing is important for business. Key tools for protection include identity management, firewalls, intrusion detection, encryption, and ensuring system availability and software quality.
Download as PPTX, PDF, TXT or read online from Scribd
Download as pptx, pdf, or txt
You are on page 1/ 25
SECURING
INFORMATION SYSTEM
Rahayu Iga Mawardi
Velia Monica Chetrin Desti Ekowati WHY ARE INFORMATION SYSTEMS VULNERABLE TO DESTRUCTION, ERROR, AND ABUSE
Without a firewall and Computer not be able Security and control
antivirus software to run business a top priority WHY SYSTEMS ARE VULNERABLE MALICIOUS SOFTWARE Bila suatu organisasi pemakai menggunakan suatu organisasi jasa, transaksi yang berdampak terhadap laporan keuangan organisasi pemakai dipengaruhi oleh pengendalian yang, paling tidak, secara fisik dan operasional terpisah dari organisasi pemakai. Kaitan antara pengendalian organisasi jasa dengan pengendalian organisasi pemakai terutama tergantung pada sifat jasa yang disediakan oleh organisasi jasa tersebut.
Example of malicious code in table 8.1
Cyberterrorism and Spoofing and Cyberwarface Sniffer 1
6 2 Denial-of- Click Fraud HACKERS Service Attacks AND COMPUTER SRIME 5 3 Identity Theft Computer Crime
4 Studies have found that user lack of knowledge is the single greatest cause of network security breaches.
Rekayasa Sosial (Social
Engineering) Malicious intruders seeking system access sometimes trick employees into revealing their passwords by pretending to be legitimate members of the company in need of information.
INTERNAL THREATS: EMPLOYEES
THE BUSINESS VA L U E O F SECURITY AND CONTROL THE COMPONENTS OF AN OR GA N I Z AT I ON A L F R A M E W OR K INFORMATION FOR SECURITY AND CONTROL SYTEM CONTROLS 1 Information system control are both manual and automated and consist of general and appliciation controls
2 RISK ASSESSMENT
Determines the level of risk to the firm if a
specific activity of process in not properly controlled
SECURITY POLICY 3 Consists of statements rangking infromation risks, identifying acceptable security goals, and identifying the mechanisms for achieving these goals DISASTER RECOVERY 4 PLANNING AND BUSINESS CONTINUITY PLANNING
THE ROLE OF AUDITING 5
An information systems audit examines the
firms overall security environment as well as control governing individual information system. The Most Important Tools and Technologies for Safeguarding Information Resources
Identity Management and Encryption and Public Key
1 Authentication 4 Infrastructure
Firewalls, Intrusion Detection
2 Systems, and Antivirus Software 5 Ensuring System Availability
3 IMPLEMENTATION FOR ENCRYPTION Ensuring System Availability
Online Transaction Processing Fault-tolerant Computer System
Hardware Software Power Supply Components Create environment Provide continuous, uninteruppted service Ensuring Software Quality Employing Software Metrics
Software Testing 1. What is a botnet ? A botnet is a network of autonomous malicious software agents that are under the control of a bot commander. 4. Describe some of the w eakness exploited by malw are
Weaknesses in human nature Internet Vulnerabilities
4 1
The level of sophistication 3 2 Technical weakness THANK YOU!
