Introduction Security Policy Information Management Password Management Virus, Worms & Trojans E-mail & Internet Usage Security in our Organization
   
Brief  
Objectives  
Introduction  
Security as a process  
Definitions of security  
  Information Security
Security Basics  
Security Technologies  
Networking Basics  
Physical Security  


 
  Information Security  


Information is an asset which, like other important business assets, has value to an organization and consequently needs to be suitably protected. Information security protects information from a wide range of threats in order to ensure- business continuity- minimize business damage - maximize return on investments and business opportunities.

Information can exist in many forms. It can be printed or written on paper, stored electronically, transmitted by post or using electronic means, shown on films, or spoken in conversation.

In a network, there is a requirement to protect all forms of organizational assets / resources, which include:

  • Computers
  • Internet Access
  • Paper Files
  • Electronic Files
  • Email
  • Fax Machines
  • CDs and Floppy Diskettes
  • Printers
  • Laptops
When we talk about Security of an organization, it is important to secure all the above-mentioned assets. We need to identify ways and means to secure our information and IT assets.

Examples of Attack

E-commerce Attack of February 6, 2000 1
One of the most spectacular attacks to date is the Denial of Service attack in February 2000. A denial of service attack is when legitimate users of a resource, in this case web sites, are unable to access the resource due to malicious traffic. Sites attacked included Microsoft, E*Trade, EBay, Amazon & Yahoo! Though the true loss of these attacks can never be measured, it was estimated to be around $5-10 billion USD. Though the true loss of these attacks cann be measured.

A company in BPO sector in India
Recently a company in BPO sector in India was in the news because some of its employees were traced and arrested for pilfering credit cards of customers of a US bank.

Klez Virus (worm) 2
More recent the e-commerce attacks or the I LOVE YOU virus is the "klez virus". This virus has now had approximately 30 different variants produced from the original. All are equally dangerous. Many people who contacted this virus had to wipe out their systems and completely reinstall their programs. This virus uses a random subject line, adds a fake From:line, infects .exe (executable) files, executes automatically and also attempts to corrupt the anti-virus software. This virus has affected over 5 million computers worldwide since April 20023.

References And Credits:
1 - http://www.sans.org/dosstep/ - The SANS™ Institute
2 - http://www.cert.org/advisories/index.html - CERT® is a registered service mark of Carnegie Mellon University
3 - http://www.governmentsecurity.org/archive/t5660.html - Government Security
   
 
Security Awareness Program Disclaimer