tailieunhanh - Lecture Business driven technology (Business plug-in): Chapter 6 - Paige Baltzan, Amy Phillips

Chapter 6 - Information security. In this chapter students will be able to: Describe the relationship between information security policies and an information security plan; summarize the five steps to creating an information security plan; provide an example of each of the three primary security areas: (1) authentication and authorization, (2) prevention and resistance, and (3) detection and response; describe the relationships and differences between hackers and viruses. | BUSINESS PLUG-IN B6 Information Security LEARNING OUTCOMES Describe the relationship between information security policies and an information security plan Summarize the five steps to creating an information security plan Provide an example of each of the three primary security areas: (1) authentication and authorization, (2) prevention and resistance, and (3) detection and response Describe the relationships and differences between hackers and viruses INTRODUCTION Information security – a broad term encompassing the protection of information from accidental or intentional misuse by persons inside or outside an organization This plug-in discusses how organizations can implement information security lines of defense through people first and technology second The First Line of Defense - People The biggest issue surrounding information security is not a technical issue, but a people issue 38% of security incidents originate within the organization Insiders Social engineering | BUSINESS PLUG-IN B6 Information Security LEARNING OUTCOMES Describe the relationship between information security policies and an information security plan Summarize the five steps to creating an information security plan Provide an example of each of the three primary security areas: (1) authentication and authorization, (2) prevention and resistance, and (3) detection and response Describe the relationships and differences between hackers and viruses INTRODUCTION Information security – a broad term encompassing the protection of information from accidental or intentional misuse by persons inside or outside an organization This plug-in discusses how organizations can implement information security lines of defense through people first and technology second The First Line of Defense - People The biggest issue surrounding information security is not a technical issue, but a people issue 38% of security incidents originate within the organization Insiders Social engineering The First Line of Defense - People The first line of defense an organization should follow to help combat insider issues is to develop information security policies and an information security plan Information security policies – identify the rules required to maintain information security Information security plan – details how an organization will implement the information security policies The First Line of Defense - People Five steps to creating an information security plan Develop the information security policies Communicate the information security policies Identify critical information assets and risks Test and reevaluate risks Obtain stakeholder support The First Line of Defense - People The Second Line of Defense - Technology Three primary information security areas Authentication and authorization Prevention and resistance Detection and response AUTHENTICATION AND AUTHORIZATION Authentication – a method for confirming users’ identities Authorization – the

• Quản trị kinh doanh
• Business driven technology
• Lecture Business driven technology
• Technology plug in
• Business plug ins
• Information security
• Information security policies
• Business process
• Business process improvement
• Mobile technology
• Personal digital assistants
• Business basics
• Financial statement
• Business intelligence
• Data mining
• Global information systems
• Cultural business challenges
• Creating strong passwords
• Monitor your accounts
• Creating conditional formatting
• Using autofilter
• Goal Seek Command
• Decision making using excel
• Designing database applications
• Database management system
• Microsoft Access
• New blank database
• Simple query wizard
• Advanced queries
• Form wizard in access
• Report wizard
• Designing web pages
• World wide web
• Hypertext Markup Language
• Improving readability
• Navigating in dreamweaver
• Dreamweaver setup
• Gantt chart
• Creating gantt charts with excel
• Central processing unit
• Primary storage
• Enterprise architectures
• Disaster recovery
• Network basics
• Server network
• Information privacy policy
• Ethical computer use policy
• Supply chain management
• Supply chain drivers
• Customer relationship management
• Operational CRM
• Enterprise resource management
• Core ERP component
• Ebusiness model
• Accessing internet information