| |
|
|
|
|
|
Error processing SSI file |
|
|
Posting on the Internet or Bulletin Board(s) anonymously, pseudonymously, or giving a completely false name/address/telephone with intent to deceive. This is a controversial activity, generating much discussion amongst those who maintain the net sites. There are two cases in which problems can be caused for organizations:-
In either case, if such posts are abusive, or otherwise intended to stir up an argument, the likely result is a Flame Attack, or Mail Bombing. As part of an Information Security Risk Assessment, you should identify the threats to your Business Assets and the impact such threats could have, if the threat resulted in a genuine incident. Such analysis should quantify the value of the Business Assets being protected to decide on the appropriate level of safeguards. Incident
Response A penetration of the system by an unauthorized source. Similar to an Intrusion, the primary difference is that Incursions are classed as 'Hostile'. An Information Asset is a definable piece of information, stored in any manner which is recognized as 'valuable' to the organization. The information which comprises an Information Asset, may be little more than a prospect name and address file; or it may be the plans for the release of the latest in a range of products to compete with competitors. Irrespective, the nature of the information assets themselves, they all have one or more of the following characteristics :
It is the purpose of Information Security to identify the threats against, the risks and the associated potential damage to, and the safeguarding of Information Assets. Information Security Policy Information Security Policy is an organizational document usually ratified by senior management and distributed throughout an organization to anyone with access rights to the organization's IT systems or information resources.
The computer systems and information sources used by an organization to support its day to day operations. An Information User is the person responsible for viewing / amending / updating the content of the information assets. This can be any user of the information in the inventory created by the Information Owner. Information Warfare / Infowar Also Cyberwar and Netwar. Infowar is the use of information and information systems as weapons in a conflict in which the information and information systems themselves are the targets. Infowar has been divided into three classes:
Most organizations will not need to be concerned over classes I and III, but clearly Class II is relevant to any organization wishing to protect its confidential information. Integrity International Organization for Standardization - ISO The International Organization for Standardization is a group of standards bodies from approximately 130 countries whose aim is to establish, promote and manage standards to facilitating the international exchange of goods and services. The term 'ISO' is not an acronym for the IOS, it is a word derived from the Greek word 'isos' which means 'equal', which is the root of the prefix 'iso-'. For example the word isobar links together areas of equal atmospheric pressure. The Internet is made up of computers in more than 100 countries covering commerical, academic, and government endeavors. Originally developed for the US military, the Internet has become widely used for academic and commerical research. Users have access to unpublished data and journals on a huge variety of subjects. Today, the Internet has become commericalized into a worldwide information highway, providing access to information on every subject known to humankind. Internet Service Provider - ISP An Internet Service Provider - commonly referred to as an 'ISP', is a company which provides individuals and organizations with access to the Internet, plus a range of standard services such as e-mail and the hosting (running) of personal and corporate Web sites. The larger ISPs will offer a range of access methods including telephone, leased line, ISDN or the newer DSL (ADSL) circuits and will be connected to 'backbone' high speed digital circuits which form the Internet itself. ISPs usually charge a tariff for their services although income can be derived from various sources of advertising and portal activities.Occasionally an ISP are referred to as IAP - an Internet Access provider. Human input in response to a request by the system while it is 'on hold'. Interventions can be expected or unexpected, for example, providing a higher level password for authorization, or responding to an error message indicating a fault, e.g. 'Printer Error: cannot print to LPT3, user intervention required'. A log of unexpected interventions should be maintained and reviewed at intervals to check if a pattern is developing with a particular program, user, or piece of equipment, which may require some repair, fix, or other corrective action. A Local Area Network within an organization, which is designed to look like, and work in the same way as, the Internet. Intranets are essentially private networks, and are not accessible to the public. Intrusion The IT equivalent of trespassing. An uninvited and unwelcome entry into a system by an unauthorized source. While Incursions are always seen as Hostile, Intrusions may well be innocent, having occurred in error. Strong ID and password systems can minimize intrusions. A security management system that gathers and analyzes information from various areas within a computer or a network to identify possible security breaches, which include both intrusions (attack from outside the organization) and misuse (attacks from within the organization). The IP Address or 'Internet Protocol' is the numeric address that guides all Internet traffic, such as e-mail and Web traffic, to its destination. The IP address is 'under the hood' and is derived from its domain name, which is mapped to the IP Address through the Domain Name Service. Integrated Services Digital Network. Provides for point to point data transmission at 128K bps. ISDN users must connect to a host, which is also capable of ISDN connection using an adaptor. The reliability of ISDN is not questioned, however, it is relatively expensive and is being eclipsed by the recent growth in broadband Digital Subscriber Line (DSL) technology. -------------------------------- |
 |
Error processing SSI file |
 |
|
|
 |
|