information security in organizations ana helena da silva, mci12017 cristiana coelho, mci12013
TRANSCRIPT
![Page 1: INFORMATION SECURITY IN ORGANIZATIONS Ana Helena da Silva, MCI12017 Cristiana Coelho, MCI12013](https://reader035.vdocuments.mx/reader035/viewer/2022062512/552fc181497959413d8f3d23/html5/thumbnails/1.jpg)
INFORMATION SECURITY IN ORGANIZATIONS
Ana Helena da Silva, MCI12017Cristiana Coelho, MCI12013
![Page 2: INFORMATION SECURITY IN ORGANIZATIONS Ana Helena da Silva, MCI12017 Cristiana Coelho, MCI12013](https://reader035.vdocuments.mx/reader035/viewer/2022062512/552fc181497959413d8f3d23/html5/thumbnails/2.jpg)
SUMMARY1. Introduction
2. The importance of IT in Organizations
3. Principles of Security
4. Information Security in Organizations
5. Models and Security Policies in Organizations
6. Importance of implementing a Security Policy in Organizations
7. Identification and Authentication Access Control
8. Software and Security
9. Case Study
10. Conclusions
11. References
2
![Page 3: INFORMATION SECURITY IN ORGANIZATIONS Ana Helena da Silva, MCI12017 Cristiana Coelho, MCI12013](https://reader035.vdocuments.mx/reader035/viewer/2022062512/552fc181497959413d8f3d23/html5/thumbnails/3.jpg)
1. INTRODUCTION (1/1)• This study was done for the subject of Information
Security.
• Over recent years there have been many problems related with the information security. One of the keys of these problems is related to the increasement and diffusion of the Internet.
• This happens because we are susceptible to infections by malicious software, intrusion systems, internal and external fraud, theft of proprietary information, among others.
3
![Page 4: INFORMATION SECURITY IN ORGANIZATIONS Ana Helena da Silva, MCI12017 Cristiana Coelho, MCI12013](https://reader035.vdocuments.mx/reader035/viewer/2022062512/552fc181497959413d8f3d23/html5/thumbnails/4.jpg)
2. THE IMPORTANCE OF IT IN ORGANIZATIONS (1/1)
• The Information Tecnology (IT) plays an increasingly important role in an organization.
• With the exponential growth of the information, the storage, processing and transmission of information have become increasingly relevant processes within a organization.
4
Instituto de Informática – Carta de princípios de Segurança Informática e privacidade. [Em linha]. Lisboa : Ministério das Finanças, 2008. [Consult. 15 Novembro 2012]. Disponível em WWW: <URL: http://www.inst-informatica.pt/o-instituto/instrumentos-gestao/seguranca-informatica-e-privacidade>
![Page 5: INFORMATION SECURITY IN ORGANIZATIONS Ana Helena da Silva, MCI12017 Cristiana Coelho, MCI12013](https://reader035.vdocuments.mx/reader035/viewer/2022062512/552fc181497959413d8f3d23/html5/thumbnails/5.jpg)
3. PRINCIPLES OF SECURITY (1/2)• For the processing and storage of information in digital
format, computer systems are used. Thus, the computer systems are safety related data and information.
• Data represents a physical phenomenon in order to perform certain aspects of our real and conceptual world. These are used to deposit, disseminate and separate information by handling it with defined formal rules.
5
MAMEDE, Henrique São - Segurança informática nas organizações. Lisboa: FCA - Editora de Informática, 2006. p.4-10
![Page 6: INFORMATION SECURITY IN ORGANIZATIONS Ana Helena da Silva, MCI12017 Cristiana Coelho, MCI12013](https://reader035.vdocuments.mx/reader035/viewer/2022062512/552fc181497959413d8f3d23/html5/thumbnails/6.jpg)
3. PRINCIPLES OF SECURITY (2/2)
6
MAMEDE, Henrique São - Segurança informática nas organizações. Lisboa: FCA - Editora de Informática, 2006. p.4-10
![Page 7: INFORMATION SECURITY IN ORGANIZATIONS Ana Helena da Silva, MCI12017 Cristiana Coelho, MCI12013](https://reader035.vdocuments.mx/reader035/viewer/2022062512/552fc181497959413d8f3d23/html5/thumbnails/7.jpg)
4. INFORMATION SECURITY IN ORGANIZATIONS (1/1)
• Currently, we cannot say that every organization has sufficient security measures to become safe.
• We are increasingly watching a variety of attacks that exploit software vulnerabilities, applicational or operating system.
7
MAMEDE, Henrique São - Segurança informática nas organizações. Lisboa: FCA - Editora de Informática, 2006. p.377-383
![Page 8: INFORMATION SECURITY IN ORGANIZATIONS Ana Helena da Silva, MCI12017 Cristiana Coelho, MCI12013](https://reader035.vdocuments.mx/reader035/viewer/2022062512/552fc181497959413d8f3d23/html5/thumbnails/8.jpg)
5. MODELS AND SECURITY POLICIES IN ORGANIZATIONS (1/2)
• The security policy in an organization will designate the security of a system.
• A security policy should adapt to new realities that arise in the organization.
• To implement the policy we have to follow several steps, the first being the evaluation and understanding of security needs.
8
MAMEDE, Henrique São - Segurança informática nas organizações. Lisboa: FCA - Editora de Informática, 2006. p.38-66
![Page 9: INFORMATION SECURITY IN ORGANIZATIONS Ana Helena da Silva, MCI12017 Cristiana Coelho, MCI12013](https://reader035.vdocuments.mx/reader035/viewer/2022062512/552fc181497959413d8f3d23/html5/thumbnails/9.jpg)
5. MODELS AND SECURITY POLICIES IN ORGANIZATIONS (2/2)
• A procedure that can prevent disasters in the organization and that is very important is the existence of backup copies of documents.
• Should be carried out training and practice in security information with employees.
• The system must be protected against all types of malware.
9
MAMEDE, Henrique São - Segurança informática nas organizações. Lisboa: FCA - Editora de Informática, 2006. p.38-66
![Page 10: INFORMATION SECURITY IN ORGANIZATIONS Ana Helena da Silva, MCI12017 Cristiana Coelho, MCI12013](https://reader035.vdocuments.mx/reader035/viewer/2022062512/552fc181497959413d8f3d23/html5/thumbnails/10.jpg)
6. IMPORTANCE OF IMPLEMENTING A SECURITY POLICY IN ORGANIZATIONS (1/1)• Information provides an essential resource in an
organization.
• The loss of confidentiality, integrity or availability can cause a loss of confidence in the services that the firm provides.
• Some measures should be taken in an organization.
10
Instituto de Informática – Carta de princípios de Segurança Informática e privacidade. [Em linha]. Lisboa : Ministério das Finanças, 2008. [Consult. 15 Novembro 2012]. Disponível em WWW: <URL: http://www.inst-informatica.pt/o-instituto/instrumentos-gestao/seguranca-informatica-e-privacidade>
![Page 11: INFORMATION SECURITY IN ORGANIZATIONS Ana Helena da Silva, MCI12017 Cristiana Coelho, MCI12013](https://reader035.vdocuments.mx/reader035/viewer/2022062512/552fc181497959413d8f3d23/html5/thumbnails/11.jpg)
7. IDENTIFICATION AND AUTHENTICATION ACCESS CONTROL (1/2)• It is important to set access control, ie, limiting access to
resources of a system.
11
MAMEDE, Henrique São - Segurança informática nas organizações. Lisboa: FCA - Editora de Informática, 2006. p.69-80
![Page 12: INFORMATION SECURITY IN ORGANIZATIONS Ana Helena da Silva, MCI12017 Cristiana Coelho, MCI12013](https://reader035.vdocuments.mx/reader035/viewer/2022062512/552fc181497959413d8f3d23/html5/thumbnails/12.jpg)
7. IDENTIFICATION AND AUTHENTICATION ACCESS CONTROL (2/2)• There should be a security policy in organizations to
protect information.
12
MAMEDE, Henrique São - Segurança informática nas organizações. Lisboa: FCA - Editora de Informática, 2006. p.69-80
![Page 13: INFORMATION SECURITY IN ORGANIZATIONS Ana Helena da Silva, MCI12017 Cristiana Coelho, MCI12013](https://reader035.vdocuments.mx/reader035/viewer/2022062512/552fc181497959413d8f3d23/html5/thumbnails/13.jpg)
8. SOFTWARE AND SECURITY (1/2)
13
MAMEDE, Henrique São - Segurança informática nas organizações. Lisboa: FCA - Editora de Informática, 2006. p.129-135
Malware
Problems related to information security
![Page 14: INFORMATION SECURITY IN ORGANIZATIONS Ana Helena da Silva, MCI12017 Cristiana Coelho, MCI12013](https://reader035.vdocuments.mx/reader035/viewer/2022062512/552fc181497959413d8f3d23/html5/thumbnails/14.jpg)
8. SOFTWARE AND SECURITY (2/2)
14
MAMEDE, Henrique São - Segurança informática nas organizações. Lisboa: FCA - Editora de Informática, 2006. p.129-135
![Page 15: INFORMATION SECURITY IN ORGANIZATIONS Ana Helena da Silva, MCI12017 Cristiana Coelho, MCI12013](https://reader035.vdocuments.mx/reader035/viewer/2022062512/552fc181497959413d8f3d23/html5/thumbnails/15.jpg)
9. CASE STUDY (1/1)
15
AMADOR, Cristina Pacheco – Testemunho: A importância de um sistema de gestão de segurança da informação. [Em linha]. [S.l : s.n.]. [Consult. 21 Novembro 2012]. Disponível em WWW: <URL:http://www.apcer.pt/index.php?option=com_content&view=article&id=326%3Atestemunho-a-importancia-de-um-sistema-de-gestao-de-seguranca-da-informacao&Itemid=491&lang=pt>
![Page 16: INFORMATION SECURITY IN ORGANIZATIONS Ana Helena da Silva, MCI12017 Cristiana Coelho, MCI12013](https://reader035.vdocuments.mx/reader035/viewer/2022062512/552fc181497959413d8f3d23/html5/thumbnails/16.jpg)
16
![Page 17: INFORMATION SECURITY IN ORGANIZATIONS Ana Helena da Silva, MCI12017 Cristiana Coelho, MCI12013](https://reader035.vdocuments.mx/reader035/viewer/2022062512/552fc181497959413d8f3d23/html5/thumbnails/17.jpg)
10. CONCLUSIONS (1/1)• Information security is an increasingly important priority in
an organization. This is seen as an essential requirement for ensuring the long-term competitive advantages.
• There is a need of security management in an organizational and operational context.
• Thus, the implementation of a security policy to protect systems against malware is important.
17
![Page 18: INFORMATION SECURITY IN ORGANIZATIONS Ana Helena da Silva, MCI12017 Cristiana Coelho, MCI12013](https://reader035.vdocuments.mx/reader035/viewer/2022062512/552fc181497959413d8f3d23/html5/thumbnails/18.jpg)
All organizations have a system of Information Security?
18
![Page 19: INFORMATION SECURITY IN ORGANIZATIONS Ana Helena da Silva, MCI12017 Cristiana Coelho, MCI12013](https://reader035.vdocuments.mx/reader035/viewer/2022062512/552fc181497959413d8f3d23/html5/thumbnails/19.jpg)
11. REFERENCES (1/1)• AMADOR, Cristina Pacheco – Testemunho: A importância de um sistema de gestão de
segurança da informação. [Em linha]. [S.l : s.n.]. [Consult. 21 Novembro 2012]. Disponível em WWW: <URL:http://www.apcer.pt/index.php?option=com_content&view=article&id=326%3Atestemunho-a-importancia-de-um-sistema-de-gestao-de-seguranca-da-informacao&Itemid=491&lang=pt>
• Instituto de Informática – Carta de princípios de Segurança Informática e privacidade. [Em linha]. Lisboa : Ministério das Finanças, 2008. [Consult. 15 Novembro 2012]. Disponível em WWW: <URL: http://www.inst-informatica.pt/o-instituto/instrumentos-gestao/seguranca-informatica-e-privacidade>
• MAMEDE, Henrique São - Segurança informática nas organizações. Lisboa: FCA - Editora de Informática, 2006. ISBN 978-972-722-441-8.
• SELLA, Danilo (Org.) - Segurança da informação: um diferencial determinante na competitividade das corporações. São Paulo : Promon, 2005. [Consult. 19 Outubro 2012]. Disponível em WWW: <URL: http://www.promon.com.br/portugues/noticias/download/Seguranca_4Web.pdf>
• VALDEZ, Fernando - Falar de tecnologia. [Em linha]. [S.l : s.n.]. [Consul.19 Outubro 2012]. Disponível em WWW: <URL: http://falardetecnologia.com/?p=1>
19