Chapter 14 - cda college

Management Information Systems,
Sixth Edition
Chapter 14:
Risks, Security, and Disaster Recovery
Objectives
• Describe the primary goals of information
security
• Enumerate the main types of risks to information
systems
• List the various types of attacks on networked
systems
• Describe the types of controls required to ensure
the integrity of data entry and processing and
uninterrupted e-commerce
Management Information Systems, Sixth Edition
2
Objectives (continued)
• Describe the various kinds of security measures
that can be taken to protect data and ISs
• Improve the security of your personal
information system and the information it stores
• Recognize online scams
• Outline the principles of developing a recovery
plan
• Explain the economic aspects of information
security
Management Information Systems, Sixth Edition
3
Goals of Information Security
• Protecting IT resources is a primary concern
• Securing corporate ISs is becoming increasingly
challenging
• The major goals of information security are to:
– Reduce the risk of systems ceasing operation
– Maintain information confidentiality
– Ensure the integrity and reliability of data
resources
– Ensure the uninterrupted availability of resources
– Ensure compliance with policies and laws
Management Information Systems, Sixth Edition
4
Risks to Information Systems
• Downtime: the period of time during which an IS
is not available
• Extremely expensive: average losses of:
– $2,500/minute for CRM systems
– $7,800/minute for e-commerce applications
• $4 billion lost annually in the U.S. due to
downtime
Management Information Systems, Sixth Edition
5
Risks to Hardware
• #1 cause of system downtime is hardware failure
• Major causes of damage to hardware include:
– Natural disasters
• Fires, floods, earthquakes, hurricanes, tornadoes, and
lightning
– Blackouts and brownouts
• Blackout: total loss of electricity
• Brownout: partial loss of electricity
• Uninterruptible power supply (UPS): backup power
– Vandalism
• Deliberate destruction
Management Information Systems, Sixth Edition
6
Risks to Data and Applications
• Data should be a primary concern because it is
often a unique resource
• Data and applications are susceptible to
disruption, damage, and theft
• The culprit in damage to software or data is
almost always human
• Keystroke logging: records individual keystrokes
• Social engineering: con artists pretend to be
service people, and ask for passwords
• Identity theft: pretending to be another person
Management Information Systems, Sixth Edition
7
Management Information Systems, Sixth Edition
8
Risks to Data and Applications
(continued)
• Risks to data include:
– Alteration
– Destruction
– Web defacement
• Deliberate alteration or destruction is often done
as a prank, but has a high cost
• The target may be a company’s Web site
• Honeytoken: a bogus record in a networked
database used to combat hackers
Management Information Systems, Sixth Edition
9
Risks to Data and Applications
(continued)
• Honeypot: a server containing a mirrored copy
of a database or a bogus database
– Educates security officers about vulnerable points
• Virus: spreads from computer to computer
• Worm: spreads in a network without human
intervention
• Antivirus software: protects against viruses
• Trojan horse: a virus disguised as legitimate
software
Management Information Systems, Sixth Edition
10
Management Information Systems, Sixth Edition
11
Risks to Data and Applications
(continued)
• Logic bomb: software that is programmed to
cause damage at a specific time
• Unintentional, nonmalicious damage can be
caused by:
–
–
–
–
Human error
Lack of adherence to backup procedures
Poor training
Unauthorized downloading and installation of
software may cause damage
Management Information Systems, Sixth Edition
12
Risks to Online Operations
• Many hackers try daily to interrupt online
businesses
• Types of attacks include:
–
–
–
–
–
Unauthorized access
Data theft
Defacing of Web pages
Denial of service
Hijacking
Management Information Systems, Sixth Edition
13
Denial of Service
• Denial of service (DoS): an attacker launches a
large number of information requests
– Slows down legitimate traffic to site
• Distributed denial of service (DDoS): an
attacker launches a DoS attack from multiple
computers
– Usually launched from hijacked personal
computers called “zombies”
– No definitive cure for this
– A site can filter illegitimate traffic
Management Information Systems, Sixth Edition
14
Computer Hijacking
• Hijacking: using some or all of a computer’s
resources without the consent of its owner
– Often done for making a DDoS attack
– Done by installing a software bot on the computer
– Main purpose of hijacking is usually to send spam
• Bots are planted by exploiting security holes in
operating systems and communications software
– A bot usually installs e-mail forwarding software
Management Information Systems, Sixth Edition
15
Controls
• Controls: constraints and restrictions imposed
on a user or a system
– Controls can be used to secure against risks
– Controls are also used to ensure that nonsensical
data is not entered
• Controls can reduce damage caused to systems,
application, and data
Management Information Systems, Sixth Edition
16
Controls (continued)
Management Information Systems, Sixth Edition
17
Application Reliability
and Data Entry Controls
• A reliable application is one that can resist
inappropriate usage such as incorrect data entry
or processing
– The application should provide clear messages
when errors or deliberate misuses occur
• Controls also translate business policies into
system features
Management Information Systems, Sixth Edition
18
Backup
• Backup: periodic duplication of all data
• Redundant Arrays of Independent Disks
(RAID): set of disks programmed to replicate
stored data
• Data must be routinely transported off-site as
protection from a site disaster
• Some companies specialize in data backup
services or backup facilities for use in the
event of a site disaster
Management Information Systems, Sixth Edition
19
Access Controls
• Access controls: measures taken to ensure
only authorized users have access to a
computer, network, application, or data
– Physical locks: lock the equipment in a secure
facility
– Software locks: determine who is authorized
• Three types of access controls:
– What you know: access codes, such as user ID
and password
– What you have: requires special devices
– Who you are: unique physical characteristics
Management Information Systems, Sixth Edition
20
Access Controls (continued)
• Access codes and passwords are usually stored
in the OS or in a database
• Security card is more secure than a password
– Allows two-factor access
• Biometric: uses unique physical characteristics
such as fingerprints, retinal scans, or voiceprints
• Up to 50% of help desk calls are from people
who have forgotten their passwords
– Biometrics can eliminate these kinds of calls
Management Information Systems, Sixth Edition
21
Atomic Transactions
• Atomic transaction: a set of indivisible
transactions
– All of the transactions in the set must be
completely executed, or none can be
– Ensures that only full entry occurs in all the
appropriate files to guarantee integrity of the data
– Is also a control against malfunction and fraud
Management Information Systems, Sixth Edition
22
Atomic Transactions (continued)
Management Information Systems, Sixth Edition
23
Audit Trail
• Audit trail: a series of documented facts that
help detect who recorded which transactions, at
what time, and under whose approval
– Sometimes automatically created using data and
timestamps
• Certain policy and audit trail controls are
required in some countries
• Information systems auditor: a person whose
job is to find and investigate fraudulent cases
Management Information Systems, Sixth Edition
24
Security Measures
• Organizations can protect against attacks using
various approaches, including:
–
–
–
–
–
Firewalls
Authentication
Encryption
Digital signatures
Digital certificates
Management Information Systems, Sixth Edition
25
Firewalls and Proxy Servers
• Firewall: the best defense against unauthorized
access over the Internet
– Consists of hardware and software that blocks
access to computing resources
– Firewalls are now routinely integrated into routers
• DMZ: demilitarized zone approach
– One end of the network is connected to the
trusted network, and the other end to the Internet
• Proxy server: represents another server
– Employs a firewall, and is usually placed between
the Internet and the trusted network
Management Information Systems, Sixth Edition
26
Management Information Systems, Sixth Edition
27
Authentication and Encryption
• Authentication: the process of ensuring that
you are who you say you are
• Encryption: coding a message into an
unreadable form
• Messages are encrypted and authenticated to
ensure security
• A message may be text, image, sound, or other
digital information
Management Information Systems, Sixth Edition
28
Authentication and Encryption
(continued)
Management Information Systems, Sixth Edition
29
Authentication and Encryption
(continued)
• Encryption programs scramble the transmitted
information
– Plaintext: the original message
– Ciphertext: the encoded message
• Encryption uses a mathematical algorithm and a
key
• Key: a unique combination of bits that will
decipher the ciphertext
• Public-key encryption: uses two keys, one
public and one private
Management Information Systems, Sixth Edition
30
Management Information Systems, Sixth Edition
31
Authentication and Encryption
(continued)
• Symmetric encryption: when the sender and
the recipient use the same key
• Asymmetric encryption: both a public and a
private key are used
• Transport Layer Security (TLS): a protocol for
transactions on the Web that uses a combination
of public key and symmetric key encryption
• HTTPS: the secure version of HTTP
• Digital signature: a means to authenticate
online messages; implemented with public keys
Management Information Systems, Sixth Edition
32
Management Information Systems, Sixth Edition
33
Authentication and Encryption
(continued)
• Message digest: unique fingerprint of file
• Digital certificates: computer files that
associate one’s identity with one’s public key
– Issued by certificate authority
• Certificate authority (CA): a trusted third party
• A digital certificate contains its holder’s name, a
serial number, its expiration dates, and a copy of
holder’s public key
– Also contains the digital signature of the CA
Management Information Systems, Sixth Edition
34
Management Information Systems, Sixth Edition
35
The Downside of Security Measures
• Single sign-on (SSO): a user must enter his or
her name/password only once
• Single sign-on saves employees time
• Encryption slows down communication
– Every message must be encrypted and then
decrypted
• IT specialists must clearly explain the
implications of security measures to upper
management
Management Information Systems, Sixth Edition
36
Recovery Measures
• Security measures may reduce mishaps, but no
one can control all disasters
• Preparation for uncontrolled disasters requires
that recovery measures are in place
• Redundancy may be used
– Very expensive, especially in distributed systems
• Other measures must be taken
Management Information Systems, Sixth Edition
37
The Business Recovery Plan
• Business recovery plan: a plan about how to
recover from a disaster
– Also called disaster recovery plan, business
resumption plan, or business continuity plan
• Nine steps to develop a business recovery plan:
1.
2.
3.
4.
Obtain management’s commitment to the plan
Establish a planning committee
Perform risk assessment and impact analysis
Prioritize recovery needs
• Mission-critical applications: those without which
the business cannot conduct operations
Management Information Systems, Sixth Edition
38
The Business Recovery Plan
(continued)
• Nine steps to develop a business recovery plan
(continued):
5.
6.
7.
8.
9.
Select a recovery plan
Select vendors
Develop and implement the plan
Test the plan
Continually test and evaluate
• The plan should include key personnel and their
responsibilities
Management Information Systems, Sixth Edition
39
Recovery Planning
and Hot Site Providers
• Can outsource recovery plans to firms that
specialize in disaster recover planning
• Hot sites: alternative sites that a business can
use when a disaster occurs
– Backup sites provide desks, computer systems,
and Internet links
Management Information Systems, Sixth Edition
40
The Economics of Information Security
• Security measures should be regarded as
analogous to insurance
• Spending for security measures should be
proportional to the potential damage
• A business must assess the minimum
acceptable rate of system downtime and ensure
that the company can financially sustain the
downtime
Management Information Systems, Sixth Edition
41
How Much Security
Is Enough Security?
• Two costs should be considered:
– Cost of the potential damage
– Cost of implementing a preventative measure
• As the cost of security measures increases, the
cost of potential damage decreases
– Companies try to find the optimal point
• The company must define what needs to be
protected
• Security measures should never exceed the
value of protected system
Management Information Systems, Sixth Edition
42
How Much Security Is Enough
Security? (continued)
Management Information Systems, Sixth Edition
43
Calculating Downtime
• Businesses should try to minimize downtime, but
the benefit of greater uptime must be compared
to the added cost
• Mission-critical systems must be connected to
an alternative source of power, duplicated with a
redundant system, or both
• Many ISs are now interfaced with other systems
– Interdependent systems have greater downtime
• Redundancy reduces downtime
Management Information Systems, Sixth Edition
44
Summary
• The purpose of controls and security measures
is to maintain the functionality of ISs
• Risks to ISs include risks to hardware, data,
and networks, and natural disaster and
vandalism
• Risks to data and applications include theft of
information, identity theft, data alteration, data
destruction, defacement of Web sites, viruses,
worms, logic bombs, and nonmalicious
mishaps
• Risks to online systems include denial of
service and hijacking
Management Information Systems, Sixth Edition
45
Summary (continued)
• Controls are used to minimize disruption
• Access controls require information to be
entered before resources are made available
• Atomic transactions ensure data integrity
• Firewalls protect against Internet attacks
• Encryption schemes scramble messages to
protect them on the Internet
• A key is used to encrypt and decrypt messages
Management Information Systems, Sixth Edition
46
Summary (continued)
• SSL, TLS, and HTTPS are encryption standards
designed for the Web
• Keys and digital certificates can be purchased
from a certificate authority
• Many organizations have business recovery
plans, which may be outsourced
• Careful evaluation of the amount spent on
security measures is necessary
• Redundancy reduces the probability of downtime
• Governments are obliged to protect citizens
against crime and terrorism
Management Information Systems, Sixth Edition
47