SlideShare a Scribd company logo

Management Information System Presentation

Download as PPTX, PDF
AaDi Malik
AaDi Malik

Management information system Presentation

InternetTechnologyBusiness
1 of 34
GROUP MEMBERS IRFAN ABID-70 UMER ISMAEEL-79 MUHAMMAD AHMED-84 MUNIR AHMED-106 MUHAMMAD TOUQEER-130
SECURING MANAGEMENT INFORMATION SYSTEM
Introduction to MIS An MIS provides managers with information and support for effective decision making, and provides feedback on daily operations. MIS is a system, which makes available the Right Information to the Right Person at the Right place at the Right Time in the Right Form and at Right Cost.
 The quality or state of being secure to be free from danger  Security is achieved using several strategies simultaneously or used in combination with one another  Security is recognized as essential to protect vital processes and the systems that provide those processes  Security is not something you buy, it is something you do What is security?
Vulnerability, Threat and Attack  A vulnerability:- is a weakness in security system Can be in design, implementation, etc. Can be hardware, or software  A threat:- is a set of circumstances that has the potential to cause loss or harm Or it’s a potential violation of security Threat can be: Accidental (natural disasters, human error, …) Malicious (attackers, insider fraud, …)  An attack:- is the actual violation of security
Why Systems are Vulnerable?  Hardware problems- • Breakdowns, configuration errors, damage from improper use or crime  Software problems- • Programming errors, installation errors, unauthorized changes)  Disasters- • Power failures, flood, fires, etc.  Use of networks and computers outside of firm’s control - • E.g. with domestic or offshore outsourcing vendors
SO HOW DO WE OVERCOME THESE PROBLEMS???
BUSINESS VALUE OF SECURITY AND CONTROL • Inadequate security and control may create serious legal liability. • Businesses must protect not only their own information assets but also those of customers, employees, and business partners. Failure to do so can lead to costly litigation for data exposure or theft. • A sound security and control framework that protects business information assets can thus produce a high return on investment.
ESTABLISHING A MANAGEMENT FRAMEWORK FOR SECURITY AND CONTROL  General controls: Establish framework for controlling design, security, and use of computer programs • Software controls • Hardware controls • Computer operations controls • Data security controls • Implementation controls
ESTABLISHING A MANAGEMENT FRAMEWORK FOR SECURITY AND CONTROL Application controls: • Input • Processing • Output Unique to each computerized application
CREATING A CONTROL ENVIRONMENT  Controls:- • Methods, policies, and procedures • Ensures protection of organization’s assets • Ensures accuracy and reliability of records, and operational adherence to management standards
Worldwide Damage from Digital Attacks
CREATING A CONTROL ENVIRONMENT  Disaster recovery plan: Runs business in event of computer outage  Load balancing: Distributes large number of requests for access among multiple servers
CREATING A CONTROL ENVIRONMENT • Mirroring: Duplicating all processes and transactions of server on backup server to prevent any interruption • Clustering: Linking two computers together so that a second computer can act as a backup to the primary computer or speed up processing
CREATING A CONTROL ENVIRONMENT Internet Security Challenges  Firewalls:- • Hardware and software controlling flow of incoming and outgoing network traffic • Prevent unauthorized users from accessing private networks • Two types: proxies and stateful inspection  Intrusion Detection System:- • Monitors vulnerable points in network to detect and deter unauthorized intruders
Figure 10-7 A Corporate Firewall
 Because they can  A large fraction of hacker attacks have been pranks  Financial Gain  Espionage  Venting anger at a company or organization  Terrorism Why do Hackers Attack?
Access Control - Physical USER RESPONSIBILITIES • Follow Security Procedures • Wear Identity Cards • Ask unauthorized visitor his credentials • Attend visitors in Reception and Conference Room only • Bring visitors in operations area without prior permission • Bring hazardous and combustible material in secure area • Practice “Piggybacking” • Bring and use pen drives, zip drives, ipods, other storage devices unless and otherwise authorized to do so
Password Guidelines  Always use at least 8 character password with combination of alphabets, numbers and special characters (*, %, @, #, $, ^)  Use passwords that can be easily remembered by you  Change password regularly as per policy  Use password that is significantly different from earlier passwords Use passwords which reveals your personal information or words found in dictionary Write down or Store passwords Share passwords over phone or Email Use passwords which do not match above complexity criteria
 Dictionary Attack  Hacker tries all words in dictionary to crack password  70% of the people use dictionary words as passwords  Brute Force Attack  Try all permutations of the letters & symbols in the alphabet  Hybrid Attack  Words from dictionary and their variations used in attack  Shoulder Surfing  Hackers slyly watch over peoples shoulders to steal passwords  Dumpster Diving  People dump their trash papers in garbage which may contain information to crack passwords Password Attacks - Types
Internet Usage Use internet services for business purposes only  Do not access internet through dial-up connectivity  Do not use internet for accessing auction sites  Do not use internet for hacking other computer systems  Do not use internet to download / upload commercial software / copyrighted material  Technology Department is continuously monitoring Internet Usage. Any illegal use of internet and other assets shall call for Disciplinary Action.
CREATING A CONTROL ENVIRONMENT Antivirus Software  Antivirus software: - Software that checks computer systems and drives for the presence of computer viruses and can eliminate the virus from the infected area • Wi-Fi Protected Access specification
This NEC PC has a biometric fingerprint reader for fast yet secure access to files and networks. New models of PCs are starting to use biometric identification to authenticate users
MANAGEMENT CHALLENGES  Implementing an effective security policy  Applying quality assurance standards in large systems projects  What are the most important software quality assurance techniques?  Why are auditing information systems and safeguarding data quality so important?
Solution Guidelines • Security and control must become a more visible and explicit priority and area of information systems investment. • Support and commitment from top management is required to show that security is indeed a corporate priority and vital to all aspects of the business. • Security and control should be the responsibility of everyone in the organization.
. . . LET US BUILD A HUMAN WALL ALONG WITH FIREWALL Human Wall Is Always Better Than A Firewall
Management Information System Presentation
Management Information System Presentation

Recommended

How To Secure MIS
How To Secure MISHow To Secure MIS
How To Secure MIS
AaDi Malik
 
Security & control in mis
Security & control in misSecurity & control in mis
Security & control in mis
Vishal Patyal
 
MIS: Information Security Management
MIS: Information Security ManagementMIS: Information Security Management
MIS: Information Security Management
Jonathan Coleman
 
Physical Security Assessment
Physical Security AssessmentPhysical Security Assessment
Physical Security Assessment
Gary Bahadur
 
5 Step Data Security Plan for Small Businesses
5 Step Data Security Plan for Small Businesses5 Step Data Security Plan for Small Businesses
5 Step Data Security Plan for Small Businesses
Wilkins Consulting, LLC
 
Corporate security pdf
Corporate security pdfCorporate security pdf
Corporate security pdf
G3 intelligence Ltd
 
Physical security.ppt
Physical security.pptPhysical security.ppt
Physical security.ppt
Faheem Ul Hasan
 
Health information secuirty session 5 best practise in information security
Health information secuirty session 5 best practise in information securityHealth information secuirty session 5 best practise in information security
Health information secuirty session 5 best practise in information security
Dr. Lasantha Ranwala
 

Recommended

How To Secure MIS
How To Secure MISHow To Secure MIS
How To Secure MIS
AaDi Malik
 
Security & control in mis
Security & control in misSecurity & control in mis
Security & control in mis
Vishal Patyal
 
MIS: Information Security Management
MIS: Information Security ManagementMIS: Information Security Management
MIS: Information Security Management
Jonathan Coleman
 
Physical Security Assessment
Physical Security AssessmentPhysical Security Assessment
Physical Security Assessment
Gary Bahadur
 
5 Step Data Security Plan for Small Businesses
5 Step Data Security Plan for Small Businesses5 Step Data Security Plan for Small Businesses
5 Step Data Security Plan for Small Businesses
Wilkins Consulting, LLC
 
Corporate security pdf
Corporate security pdfCorporate security pdf
Corporate security pdf
G3 intelligence Ltd
 
Physical security.ppt
Physical security.pptPhysical security.ppt
Physical security.ppt
Faheem Ul Hasan
 
Health information secuirty session 5 best practise in information security
Health information secuirty session 5 best practise in information securityHealth information secuirty session 5 best practise in information security
Health information secuirty session 5 best practise in information security
Dr. Lasantha Ranwala
 
Security & control in management information system
Security & control in management information systemSecurity & control in management information system
Security & control in management information system
Online
 
Health information security session 4 risk management
Health information security session 4 risk managementHealth information security session 4 risk management
Health information security session 4 risk management
Dr. Lasantha Ranwala
 
06. security concept
06. security concept06. security concept
06. security concept
Muhammad Ahad
 
Isms awareness training
Isms awareness trainingIsms awareness training
Isms awareness training
SAROJ BEHERA
 
Physical Security
Physical SecurityPhysical Security
Physical Security
Kriscila Yumul
 
Computer security concepts
Computer security conceptsComputer security concepts
Computer security concepts
G Prachi
 
Security and control in Management Information System
Security and control in Management Information SystemSecurity and control in Management Information System
Security and control in Management Information System
Satya P. Joshi
 
17 info sec_ma_imt_27_2_2012
17 info sec_ma_imt_27_2_201217 info sec_ma_imt_27_2_2012
17 info sec_ma_imt_27_2_2012
RECIPA
 
Managing security threats in today’s enterprise
Managing security threats in today’s enterpriseManaging security threats in today’s enterprise
Managing security threats in today’s enterprise
Quick Heal Technologies Ltd.
 
The Importance of Security within the Computer Environment
The Importance of Security within the Computer EnvironmentThe Importance of Security within the Computer Environment
The Importance of Security within the Computer Environment
Adetula Bunmi
 
Start With A Great Information Security Plan!
Start With A Great Information Security Plan!Start With A Great Information Security Plan!
Start With A Great Information Security Plan!
Tammy Clark
 
Basic Security Concepts of Computer
Basic Security Concepts of ComputerBasic Security Concepts of Computer
Basic Security Concepts of Computer
Faizan Janjua
 
Chapter 1 introduction(web security)
Chapter 1 introduction(web security)Chapter 1 introduction(web security)
Chapter 1 introduction(web security)
Kirti Ahirrao
 
1. security management practices
1. security management practices1. security management practices
1. security management practices
7wounders
 
Information security management best practice
Information security management best practiceInformation security management best practice
Information security management best practice
parves kamal
 
6 Physical Security
6 Physical Security6 Physical Security
6 Physical Security
Alfred Ouyang
 
Ch02 mis-ctrl-appl
Ch02 mis-ctrl-applCh02 mis-ctrl-appl
Ch02 mis-ctrl-appl
SR NAIDU
 
Security-Invest Where it Matters Most
Security-Invest Where it Matters MostSecurity-Invest Where it Matters Most
Security-Invest Where it Matters Most
InnoTech
 
Introduction to information security
Introduction to information securityIntroduction to information security
Introduction to information security
Kumawat Dharmpal
 
Security and control in mis
Security and control in misSecurity and control in mis
Security and control in mis
Gurjit
 
IM Unit 4 Security and its a control.ppt
IM Unit 4 Security and its a control.pptIM Unit 4 Security and its a control.ppt
IM Unit 4 Security and its a control.ppt
RAJESH S
 
Meletis BelsisManaging and enforcing information security
Meletis BelsisManaging and enforcing information securityMeletis BelsisManaging and enforcing information security
Meletis BelsisManaging and enforcing information security
Meletis Belsis MPhil/MRes/BSc
 

More Related Content

What's hot

Start With A Great Information Security Plan!
Start With A Great Information Security Plan!Start With A Great Information Security Plan!
Start With A Great Information Security Plan!
Tammy Clark
 
1. security management practices
1. security management practices1. security management practices
1. security management practices
7wounders
 
Ch02 mis-ctrl-appl
Ch02 mis-ctrl-applCh02 mis-ctrl-appl
Ch02 mis-ctrl-appl
SR NAIDU
 

What's hot (19)

Security & control in management information system
Security & control in management information systemSecurity & control in management information system
Security & control in management information system
 
Health information security session 4 risk management
Health information security session 4 risk managementHealth information security session 4 risk management
Health information security session 4 risk management
 
06. security concept
06. security concept06. security concept
06. security concept
 
Isms awareness training
Isms awareness trainingIsms awareness training
Isms awareness training
 
Physical Security
Physical SecurityPhysical Security
Physical Security
 
Computer security concepts
Computer security conceptsComputer security concepts
Computer security concepts
 
Security and control in Management Information System
Security and control in Management Information SystemSecurity and control in Management Information System
Security and control in Management Information System
 
17 info sec_ma_imt_27_2_2012
17 info sec_ma_imt_27_2_201217 info sec_ma_imt_27_2_2012
17 info sec_ma_imt_27_2_2012
 
Managing security threats in today’s enterprise
Managing security threats in today’s enterpriseManaging security threats in today’s enterprise
Managing security threats in today’s enterprise
 
The Importance of Security within the Computer Environment
The Importance of Security within the Computer EnvironmentThe Importance of Security within the Computer Environment
The Importance of Security within the Computer Environment
 
Start With A Great Information Security Plan!
Start With A Great Information Security Plan!Start With A Great Information Security Plan!
Start With A Great Information Security Plan!
 
Basic Security Concepts of Computer
Basic Security Concepts of ComputerBasic Security Concepts of Computer
Basic Security Concepts of Computer
 
Chapter 1 introduction(web security)
Chapter 1 introduction(web security)Chapter 1 introduction(web security)
Chapter 1 introduction(web security)
 
1. security management practices
1. security management practices1. security management practices
1. security management practices
 
Information security management best practice
Information security management best practiceInformation security management best practice
Information security management best practice
 
6 Physical Security
6 Physical Security6 Physical Security
6 Physical Security
 
Ch02 mis-ctrl-appl
Ch02 mis-ctrl-applCh02 mis-ctrl-appl
Ch02 mis-ctrl-appl
 
Security-Invest Where it Matters Most
Security-Invest Where it Matters MostSecurity-Invest Where it Matters Most
Security-Invest Where it Matters Most
 
Introduction to information security
Introduction to information securityIntroduction to information security
Introduction to information security
 

Similar to Management Information System Presentation

IM Unit 4 Security and its a control.ppt
IM Unit 4 Security and its a control.pptIM Unit 4 Security and its a control.ppt
IM Unit 4 Security and its a control.ppt
RAJESH S
 
Project Quality-SIPOCSelect a process of your choice and creat.docx
Project Quality-SIPOCSelect a process of your choice and creat.docxProject Quality-SIPOCSelect a process of your choice and creat.docx
Project Quality-SIPOCSelect a process of your choice and creat.docx
wkyra78
 
The Open Group - ZT Commandments and Reference Model.pptx
The Open Group - ZT Commandments and Reference Model.pptxThe Open Group - ZT Commandments and Reference Model.pptx
The Open Group - ZT Commandments and Reference Model.pptx
Mark Simos
 
Pete Wassell (Augmate Corportation) Security in the Enterprise Smart Glasses
Pete Wassell (Augmate Corportation) Security in the Enterprise Smart GlassesPete Wassell (Augmate Corportation) Security in the Enterprise Smart Glasses
Pete Wassell (Augmate Corportation) Security in the Enterprise Smart Glasses
AugmentedWorldExpo
 
Securityandethicalchallengesofinfornationtechnology 090902132631-phpapp02
Securityandethicalchallengesofinfornationtechnology 090902132631-phpapp02Securityandethicalchallengesofinfornationtechnology 090902132631-phpapp02
Securityandethicalchallengesofinfornationtechnology 090902132631-phpapp02
anjalee990
 

Similar to Management Information System Presentation (20)

Security and control in mis
Security and control in misSecurity and control in mis
Security and control in mis
 
IM Unit 4 Security and its a control.ppt
IM Unit 4 Security and its a control.pptIM Unit 4 Security and its a control.ppt
IM Unit 4 Security and its a control.ppt
 
Meletis BelsisManaging and enforcing information security
Meletis BelsisManaging and enforcing information securityMeletis BelsisManaging and enforcing information security
Meletis BelsisManaging and enforcing information security
 
Software Security Engineering
Software Security EngineeringSoftware Security Engineering
Software Security Engineering
 
Security and Control.ppt
Security and Control.pptSecurity and Control.ppt
Security and Control.ppt
 
Software security engineering
Software security engineeringSoftware security engineering
Software security engineering
 
Project Quality-SIPOCSelect a process of your choice and creat.docx
Project Quality-SIPOCSelect a process of your choice and creat.docxProject Quality-SIPOCSelect a process of your choice and creat.docx
Project Quality-SIPOCSelect a process of your choice and creat.docx
 
Presentation 10.pptx
Presentation 10.pptxPresentation 10.pptx
Presentation 10.pptx
 
Introduction to Cybersecurity Fundamentals
Introduction to Cybersecurity FundamentalsIntroduction to Cybersecurity Fundamentals
Introduction to Cybersecurity Fundamentals
 
Information security and other issues
Information security and other issuesInformation security and other issues
Information security and other issues
 
Sweden dst tpam 2014
Sweden dst tpam 2014Sweden dst tpam 2014
Sweden dst tpam 2014
 
chapter 3 ethics: computer and internet crime
chapter 3 ethics: computer and internet crimechapter 3 ethics: computer and internet crime
chapter 3 ethics: computer and internet crime
 
The Open Group - ZT Commandments and Reference Model.pptx
The Open Group - ZT Commandments and Reference Model.pptxThe Open Group - ZT Commandments and Reference Model.pptx
The Open Group - ZT Commandments and Reference Model.pptx
 
Presentation topic Software Security.pptx
Presentation topic Software Security.pptxPresentation topic Software Security.pptx
Presentation topic Software Security.pptx
 
Information Security Seminar
Information Security SeminarInformation Security Seminar
Information Security Seminar
 
What Are the Steps to Protect Business From Cyber Attacks?
What Are the Steps to Protect Business From Cyber Attacks?What Are the Steps to Protect Business From Cyber Attacks?
What Are the Steps to Protect Business From Cyber Attacks?
 
Pete Wassell (Augmate Corportation) Security in the Enterprise Smart Glasses
Pete Wassell (Augmate Corportation) Security in the Enterprise Smart GlassesPete Wassell (Augmate Corportation) Security in the Enterprise Smart Glasses
Pete Wassell (Augmate Corportation) Security in the Enterprise Smart Glasses
 
ESTABLISHING A FRAMEWORK FOR SECURITY AND CONTROL.pptx
ESTABLISHING A FRAMEWORK FOR SECURITY AND CONTROL.pptxESTABLISHING A FRAMEWORK FOR SECURITY AND CONTROL.pptx
ESTABLISHING A FRAMEWORK FOR SECURITY AND CONTROL.pptx
 
MS. Cybersecurity Reference Architecture
MS. Cybersecurity Reference ArchitectureMS. Cybersecurity Reference Architecture
MS. Cybersecurity Reference Architecture
 
Securityandethicalchallengesofinfornationtechnology 090902132631-phpapp02
Securityandethicalchallengesofinfornationtechnology 090902132631-phpapp02Securityandethicalchallengesofinfornationtechnology 090902132631-phpapp02
Securityandethicalchallengesofinfornationtechnology 090902132631-phpapp02
 

Recently uploaded

一比一原版(Offer)康考迪亚大学毕业证学位证靠谱定制
一比一原版(Offer)康考迪亚大学毕业证学位证靠谱定制一比一原版(Offer)康考迪亚大学毕业证学位证靠谱定制
一比一原版(Offer)康考迪亚大学毕业证学位证靠谱定制
pxcywzqs
 
Russian Escort Abu Dhabi 0503464457 Abu DHabi Escorts
Russian Escort Abu Dhabi 0503464457 Abu DHabi EscortsRussian Escort Abu Dhabi 0503464457 Abu DHabi Escorts
Russian Escort Abu Dhabi 0503464457 Abu DHabi Escorts
Monica Sydney
 
一比一原版(Flinders毕业证书)弗林德斯大学毕业证原件一模一样
一比一原版(Flinders毕业证书)弗林德斯大学毕业证原件一模一样一比一原版(Flinders毕业证书)弗林德斯大学毕业证原件一模一样
一比一原版(Flinders毕业证书)弗林德斯大学毕业证原件一模一样
ayvbos
 
Indian Escort in Abu DHabi 0508644382 Abu Dhabi Escorts
Indian Escort in Abu DHabi 0508644382 Abu Dhabi EscortsIndian Escort in Abu DHabi 0508644382 Abu Dhabi Escorts
Indian Escort in Abu DHabi 0508644382 Abu Dhabi Escorts
Monica Sydney
 
pdfcoffee.com_business-ethics-q3m7-pdf-free.pdf
pdfcoffee.com_business-ethics-q3m7-pdf-free.pdfpdfcoffee.com_business-ethics-q3m7-pdf-free.pdf
pdfcoffee.com_business-ethics-q3m7-pdf-free.pdf
JOHNBEBONYAP1
 
Mira Road Housewife Call Girls 07506202331, Nalasopara Call Girls
Mira Road Housewife Call Girls 07506202331, Nalasopara Call GirlsMira Road Housewife Call Girls 07506202331, Nalasopara Call Girls
Mira Road Housewife Call Girls 07506202331, Nalasopara Call Girls
Priya Reddy
 
Local Call Girls in Seoni 9332606886 HOT & SEXY Models beautiful and charmin...
Local Call Girls in Seoni 9332606886 HOT & SEXY Models beautiful and charmin...Local Call Girls in Seoni 9332606886 HOT & SEXY Models beautiful and charmin...
Local Call Girls in Seoni 9332606886 HOT & SEXY Models beautiful and charmin...
kumargunjan9515
 
原版制作美国爱荷华大学毕业证(iowa毕业证书)学位证网上存档可查
原版制作美国爱荷华大学毕业证(iowa毕业证书)学位证网上存档可查原版制作美国爱荷华大学毕业证(iowa毕业证书)学位证网上存档可查
原版制作美国爱荷华大学毕业证(iowa毕业证书)学位证网上存档可查
ydyuyu
 
Russian Call girls in Abu Dhabi 0508644382 Abu Dhabi Call girls
Russian Call girls in Abu Dhabi 0508644382 Abu Dhabi Call girlsRussian Call girls in Abu Dhabi 0508644382 Abu Dhabi Call girls
Russian Call girls in Abu Dhabi 0508644382 Abu Dhabi Call girls
Monica Sydney
 

Recently uploaded (20)

一比一原版(Offer)康考迪亚大学毕业证学位证靠谱定制
一比一原版(Offer)康考迪亚大学毕业证学位证靠谱定制一比一原版(Offer)康考迪亚大学毕业证学位证靠谱定制
一比一原版(Offer)康考迪亚大学毕业证学位证靠谱定制
 
Russian Escort Abu Dhabi 0503464457 Abu DHabi Escorts
Russian Escort Abu Dhabi 0503464457 Abu DHabi EscortsRussian Escort Abu Dhabi 0503464457 Abu DHabi Escorts
Russian Escort Abu Dhabi 0503464457 Abu DHabi Escorts
 
Meaning of On page SEO & its process in detail.
Meaning of On page SEO & its process in detail.Meaning of On page SEO & its process in detail.
Meaning of On page SEO & its process in detail.
 
一比一原版(Flinders毕业证书)弗林德斯大学毕业证原件一模一样
一比一原版(Flinders毕业证书)弗林德斯大学毕业证原件一模一样一比一原版(Flinders毕业证书)弗林德斯大学毕业证原件一模一样
一比一原版(Flinders毕业证书)弗林德斯大学毕业证原件一模一样
 
Story Board.pptxrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrr
Story Board.pptxrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrStory Board.pptxrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrr
Story Board.pptxrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrr
 
Best SEO Services Company in Dallas | Best SEO Agency Dallas
Best SEO Services Company in Dallas | Best SEO Agency DallasBest SEO Services Company in Dallas | Best SEO Agency Dallas
Best SEO Services Company in Dallas | Best SEO Agency Dallas
 
Indian Escort in Abu DHabi 0508644382 Abu Dhabi Escorts
Indian Escort in Abu DHabi 0508644382 Abu Dhabi EscortsIndian Escort in Abu DHabi 0508644382 Abu Dhabi Escorts
Indian Escort in Abu DHabi 0508644382 Abu Dhabi Escorts
 
Trump Diapers Over Dems t shirts Sweatshirt
Trump Diapers Over Dems t shirts SweatshirtTrump Diapers Over Dems t shirts Sweatshirt
Trump Diapers Over Dems t shirts Sweatshirt
 
pdfcoffee.com_business-ethics-q3m7-pdf-free.pdf
pdfcoffee.com_business-ethics-q3m7-pdf-free.pdfpdfcoffee.com_business-ethics-q3m7-pdf-free.pdf
pdfcoffee.com_business-ethics-q3m7-pdf-free.pdf
 
Mira Road Housewife Call Girls 07506202331, Nalasopara Call Girls
Mira Road Housewife Call Girls 07506202331, Nalasopara Call GirlsMira Road Housewife Call Girls 07506202331, Nalasopara Call Girls
Mira Road Housewife Call Girls 07506202331, Nalasopara Call Girls
 
Local Call Girls in Seoni 9332606886 HOT & SEXY Models beautiful and charmin...
Local Call Girls in Seoni 9332606886 HOT & SEXY Models beautiful and charmin...Local Call Girls in Seoni 9332606886 HOT & SEXY Models beautiful and charmin...
Local Call Girls in Seoni 9332606886 HOT & SEXY Models beautiful and charmin...
 
Nagercoil Escorts Service Girl ^ 9332606886, WhatsApp Anytime Nagercoil
Nagercoil Escorts Service Girl ^ 9332606886, WhatsApp Anytime NagercoilNagercoil Escorts Service Girl ^ 9332606886, WhatsApp Anytime Nagercoil
Nagercoil Escorts Service Girl ^ 9332606886, WhatsApp Anytime Nagercoil
 
Vip Firozabad Phone 8250092165 Escorts Service At 6k To 30k Along With Ac Room
Vip Firozabad Phone 8250092165 Escorts Service At 6k To 30k Along With Ac RoomVip Firozabad Phone 8250092165 Escorts Service At 6k To 30k Along With Ac Room
Vip Firozabad Phone 8250092165 Escorts Service At 6k To 30k Along With Ac Room
 
20240510 QFM016 Irresponsible AI Reading List April 2024.pdf
20240510 QFM016 Irresponsible AI Reading List April 2024.pdf20240510 QFM016 Irresponsible AI Reading List April 2024.pdf
20240510 QFM016 Irresponsible AI Reading List April 2024.pdf
 
原版制作美国爱荷华大学毕业证(iowa毕业证书)学位证网上存档可查
原版制作美国爱荷华大学毕业证(iowa毕业证书)学位证网上存档可查原版制作美国爱荷华大学毕业证(iowa毕业证书)学位证网上存档可查
原版制作美国爱荷华大学毕业证(iowa毕业证书)学位证网上存档可查
 
Russian Call girls in Abu Dhabi 0508644382 Abu Dhabi Call girls
Russian Call girls in Abu Dhabi 0508644382 Abu Dhabi Call girlsRussian Call girls in Abu Dhabi 0508644382 Abu Dhabi Call girls
Russian Call girls in Abu Dhabi 0508644382 Abu Dhabi Call girls
 
20240508 QFM014 Elixir Reading List April 2024.pdf
20240508 QFM014 Elixir Reading List April 2024.pdf20240508 QFM014 Elixir Reading List April 2024.pdf
20240508 QFM014 Elixir Reading List April 2024.pdf
 
best call girls in Hyderabad Finest Escorts Service 📞 9352988975 📞 Available ...
best call girls in Hyderabad Finest Escorts Service 📞 9352988975 📞 Available ...best call girls in Hyderabad Finest Escorts Service 📞 9352988975 📞 Available ...
best call girls in Hyderabad Finest Escorts Service 📞 9352988975 📞 Available ...
 
Tadepalligudem Escorts Service Girl ^ 9332606886, WhatsApp Anytime Tadepallig...
Tadepalligudem Escorts Service Girl ^ 9332606886, WhatsApp Anytime Tadepallig...Tadepalligudem Escorts Service Girl ^ 9332606886, WhatsApp Anytime Tadepallig...
Tadepalligudem Escorts Service Girl ^ 9332606886, WhatsApp Anytime Tadepallig...
 
Ballia Escorts Service Girl ^ 9332606886, WhatsApp Anytime Ballia
Ballia Escorts Service Girl ^ 9332606886, WhatsApp Anytime BalliaBallia Escorts Service Girl ^ 9332606886, WhatsApp Anytime Ballia
Ballia Escorts Service Girl ^ 9332606886, WhatsApp Anytime Ballia
 

Management Information System Presentation

  • 1.
  • 2.
  • 3. GROUP MEMBERS IRFAN ABID-70 UMER ISMAEEL-79 MUHAMMAD AHMED-84 MUNIR AHMED-106 MUHAMMAD TOUQEER-130
  • 5. Introduction to MIS An MIS provides managers with information and support for effective decision making, and provides feedback on daily operations. MIS is a system, which makes available the Right Information to the Right Person at the Right place at the Right Time in the Right Form and at Right Cost.
  • 6.  The quality or state of being secure to be free from danger  Security is achieved using several strategies simultaneously or used in combination with one another  Security is recognized as essential to protect vital processes and the systems that provide those processes  Security is not something you buy, it is something you do What is security?
  • 7. Vulnerability, Threat and Attack  A vulnerability:- is a weakness in security system Can be in design, implementation, etc. Can be hardware, or software  A threat:- is a set of circumstances that has the potential to cause loss or harm Or it’s a potential violation of security Threat can be: Accidental (natural disasters, human error, …) Malicious (attackers, insider fraud, …)  An attack:- is the actual violation of security
  • 8. Why Systems are Vulnerable?  Hardware problems- • Breakdowns, configuration errors, damage from improper use or crime  Software problems- • Programming errors, installation errors, unauthorized changes)  Disasters- • Power failures, flood, fires, etc.  Use of networks and computers outside of firm’s control - • E.g. with domestic or offshore outsourcing vendors
  • 9.
  • 10. SO HOW DO WE OVERCOME THESE PROBLEMS???
  • 11. BUSINESS VALUE OF SECURITY AND CONTROL • Inadequate security and control may create serious legal liability. • Businesses must protect not only their own information assets but also those of customers, employees, and business partners. Failure to do so can lead to costly litigation for data exposure or theft. • A sound security and control framework that protects business information assets can thus produce a high return on investment.
  • 12. ESTABLISHING A MANAGEMENT FRAMEWORK FOR SECURITY AND CONTROL  General controls: Establish framework for controlling design, security, and use of computer programs • Software controls • Hardware controls • Computer operations controls • Data security controls • Implementation controls
  • 13. ESTABLISHING A MANAGEMENT FRAMEWORK FOR SECURITY AND CONTROL Application controls: • Input • Processing • Output Unique to each computerized application
  • 14. CREATING A CONTROL ENVIRONMENT  Controls:- • Methods, policies, and procedures • Ensures protection of organization’s assets • Ensures accuracy and reliability of records, and operational adherence to management standards
  • 15. Worldwide Damage from Digital Attacks
  • 16.
  • 17. CREATING A CONTROL ENVIRONMENT  Disaster recovery plan: Runs business in event of computer outage  Load balancing: Distributes large number of requests for access among multiple servers
  • 18. CREATING A CONTROL ENVIRONMENT • Mirroring: Duplicating all processes and transactions of server on backup server to prevent any interruption • Clustering: Linking two computers together so that a second computer can act as a backup to the primary computer or speed up processing
  • 19. CREATING A CONTROL ENVIRONMENT Internet Security Challenges  Firewalls:- • Hardware and software controlling flow of incoming and outgoing network traffic • Prevent unauthorized users from accessing private networks • Two types: proxies and stateful inspection  Intrusion Detection System:- • Monitors vulnerable points in network to detect and deter unauthorized intruders
  • 21.
  • 22.  Because they can  A large fraction of hacker attacks have been pranks  Financial Gain  Espionage  Venting anger at a company or organization  Terrorism Why do Hackers Attack?
  • 23. Access Control - Physical USER RESPONSIBILITIES • Follow Security Procedures • Wear Identity Cards • Ask unauthorized visitor his credentials • Attend visitors in Reception and Conference Room only • Bring visitors in operations area without prior permission • Bring hazardous and combustible material in secure area • Practice “Piggybacking” • Bring and use pen drives, zip drives, ipods, other storage devices unless and otherwise authorized to do so
  • 24. Password Guidelines  Always use at least 8 character password with combination of alphabets, numbers and special characters (*, %, @, #, $, ^)  Use passwords that can be easily remembered by you  Change password regularly as per policy  Use password that is significantly different from earlier passwords Use passwords which reveals your personal information or words found in dictionary Write down or Store passwords Share passwords over phone or Email Use passwords which do not match above complexity criteria
  • 25.  Dictionary Attack  Hacker tries all words in dictionary to crack password  70% of the people use dictionary words as passwords  Brute Force Attack  Try all permutations of the letters & symbols in the alphabet  Hybrid Attack  Words from dictionary and their variations used in attack  Shoulder Surfing  Hackers slyly watch over peoples shoulders to steal passwords  Dumpster Diving  People dump their trash papers in garbage which may contain information to crack passwords Password Attacks - Types
  • 26. Internet Usage Use internet services for business purposes only  Do not access internet through dial-up connectivity  Do not use internet for accessing auction sites  Do not use internet for hacking other computer systems  Do not use internet to download / upload commercial software / copyrighted material  Technology Department is continuously monitoring Internet Usage. Any illegal use of internet and other assets shall call for Disciplinary Action.
  • 27. CREATING A CONTROL ENVIRONMENT Antivirus Software  Antivirus software: - Software that checks computer systems and drives for the presence of computer viruses and can eliminate the virus from the infected area • Wi-Fi Protected Access specification
  • 28. This NEC PC has a biometric fingerprint reader for fast yet secure access to files and networks. New models of PCs are starting to use biometric identification to authenticate users
  • 29.
  • 30. MANAGEMENT CHALLENGES  Implementing an effective security policy  Applying quality assurance standards in large systems projects  What are the most important software quality assurance techniques?  Why are auditing information systems and safeguarding data quality so important?
  • 31. Solution Guidelines • Security and control must become a more visible and explicit priority and area of information systems investment. • Support and commitment from top management is required to show that security is indeed a corporate priority and vital to all aspects of the business. • Security and control should be the responsibility of everyone in the organization.
  • 32. . . . LET US BUILD A HUMAN WALL ALONG WITH FIREWALL Human Wall Is Always Better Than A Firewall