Security @ iQuanti

By the end of this course, you will be able to:

1. Understand what Information Security is & be aware of your responsibilities with respect to Information Security

2. Understand the key terms & critical concepts of Information Security

3. Decide what protection or classification is appropriate for your information

4. Make appropriate choices for storage of sensitive data

Security @ iQuanti

Intended Audience

Any person having access to iQuanti Information assets

1. Employees

2. Contract Employees

3. Consultants

Overview

  1. Security Responsibility
  2. Information security
    1. Legal Implications
    2. Addressing Information Security
  3. Data Classification
  4. System Access Control
    1. IT Resources
    2. Internet Usage
    3. Non-Disclosure Agreement
  5. Business Continuity and Disaster Recovery
  6. Emergency Response Team
  7. Employee Responsibilities
  8. Incident Reporting
  9. Case study
  10. Disciplinary Action

Security Responsibility Is Ours

Security is everyone's responsibility

Unauthorized disclosure of classified or sensitive information can adversely effect our business

You must not  share and discuss classified information with anyone other than who need to know

Why do we need a Security Policy?

Protecting our client and company assets is crucial.

This involves:

  1. Protecting the data of our clients and our company
  2. Protecting the intellectual property of our clients and the company
  3. Protecting the physical property of  the company
  4. Protecting information identity of our employees and contractors

Impact of a Security breach

Impacts of a Security breach may be:

 

  1. Legal implications
  2. Loss of customer confidence
  3. Loss of business or financial loss
  4. Loss of competitive advantage
  5. Loss of productivity
  6. Loss of company reputation/goodwill

What is Information Security?

  • Information security means protecting information and information systems against unauthorized access, use, disclosure, modification, disruption or destruction
  • Protect information from deliberate or accidental loss or misuse by guaranteeing:
  1. Confidentiality - Only authorized users access information
  2. Integrity - The information is accurate and complete
  3. Availability - Authorized users have  access when it is needed

Forms in which information can exist

  1. Printed or written on paper
  2. Spoken in conversation (meetings, conference calls, informal conversations, etc.)
  3. Stored electronically (Hard disks, Media(tapes, CDs, DVDs), etc.)
  4. Transmitted in by post/courier or electronically (Email, FTP, etc.)

Please be careful while dealing with any classified information.

Scenario 1

Question 1 : Why is it important to have a good understanding of Information Security policies and procedures?

  • Helps protect individuals from being victims of security incidents.
  • Provides an understanding of steps to follow in the event of a security incident
  • Helps to understand levels of responsibility
  • All of the above

Question 2 : Which of the following is a good way to create a password?

  • Your children's or pet's names
  • Using look-alike substitutions of numbers or symbols
  • A combination of upper and lowercase letters mixed with numbers and symbols
  • Using common names or words from the dictionary

Question 3 : Which of the following would be the best password?

  • MySecret
  • Dp0si#Z$2
  • Abc123
  • Keyboard

Question 4 : What is the most common delivery method for viruses?

  • Email
  • Instant Message
  • Internet download
  • Portable media