Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Class4 Security
1. INTRODUCTION TO INFORMATION SYSTEMS SUPdeCO - PCM - English Track October 2008 Computer-Based Information Systems Security PROF. DIANA MANGALAGIU MANAGEMENT AND STRATEGY DEPARTMENT
2. Concept of security « The security of an information system is its non-vulnerability to accidents or deliberate attacks, that is the impossibility that those attacks have any serious impacts on the state and the operation of the system » J. P. Magnier
3.
4. General definitions Un sinistre Causes of vulnerability Immediate and long-term effects An attack or a natural disaster Disaster : Source: P. Reix
5. S ecurity guidelines : To handle security, it should be assessed using indicators including: 1 – Availability of information and functionalities 2 – Truthfulness of information 3 – Confidentiality of information 4 – Non-repudiation of communications 5 – Traceability of operations Potential causes of the disaster make it essential to keep watch over the vulnerability of the system and thus over the risks it runs. General definitions
6.
7. Security planning Policies for security 1 – Material resource security 2 – Software security 3 – Application security 4 – General security steps 5 – Insurance The idea that security is entirely handled by hardware and software related procedures is a dangerous utopia as it must come with organizational thinking as well as awareness and training of individuals.
8. Four cornerstones of security & trust authentication integrity & non- authorisation confidentiality repudiation
9.
10.
11.
12. Confidentiality Only intended recipient can make sense of message or stored information authentication integrity & non- confidentiality repudiation
13. Authorisation Is the user allowed to perform these operations? authentication integrity & non- authorisation confidentiality repudiation
14.
15.
16.
17.
Notas del editor
Bouygues Télécom : Sa panne informatique du 17/11/2004 lui coûte 16 millions d’Euros SNCF : 1000 terminaux paralysés en juillet 2004 Selon Microsoft , 2,4 milliards d’heures de travail dans les entreprises ce qui équivaut en France à 20€ de l’heure X 15 millions de personnes = 1,8 milliards d’euros de perte