Security


 * Security page [[image:security.JPG align="right"]]**
 * Security**

Authentication - the act of validatinga users credentials.


 * 1) Logon/password
 * 2) Badget
 * 3) Token

IBAC - Idenity Based Access Control. Using passwords to access the system.

RBAC - Role Based Access Control. Access to network based on your role in the company. Certain department have access to specific files and database.

Personal Identifiers - Validate authentication by what you are. Finger prints, retinas, and facial recognition.


 * - Ways to prevent Data Leakage**

Data leakage - Endpoints o Transferred/ retired PC’s § Hard drives, Motherboard, CMOS chip (BIOS password) · Delete all data from PC (NTFS/FAT) · Overwrite data ( run software to completely run zero) · Remove the HD ( magnetic the hd), crack the case break the disk - Risk vs. Benefit - Mobile technologies o Lost § Smart-phones § Laptops, thumb drives, cell phones · Accounts with passwords (full security password) · Encrypted volumes (example: truecrypt) o Policies § No secure data on cell phones

o Thumb drives o Burned CD’s o Lock USB ports § Disable Autoplay on pc

** Preventing Data leakage ** - Man-in the – attacks - Loss of control over data - Unauthorized exposure of data, transfer of data ** Networks ** - Unintended – RBAC? Is missing/not update, wrong group o Rogue devices- hotspots, wireless access control Storage - "username: ""password: "filetype:xls realty - Filetype:pdf - Google Hack – web server o Works on a crawler- public html, gettings indexed by google o Crawler works automatic sw (robots.txt) o Identify data assets – owners of data(HR,Marketing) § Custodians of data- who takes care of the data § Data location- hardware( server room, rack 1) o Logic- ip address, path § Legal Requirements § Classify- data(high,middle,low) § Implementation of proper storage · Where § Endpoints( host, user pc) § Unintended – emails, o Network drives/local drives Shared-Folders network connections - Disable all networking shared drives - Password protect all files and database