Documente Academic
Documente Profesional
Documente Cultură
January 2, 2012
CONTENT
What is information ? Characteristics of information What is information Security ? What is ISMS ? Clearing desk and Clear screen policy Desktop and portable device policy Password Policy Email policy Internet policy ISO 27001 Security awareness clips
BOB
A12
Dubai
IT
Bangalore
Structured Data
Name BOB
Destination Dubai IT
Airline
Boarding Bangalore
From above data , we can derive the following information: On 1st of January BOB Travelled from Bangalore to Dubai by Kingfisher airline(IT) and his seat number was A12
Information is data that has been given meaning by way of relational connection.
Confidentiality
Integrity
Availability
What is Confidentiality?
Making sure only those people who are supposed to see the information see it.
Personal
Business
What is Integrity?
Making sure only those people who are supposed to change (edit) the information can change it.
Personal
Business
What is Availability?
Making sure the information is available when the authorized people requires it.
Personal
Business
Business Information
What is ISMS?
Objective:- Protect information stored in your computer and hard copy documents from unauthorized Access How to practice this ? lock your Computer using Ctrl + Alt + Del while you leave your workstation If working on sensitive information, and you have a visitor to your desk, lock you screen to prevent the contents being read
When desks/offices are unoccupied, any confidential information must be locked away in cabinets or offices
All waste paper, which contains any personal or confidential information must be shredded or destroyed
Objective:- Protect information stored in your computer and avoid malware Propagation
Employees are responsible for physical security of their laptops, blackberry etc..
Always scan for viruses when copying or downloading files to your computer from CD/DVD and other sources
Password policy
Use Complex password, that is use combination of alpha numeric and special characters Use minimum 8 characters for your password Change password before 90 days Do not repeat last 5 passwords
EMAIL POLICY
Company confidential information must not be shared outside the Company, without authorization, at any time
Sending pornographic jokes or other contents of sexual nature via email, is considered sexual harassment and will be addressed according to HR Policy.
BIAL retains the right to remove from its information systems any material it views as offensive or potentially illegal
Here something that you might want to read it was on the news . Subject: FW: PLEEEEEASE READ!!!! It was on the news!
Dear friends, Something to share with all of u. Would u believe if this is true? Read on..... For those who need money badly and this is one opportunity to try it! I'm an attorney, and I know the law. This thing is for real. Rest assured AOL and Intel will follow through with their promises for fear of facing a multimillion-dollar class action suit similar to the one filed by PepsiCo against General Electric not too long ago. Dear Friends, Please do not take this for a junk letter. Bill Gates is sharing his fortune. If you ignore this you will repent later. Microsoft and AOL are now the largest Internet companies and in an effort to make sure that Internet Explorer remains the most widely used program, Microsoft and AOL are running an e-mail beta test. When you forward this e-mail to friends, Microsoft can and will track it (if you are a Microsoft Windows user) for a two week time period. For every person that you forward this e-mail to, Microsoft will pay you $245.00, for every person that you sent it to that forwards it on, Microsoft will pay you $243.00 and for every third person that receives it, you will be paid $241.00. Within two weeks, Microsoft will contact you for your address and then send you a cheque. Regards. Charles S. Bailey General Manager Field Operations [CONTACT DETAILS REMOVED] I thought this was a scam myself, but two weeks after receiving this e-mail and forwarding it on, Microsoft contacted me for my address and within days, I received a cheque for US$24,800.00. You need to respond before the beta testing is over. If anyone can afford this Bill Gates is the man. It's all marketing expense to him. Please forward this to as many people as possible. You are bound to get at least US$10,000.00. We're not going to help them out with their e-mail beta test without getting a little something for our time. My brother's girlfriend got in on this a few months ago. When I went to visit him for the Baylor/UT game. She showed me her check. It was for the sum of $4,324.44 and was stamped "Paid In Full". Like I said before, I know the law, and this is for real Intel and AOL are now discussing a merger which would make them the largest Internet company and in an effort make sure that AOL remains the most widely used program, Intel and AOL are running an e-mail beta test.
Mr.Tim J W Tookey Group Finance Director of Lloyds Banking Group 25 Gresham Street, London EC2V 7HN www.lloydsbankinggroup.com timgdfbns@yahoo.com.hk
Good day, I am Mr. Tim J W Tookey, the Group Finance Director of Lloyds Banking Group. I personally discovered a dormant account with a total sum of $85,000,000.00 [EIGHTY FIVE MILLION DOLLARS] during our Bank's Annual Year Account Auditing. Since the death of the deceased, nobody has operated in this account till date. Moreover, this account has NO BENEFICIARY attached to it. Definitely, this fund will be confiscated by our BANKING CODE OF ETHICS if it remains dormant for a period of [10] year without any claims. In this regard, I earnestly need your full cooperation in transferring this money out of our bank to avoid our bank confiscating this fund. HOW THE TRANSACTION CAN BE HANDLED: As the group finance director of our bank, all our client account details and file are in my possession and that makes it easy for me to include your name as the beneficiary of the fund in all necessary documents involving the money we wish to transfer out from our bank. Most importantly, you will be required to: (1). Act as the original beneficiary of the funds. (2). Receive the funds into a business/private bank account. (3). At the completion of this transaction, the sharing rates shall be 50% for me while 50% for you. Note: I will split the transfer into two 2 stages for easy and smooth transfer. Firstly, the sum of $80,000,000.00 will transfer to any valid foreign account you will nominate, then upon a successful transfer without any disappointment from our side; I will then fly to meet you in your home destination for sharing, thereafter we will jointly transfer the remaining balance of $5,000,000.00. I will also like us to invest some part of the money in your country. If you accept to work with me, you will be given 50% of the total money as your share and 50%. So the main question is, will you partner me in this transaction. If you are willing to cooperate in this projectthe get back to me on my private email address timgdfbns@yahoo.com.hk view my identification link:
http://www.lloydsbankinggroup.com/about_us/directors/executive_directors.asp#timtookey I AWAIT YOUR URGENT REPLY. Yours Truly, Mr. Tim J W Tookey timgdfbns@yahoo.com.hk
Internet Policy
Objective:- Utilize technology for better productivity The use of internet by company employees is permitted & encouraged where such use is suitable for business purpose & supports the goals & objectives of the company by Providing internet access to all computer users No time based restriction
Ethnic & Racial harassment, abuse etc.. is strictly prohibited
Objective:- Avoid information leakage Sending pornographic jokes or other contents of sexual nature via email, is considered sexual harassment and will be addressed By restricting according to HR Policy. Social networking sites Instant messaging Personal Network storage & backup sites Publishing/disclosing any business sensitive information on personal websites/portals/blogs/social networking sites
Internet Policy
Monitoring internet use from all computers & devices connected to BIAL network Logging internet access details and retaining it for forensic purpose
Phishing