Physical Security - E-Commerce - Lecture Slides, Slides of Fundamentals of E-Commerce

E-Commerce is taking over the traditional commerce practices. It is of special concern for the IT students. Following are the key points of these Lecture Slides : Physical Security, Company, Security Technologies, People, Building Guards, Business, Human Factor, Totally Vulnerable, Encrypted Transmission, Social Engineering Attack

Typology: Slides

2012/2013

Uploaded on 07/30/2013

shoki_sho
shoki_sho 🇮🇳

4.9

(7)

121 documents

1 / 10

Toggle sidebar

This page cannot be seen from the preview

Don't miss anything!

bg1
"A company may have purchased the best
security technologies that money can buy,
trained their people so well that they lock up
all their secrets before going home at night,
and hired building guards from the best
security firm in the business. The company is
still totally vulnerable... the human factor is
truly security's weakest link"
Mitnick and Simon (2002).
Docsity.com
pf3
pf4
pf5
pf8
pf9
pfa

Partial preview of the text

Download Physical Security - E-Commerce - Lecture Slides and more Slides Fundamentals of E-Commerce in PDF only on Docsity!

"A company may have purchased the best

security technologies that money can buy,trained their people so well that they lock upall their secrets before going home at night,and hired building guards from the bestsecurity firm in the business. The company isstill totally vulnerable... the human factor istruly security's weakest link"

Mitnick and Simon (2002).

Can you feel safe in the e-world?

Kevin Mitnick, The Art of Deception

E-RISK:Where we are really exposed?

source: http://tnaron.wordpress.com

Where we are really exposed? 

Physical Security 

Reliability of equipment and network connection  Direct access  Accidental loss (e.g. memory sticks, laptops)  Robbery (physical) 

Human Factor 

passwords  lack of awareness what information is sensitive  accidental leakage of information (not intended e-mails)  disloyalty (dishonest or dissatisfied personnel)

Where we are really exposed? 

Methods of hacker attacks: 

Exploits - using system bugs or glitches, e.g.:  Buffer overflows  Input validation errors (SQL and code injections, directory traversal)  Cross-site scripting  HTTP header injections  Eavesdropping, wi-fi eavesdropping  Indirect attacks  Backdoors  Denial-of-service (DOS) attacks  Social attack (social engineering)  Direct access attacks (physical)

Where we are really exposed? 

Impact of hacker attacks: 

Direct financial loss (fraud or litigation)  Subsequent loss (result of unwelcome publicity)  Loss of a market share (if customer confidence affected)  Legal liability and criminal charges

Where we are really exposed? 

Methodology:



Review existing controls



Identify areas where more work is needed



Monitor technological progress



Anticipate potential new threats



Read the headlines!