NEED FOR IS SECURITY

•According to the CAG of India•Every organisation is under an

obligation to ensure the security •for its IT Assets•as they include not only the equipment but also the data and processes.

NEED FOR IS SECURITY

•According to the CAG of India•Security lapses in an IT environment could have a cascading effect and hence prove to be highly disruptive•This causes financial and far-reaching efficiency losses to an organisation

•Computer systems and networks play significant roles in most of our activities

•E-mail, for communication is becoming the order of the day

NEED FOR IS SECURITY

• Need to transfer files and access databases is ever-growing, to obtain information.

• Remote access, even while users are mobile, while on travel or other duty assignments, has become the need.

NEED FOR IS SECURITY

WHAT FACILITATES ACCESS TO INFORMATION/INFORMATION SYSTEMS ?

• Through connectivity to – a LAN, such as Banyan or Novell– a Wide Area Network (WAN), such as

the DISN, NAVNET or Internet •for information/communication

–Locally–Nationally–Worldwide

NEED FOR IS SECURITY

• Increased usage of computer systems and networks– in daily communication and other work-related activities raises certain concerns

NEED FOR IS SECURITY

• A typical example: use of e-mail •When used for important business transactions and organisational communications

–additional security requirements arise

NEED FOR IS SECURITY

• The need for IS Security warrants certain assurances for users– Authenticity of Information

exchanged with other users•That it has not been modified or

tampered with– Origin of Information received

•From valid, authorised parties– Information sent is received only by

the intended parties

NEED FOR IS SECURITY

• The need for IS Security warrants certain assurances for the users– Restriction on Information exchanged

• Preventing unauthorised access– Any information or data has definitely

reached its destination– Assurances and protections being

reliable, dependable and cost-effective