Scribd Logo
Upload

Welcome to Scribd!

  • Security Policies

    Uploaded by

    Mohammad Raheman
    67 views10 pages

    Original Title

    Security Policies.pptx

    Copyright

    © © All Rights Reserved

    Available Formats

    PPTX, PDF, TXT or read online from Scribd

    Did you find this document useful?

    Is this content inappropriate?

    Report this Document

    Copyright:

    © All Rights Reserved
    Download as PPTX, PDF, TXT or read online from Scribd
    Flag for inappropriate content
    67 views10 pages

    Security Policies

    Uploaded by

    Mohammad Raheman

    Copyright:

    © All Rights Reserved
    Download as PPTX, PDF, TXT or read online from Scribd
    Flag for inappropriate content
    of 10

    Security Policies

    Security policies are a formal set of rules which is issued by an


    organization to ensure that the user who are authorized to access
    company technology and information assets comply with rules and
    guidelines related to the security of information. It is a written
    document in the organization which is responsible for how to protect
    the organizations from threats and how to handles them when they will
    occur. A security policy also considered to be a "living document" which
    means that the document is never finished, but it is continuously
    updated as requirements of the technology and employee changes.
    Sample Security Policy
    Document
    Need of Security policies-
    1) It increases efficiency.
    2) It upholds discipline and accountability
    3) It can make or break a business deal
    4) It helps to educate employees on
    security literacy
    i. Virus and Spyware Protection policy
    ii. Firewall Policy
    iii. Intrusion Prevention policy
    iv. Live Update policy
    v. Application and Device Control
    Security Standards
    A security standard is "a published specification that establishes a common language,
    and contains a technical specification or other precise criteria and is designed to be
    used consistently, as a rule, a guideline, or a definition." The goal of security standards
    is to improve the security of information technology (IT) systems, networks, and critical
    infrastructures. The Well-Written cybersecurity standards enable consistency among
    product developers and serve as a reliable standard for purchasing security products.
    Types of Standards
    1. ISO
    i. ISO 27001
    ii. ISO 27000
    iii. ISO 27002
    iv. ISO 27005
    v. ISO 27032
    2. IT Act
    3. Copyright Act
    4. Patent Law
    5. IPR
    Digital Signature
    A digital signature is a mathematical technique which validates the
    authenticity and integrity of a message, software or digital documents. It
    allows us to verify the author name, date and time of signatures, and
    authenticate the message contents. The digital signature offers far more
    inherent security and intended to solve the problem of tampering and
    impersonation (Intentionally copy another person's characteristics) in
    digital communications.
    Signature
    1). Authentication
    2). Non-repudiation
    3). Integrity
    Algorithms in Digital Signature

    1. Key generation algorithm


    2. Signing algorithm
    3. Signature verifying algorithm
    How digital signatures work
    Types of Digital Signature

    1). Certified Signatures


    2). Approval Signatures
    3). Visible Digital Signature
    4). Invisible Digital Signature

    You might also like