Company
LOGO
Computer Security and Forensics
Computer Security and Forensics
By Kim Cassinelli, Eriko Yamaguce and Stefan Schuebel
AgendaAgenda
1. Overview of Desert Tan1. Overview of Desert Tan
2. Computer Security 2. Computer Security
3. Computer Forensics 3. Computer Forensics
4. Conclusions 4. Conclusions
Concept MapConcept Map
What is
Computer
Security? . Function
Examples
from Real
WorldRecomenation
Cost Analysis
Conclustion
What is
Computer
Forensics?Function
Enron
Case Study
Desert TanDesert Tan• Desert Tan is a small company which provides
customers with tanning options. • They offer state-of-the-art equipment in both light beds
and spray on tans. • Currently they have 10 different franchise locations
within the Northwest. • Their unique online presence allows customers to create
an online account similar to online banking.
Desert Tans‘ QuestionsDesert Tans‘ Questions
• How can we provide customers safe and secure online transactions?
• How can computer forensics help monitor inappropriate employee and franchise activity?
• What are the costs associated with implementing a monitoring system?
Definition Computer SecurityDefinition Computer Security• Computer security is a branch of technology known as
information security as applied to computer. • The objective of computer security varies and can
include protection of information from theft or corruption, or the preservation of availability, as defined in the security policy.
• Computer security imposes requirements on computers that are different from most system requirements because they often take the form of constraints on what computers are not supposed to do.
Source: www.wikipedia.com
What Covers Computer Security?
What Covers Computer Security?
Source: data bases on CSI Survey 2007
Survey Reading ListSurvey Reading List
What type of computer attacks do you know?
What type of computer attacks do you know?
Source: CSI Survey 2007
Estimate the total loss in Dollar due to computer attacks in 2007 for the US:
Estimate the total loss in Dollar due to computer attacks in 2007 for the US:
• $ 66,930,950
Source: CSI Survey 2007
Estimate the percentage loss due to insiders:
Estimate the percentage loss due to insiders:
Source: CSI Survey 2007
Estimate the percentage of users having an anti virus software, firewall, anti spyware software, forensic tools:
Estimate the percentage of users having an anti virus software, firewall, anti spyware software, forensic tools:
Source: CSI Survey 2007
98%97%
80%
40%
6 layers of security6 layers of security
Source: www.hp.com
Telephone Interview to Trend MicroTelephone Interview to Trend Micro
Question: What are the common 3 questions about computer security from small companies?
• No. 3 How often should they upload their computer security software?
• No. 2 What should they do?• No. 1 How much should they prepare for
computer security?
Definition Computer ForensicsDefinition Computer Forensics• Computer forensics is a branch of forensic
science pertaining to legal evidence found in computers and digital storage mediums.
• Computer forensics adheres to standards of evidence admissible in a court of law. Computer forensics experts investigate data storage devices, (such as hard drives, USB Drives, CD-ROMs, floppy disks, tape drives, etc.), identifying, preserving, and then analyzing sources of documentary or other digital evidence.
• Computer Forensics Video
Source: www.wikipedia.com
Enron CaseEnron Case
• Arthur Andersen & Company said the accounting firm had destroyed a ''significant but undetermined'' number of documents relating to Enron and its finances.
• Questions for the Class:– What should Enron have done as an organization
when these allegations were made?– What would you have done if you were the CEO,
CTO, or lawyer of Enron?
Question 1Question 1
• How can we provide customers safe and secure online transactions?– Only certain employees have access to
customer information– PayPal
PayPal includes all these features:
• Secure system• Fraud protection• Reporting tools• Shipping and sales tax tools
Question 2Question 2
• How can computer forensics help monitor inappropriate employee and franchise activity?
• All internet security• Your company needs to decide the level of
protection they are looking for.
Question 3 - Cost AnalysisQuestion 3 - Cost Analysis
Source: CSI Survey 2007
Recommendet next stepsRecommendet next steps
• Do more research on what you are currently using
• Use PayPal• Discuss with your IT specialist which
security programs are best for your company and what are appropriate next steps
QUESTIONS??QUESTIONS??