PowerPoint Presentation

21st Dec'2022 SWORD SWORD Group Offshore Services.

EMPLOYEE SECURITY AWARNESS PROGRAM. Sword Global (India) Pvt Ltd IT Department 2025.

What do you think of when you hear the term “Information Security?”.

Goal of the Security “Ensure that right person has the right information the right time” CIA Triad.

Goal for Today. Purpose of the security training Potential threads Protecting data at works Mobile Security.

PURPOSE OF TRAINING.

Who is the Responsible for Computer Security?. Everyone is responsible for protecting the information security Personnel are expected to act responsibly and ethically when accessing company data The security of a system is only as good as its weakest link. If even one person does not pay attention to security the security of the hole system compromised..

Why Do I need to Learn About Security?. Good Security Standards follow the "90/ 10" Rule: 10% of security safeguards are technical 90% of security safeguards relay on the computer user (YOU !) to adhere to good computing practices.

Example. The lock on the door 10%.. Remembering. to lock, checking to see if it is closed, ensuring do not prop the door open, keeping control of the key is the 90%..

What Could Happen. Poor security can place information at risk. Some examples are: Your laptop containing data is stolen A hacker breaks into an application and alters data A company server is destroyed by a virus and the backup copy of the data is out of date.

What is Risk?. Risk: A possibility that a threat exploits a vulnerability in an asset and causes damage or loss to the asset. Threat: Something that can potentially cause damage to the organization, IT Systems or network. Vulnerability: A weakness in the organization, IT Systems, or network that can be exploited by a threat..

Security Breaches Leads to...?. Reputation loss Financial loss Intellectual property loss Legislative Breaches leading to legal actions (Cyber Law) Loss of customer confidence Business interruption costs LOSS OF GOODWILL Information Security is "Organizational Problem" rather than "IT Problem".

POTENTIAL THREATS.

Malicious Software. Malicious software (also known as malware) is a serious threat. These are programs that can "infect" other programs, damage hard drives, erase critical information, take critical systems off-line, and forward your data to external sites without your knowledge. Malware includes: — Viruses — Worms — Trojan Horse programs — Spyware — Programs which accidentally harm any system or data.

Signs of Malware. Unusual items appearing on the screen (graphics, strange messages, or system error messages). Corrupted or inaccessible program files, hard disks. Programs taking longer to start up, running more slowly than usual, or not running at all. Increased number of pop-up advertisements Changed settings that can't be changed back to the way they were Web browser contains additional components that you don't remember downloading.

Protecting Against Malware. McAfee Endpoint Security software running on company managed workstations protects against most malware. Should you suspect that your computer is infected, take immediate action: Close all of your files and programs Document what symptoms were observed Shut down your system Contact the Help Desk.

Other Types of Attack. Malware Attack It is a malicious program or software that disrupts damaged the computer Phishing The attacker sends bait often in the form of an e-mail, it encourages people to share their details Social Engineering Attacker create the social situation that has encourages you to share password.

PROTECTING DATA AT WORK.

DON'T PLAY IN TRAFFIC ON THE INFORMATION SUPERHIGHWAY.

Dos AND DON’Ts OF HARDWARE & SOFTWARE SECURITY. INFORMATION SECURITY POLICIES A successful security program, just like the construction of a building, starts with a strong foundation on which to build. Your company has developed several information security policies to protect its information assets from loss or misuse. It is your responsibility to know and comply with the following policies PHYSICAL SECURITY Physical security is an important component of the information protection program at Your company. Below are some tips that can help you avoid overlooking physical security.

Access Control & Physical. Follow security procedures Wear identity cards and badges Ask unauthorized visitor his credentials Attend visitors in reception and conference room only.

Password Guidelines. Always use at least 8-character password with combination of alphabets, numbers and special characters (*, %, @, #, $, A) Use passwords that can be easily remembered by you Change password regularly as per policy Use password that is significantly different from earlier passwords.

Internet Usage. Use internet services for business purposes only.

E-mail Usage. Use official mail for business purposes only Follow the mail storage guidelines to avoid blocking of E-mails If you come across any junk / spam mail, do the following: Remove the mail Inform the security help desk Inform the sender that such mails are undesired.

Hardware Usage. DO use only your company-owned hardware to perform job duties DO take reasonable precautions to prevent damage to hardware from food or beverage spills DO take reasonable precautions to ensure security of the computer when left or unattended. DO protect computer equipment from environmental hazards, (i.e., direct sunlight, heat sources, vents, open windows, or other sources of dust and moisture)..

Software Usage. DO use only your company authorized software DO obey with all license agreements.

Reporting to Security Breaches. Report Security Incident (IT and Non-IT) to Helpdesk Through E-Mail to: lgraman@swordgroup.in / annadurai.b@swordgroup.in Contact Number: 9500533610 / 9500053650 e.g.: IT Incident: Mail Spamming, Virus Attack, Hacking etc. Non IT Incident: Unsupervised visitor movement, Information leakage, Brining unauthorized medias Do not discuses security incident any one outside organization Do not attempt to interfere with obstruct or prevent from reporting incident.

Question & Commands.

THANKS FOR YOUR VALUABLE TIME.