SlideShare a Scribd company logo

Data security auditing and accountability

Download as PPTX, PDF
L
Leo Mark Villar

This document discusses auditing and accountability in information security. It explains that accountability provides the means to trace activities back to their source through identification, authentication, and access controls. This deters misuse and allows for non-repudiation. The document outlines how auditing, logging, monitoring, and assessments support accountability and security by detecting anomalies and vulnerabilities.

Technology
1 of 17
Downloaded 59 times
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
AUDITING AND ACCOUNTABILITY
THE NEED FOR ACCOUNTABILITY Even though we allowed a party to access a resource, we need to ensure that they behave in accordance with rules set.
DATA SECURITY identification Authentication Authorization Control Accountability
ACCOUNTABILITY • Provides the means to trace activities in our environment back to their source. • Depends on identification, authentication, and access control being present so that one can know who a given transaction is associated with and what permissions were used to allow them to carry it out. • Providing sufficient controls in place to deter or prevent those that would break the rules and abuse the resources they have access to
SECURITY BENEFITS OF ACCOUNTABILITY • NONREPUDIATION • Refers to a situation in which sufficient evidence exists to prevent an individual from successfully denying that he or she has made a statement, or taken an action. • Example : system or network logs
SECURITY BENEFITS OF ACCOUNTABILITY • DETERRENCE • If those monitored are aware that they are monitored and has been communicated to them that there will be penalties for acting against the rules, these individuals may think twice before straying outside the lines.
SECURITY BENEFITS OF ACCOUNTABILITY • INTRUSION DETECTION AND PREVENTION • example implementation of alerts based on unusual activities in our environment and check information we have logged on a regular basis
SECURITY BENEFITS OF ACCOUNTABILITY • ADMISSIBILITY OF RECORDS • It is often much easier to prove admissibility when records are produced from a regulated and consistent tracking system. This means the organization can provide a solid and documented chain of custody for said evidence such as showing where evidence was at all times, how exactly it passed from one person to another, how it was protected while it was stored and so on.
AUDITING • A methodological examination and review of resources • Provides with data which can be implemented for accountability
WHAT DO WE AUDIT • Password • Policies must be implemented to dictate how passwords are constructed and use • Software Licensing • Systems owned by the organization that all software used is appropriately licensed • Internet Usage • Use of instant messaging, e-mails, file transfers, or other transactions
LOGGING • Gives history of the activities that have taken place in the environment being logged. • Logging mechanisms can be setup to log anything from solely critical events to every action carried out by the system or software such as : • Software error logs • Hardware failures • Users logging in and out • Resource access • Tasks requiring increased privileges in most logs
LOGGING • Available to administrators for review and are usually not modifiable by the users of the system. • Logs must be regularly reviewed in order to catch anything unusual in their contents. • Logs may be asked to be analyze in relation to a particular incident or situation
MONITORING • Subset of auditing and tends to focus on observing about the environment being monitored in order to discover undesirable conditions such as failures, resource shortages, security issues, and trends that might signal the arrival of such conditions.
MONITORING • Typically watching specific items of data collected such as : • Resource usage on computers • Network latency • Attacks occurring repeatedly against servers with network interfaces exposed to the Internet • Traffic passing through physical access controls at unusual times of day • CLIPPING LEVEL – activities are occurring levels above what is normally expected
ASSESSMENTS • A more active route of determining whether everything is as it should be and compliant with relevant laws, regulations, policies by examining the environment for vulnerabilities. • APPROACHES • Vulnerability Assessment • Penetration Testing
VULNERABILITY ASSESSMENT • Involves use of vulnerability scanning tools in order to locate a vulnerability. • NESSUS • Vulnerability scanning tool checking target systems to discover which ports are open and then interrogating each open port to find out exactly which service is listening on the port in question. • With the information collected, it checks its database of vulnerability information to determine whether any vulnerability may be presernt.
PENETRATION TESTING • Mimicking the techniques an actual attacker may use to penetrate a system.

More Related Content

What's hot (20)

PPTX
Social engineering
Abdelhamid Limami
 
PDF
Bug Bounty Basics
HackerOne
 
PPT
The Trouble with Cloud Forensics
Sharique Rizvi
 
PPTX
Distributed System - Security
Harshana Madusanka Jayamaha
 
PPTX
Social engineering
Vîñàý Pãtêl
 
PDF
Penetration testing & Ethical Hacking
S.E. CTS CERT-GOV-MD
 
PPTX
Securing Remote Access
Granbury Solutions
 
PPT
LAN Security
Syed Ubaid Ali Jafri
 
PPTX
Vulnerability and Assessment Penetration Testing
Yvonne Marambanyika
 
PPTX
zero day exploits
Adv. Prashant Mali ♛ [Bsc(Phy),MSc(Comp Sci), CCFP,CISSA,LLM]
 
PPTX
Password Cracking
Sina Manavi
 
PPTX
Security operation center (SOC)
Ahmed Ayman
 
PPTX
Guideline for Call Data Record Analysis by Raghu Khimani
Dr Raghu Khimani
 
PDF
Ch 4: Footprinting and Social Engineering
Sam Bowne
 
PPTX
Reconnaissance
n|u - The Open Security Community
 
PPTX
Ethical hacking Chapter 7 - Enumeration - Eric Vanderburg
Eric Vanderburg
 
PPTX
Cyber kill chain
Ankita Ganguly
 
PDF
Chapter 2 program-security
Vamsee Krishna Kiran
 
PPTX
Nessus-Vulnerability Tester
Aditya Jain
 
PDF
Digital forensic principles and procedure
newbie2019
 
Social engineering
Abdelhamid Limami
 
Bug Bounty Basics
HackerOne
 
The Trouble with Cloud Forensics
Sharique Rizvi
 
Distributed System - Security
Harshana Madusanka Jayamaha
 
Social engineering
Vîñàý Pãtêl
 
Penetration testing & Ethical Hacking
S.E. CTS CERT-GOV-MD
 
Securing Remote Access
Granbury Solutions
 
LAN Security
Syed Ubaid Ali Jafri
 
Vulnerability and Assessment Penetration Testing
Yvonne Marambanyika
 
zero day exploits
Adv. Prashant Mali ♛ [Bsc(Phy),MSc(Comp Sci), CCFP,CISSA,LLM]
 
Password Cracking
Sina Manavi
 
Security operation center (SOC)
Ahmed Ayman
 
Guideline for Call Data Record Analysis by Raghu Khimani
Dr Raghu Khimani
 
Ch 4: Footprinting and Social Engineering
Sam Bowne
 
Reconnaissance
n|u - The Open Security Community
 
Ethical hacking Chapter 7 - Enumeration - Eric Vanderburg
Eric Vanderburg
 
Cyber kill chain
Ankita Ganguly
 
Chapter 2 program-security
Vamsee Krishna Kiran
 
Nessus-Vulnerability Tester
Aditya Jain
 
Digital forensic principles and procedure
newbie2019
 

Viewers also liked (20)

PDF
HIPAA
Christopher Laboy
 
DOCX
Gangsters
LolJokes
 
PDF
Dan Armstrong, Mobile Monday Amsterdam
Dan Armstrong
 
PPT
Etxeko Sentimenduak
asier valiente
 
PDF
Práctica nº1
bego-uca
 
PDF
Inmobigrama.com
floweryjailer7279
 
DOCX
Mahou shoujo madoka magica op lyrics
Swamperd
 
PDF
Gooru Live, cómo tener un canal de Tv
Marcial Cuquerella
 
PDF
Situation financière de l'Assurance chômage : Prévision pour l'année 2015
Unédic
 
DOC
Internet no tiene limites
diego2777
 
DOC
20 25 marzo '12 actividades
Mari Carmen Timor
 
PDF
7 Xu Huong Tiep Thi nam 2016
Getfly CRM
 
PDF
Bhoomi acropolis
Square Yards
 
PPT
NMB mobile Launch
Dan Armstrong
 
PPTX
What Your House Number Means
Square Yards
 
PPTX
Puedo ayudar a los demas (iv unidad) segundo
Luis Miguel Galiano Velasquez
 
PDF
1.4 open hardware
Jose Antonio Vacas
 
PPTX
Sistemas operativos en red
Jomicast
 
PPT
Electrónica Analógica 4º eso
Koldo Parra
 
PPTX
Sesion 12 proactividad
LNolbert
 
HIPAA
Christopher Laboy
 
Gangsters
LolJokes
 
Dan Armstrong, Mobile Monday Amsterdam
Dan Armstrong
 
Etxeko Sentimenduak
asier valiente
 
Práctica nº1
bego-uca
 
Inmobigrama.com
floweryjailer7279
 
Mahou shoujo madoka magica op lyrics
Swamperd
 
Gooru Live, cómo tener un canal de Tv
Marcial Cuquerella
 
Situation financière de l'Assurance chômage : Prévision pour l'année 2015
Unédic
 
Internet no tiene limites
diego2777
 
20 25 marzo '12 actividades
Mari Carmen Timor
 
7 Xu Huong Tiep Thi nam 2016
Getfly CRM
 
Bhoomi acropolis
Square Yards
 
NMB mobile Launch
Dan Armstrong
 
What Your House Number Means
Square Yards
 
Puedo ayudar a los demas (iv unidad) segundo
Luis Miguel Galiano Velasquez
 
1.4 open hardware
Jose Antonio Vacas
 
Sistemas operativos en red
Jomicast
 
Electrónica Analógica 4º eso
Koldo Parra
 
Sesion 12 proactividad
LNolbert
 
Ad

Similar to Data security auditing and accountability (20)

PPTX
TOTLEKELIvxcvxdfsdfsdfsdfsdfqqefewrwerwervesfdfsdfefsdsfds
srizvi9
 
PPTX
Audit presentation
Metafrique group
 
PDF
Steps in it audit
kinjalmkothari92
 
PPTX
Logs in Security and Compliance flare
zilberberg
 
PPTX
Cyber Security Audit and Information Security.pptx
alamba570
 
PPTX
Logging, monitoring and auditing
Piyush Jain
 
PDF
It Security Audit Process
Ram Srivastava
 
PPT
Information Security
Dhilsath Fathima
 
PDF
CISA-Exam-Prep-Domain-5-2019.pdf. CISA exam
gregtap1
 
PPS
Auditing
Pardhasaradhi ch
 
KEY
Mis
misecho
 
PPTX
CISSP - Security Assessment
Karthikeyan Dhayalan
 
PPT
17-MOD 6 Conducting Security Audits & MOD 7 Information Security Audit Prepar...
abhichowdary16
 
PDF
CNIT 125: Ch 2. Security and Risk Management (Part 1)
Sam Bowne
 
PDF
2020 Updated Cisa Real Exam Questions
douglascarnicelli
 
PDF
CIO IT Audit Survival TNS07
Thomas Danford
 
PPTX
20100224 Presentation at RGIT Mumbai - Information Security Awareness
Dinesh O Bareja
 
PDF
C RITICAL A SSESSMENT OF A UDITING C ONTRIBUTIONS T O E FFECTIVE AND E FF...
csandit
 
KEY
Mis
misecho
 
KEY
Chapter 10, part 1
misecho
 
TOTLEKELIvxcvxdfsdfsdfsdfsdfqqefewrwerwervesfdfsdfefsdsfds
srizvi9
 
Audit presentation
Metafrique group
 
Steps in it audit
kinjalmkothari92
 
Logs in Security and Compliance flare
zilberberg
 
Cyber Security Audit and Information Security.pptx
alamba570
 
Logging, monitoring and auditing
Piyush Jain
 
It Security Audit Process
Ram Srivastava
 
Information Security
Dhilsath Fathima
 
CISA-Exam-Prep-Domain-5-2019.pdf. CISA exam
gregtap1
 
Auditing
Pardhasaradhi ch
 
Mis
misecho
 
CISSP - Security Assessment
Karthikeyan Dhayalan
 
17-MOD 6 Conducting Security Audits & MOD 7 Information Security Audit Prepar...
abhichowdary16
 
CNIT 125: Ch 2. Security and Risk Management (Part 1)
Sam Bowne
 
2020 Updated Cisa Real Exam Questions
douglascarnicelli
 
CIO IT Audit Survival TNS07
Thomas Danford
 
20100224 Presentation at RGIT Mumbai - Information Security Awareness
Dinesh O Bareja
 
C RITICAL A SSESSMENT OF A UDITING C ONTRIBUTIONS T O E FFECTIVE AND E FF...
csandit
 
Mis
misecho
 
Chapter 10, part 1
misecho
 
Ad

More from Leo Mark Villar (12)

PPTX
Date security identifcation and authentication
Leo Mark Villar
 
PPTX
Date security security principles
Leo Mark Villar
 
PPTX
Data security authorization and access control
Leo Mark Villar
 
PPTX
Date security introduction
Leo Mark Villar
 
PPTX
Web programming
Leo Mark Villar
 
PPTX
Computer fundamentals-internet p2
Leo Mark Villar
 
PPTX
Computer fundamentals-internet p1
Leo Mark Villar
 
PPTX
Html
Leo Mark Villar
 
PPTX
Team foundation server
Leo Mark Villar
 
PPTX
Microsoft office 2013
Leo Mark Villar
 
PPTX
Sql performance tuning
Leo Mark Villar
 
PPTX
Angular js
Leo Mark Villar
 
Date security identifcation and authentication
Leo Mark Villar
 
Date security security principles
Leo Mark Villar
 
Data security authorization and access control
Leo Mark Villar
 
Date security introduction
Leo Mark Villar
 
Web programming
Leo Mark Villar
 
Computer fundamentals-internet p2
Leo Mark Villar
 
Computer fundamentals-internet p1
Leo Mark Villar
 
Html
Leo Mark Villar
 
Team foundation server
Leo Mark Villar
 
Microsoft office 2013
Leo Mark Villar
 
Sql performance tuning
Leo Mark Villar
 
Angular js
Leo Mark Villar
 

Recently uploaded (20)

PDF
Wojciech Ciemski for Top Cyber News MAGAZINE. June 2025
Dr. Ludmila Morozova-Buss
 
PPTX
UiPath Academic Alliance Educator Panels: Session 2 - Business Analyst Content
DianaGray10
 
PPT
Interview paper part 3, It is based on Interview Prep
SoumyadeepGhosh39
 
PDF
Smart Air Quality Monitoring with Serrax AQM190 LITE
SERRAX TECHNOLOGIES LLP
 
PDF
Building Real-Time Digital Twins with IBM Maximo & ArcGIS Indoors
Safe Software
 
PDF
CIFDAQ Token Spotlight for 9th July 2025
CIFDAQ
 
PDF
July Patch Tuesday
Ivanti
 
PDF
The Builder’s Playbook - 2025 State of AI Report.pdf
jeroen339954
 
PDF
How Startups Are Growing Faster with App Developers in Australia.pdf
India App Developer
 
PDF
Human-centred design in online workplace learning and relationship to engagem...
Tracy Tang
 
PDF
LLMs.txt: Easily Control How AI Crawls Your Site
Keploy
 
PDF
Impact of IEEE Computer Society in Advancing Emerging Technologies including ...
Hironori Washizaki
 
PDF
Using FME to Develop Self-Service CAD Applications for a Major UK Police Force
Safe Software
 
PPTX
AUTOMATION AND ROBOTICS IN PHARMA INDUSTRY.pptx
sameeraaabegumm
 
PPTX
MSP360 Backup Scheduling and Retention Best Practices.pptx
MSP360
 
PPTX
Top iOS App Development Company in the USA for Innovative Apps
SynapseIndia
 
PDF
Empower Inclusion Through Accessible Java Applications
Ana-Maria Mihalceanu
 
PDF
Chris Elwell Woburn, MA - Passionate About IT Innovation
Chris Elwell Woburn, MA
 
PPTX
WooCommerce Workshop: Bring Your Laptop
Laura Hartwig
 
PPTX
OpenID AuthZEN - Analyst Briefing July 2025
David Brossard
 
Wojciech Ciemski for Top Cyber News MAGAZINE. June 2025
Dr. Ludmila Morozova-Buss
 
UiPath Academic Alliance Educator Panels: Session 2 - Business Analyst Content
DianaGray10
 
Interview paper part 3, It is based on Interview Prep
SoumyadeepGhosh39
 
Smart Air Quality Monitoring with Serrax AQM190 LITE
SERRAX TECHNOLOGIES LLP
 
Building Real-Time Digital Twins with IBM Maximo & ArcGIS Indoors
Safe Software
 
CIFDAQ Token Spotlight for 9th July 2025
CIFDAQ
 
July Patch Tuesday
Ivanti
 
The Builder’s Playbook - 2025 State of AI Report.pdf
jeroen339954
 
How Startups Are Growing Faster with App Developers in Australia.pdf
India App Developer
 
Human-centred design in online workplace learning and relationship to engagem...
Tracy Tang
 
LLMs.txt: Easily Control How AI Crawls Your Site
Keploy
 
Impact of IEEE Computer Society in Advancing Emerging Technologies including ...
Hironori Washizaki
 
Using FME to Develop Self-Service CAD Applications for a Major UK Police Force
Safe Software
 
AUTOMATION AND ROBOTICS IN PHARMA INDUSTRY.pptx
sameeraaabegumm
 
MSP360 Backup Scheduling and Retention Best Practices.pptx
MSP360
 
Top iOS App Development Company in the USA for Innovative Apps
SynapseIndia
 
Empower Inclusion Through Accessible Java Applications
Ana-Maria Mihalceanu
 
Chris Elwell Woburn, MA - Passionate About IT Innovation
Chris Elwell Woburn, MA
 
WooCommerce Workshop: Bring Your Laptop
Laura Hartwig
 
OpenID AuthZEN - Analyst Briefing July 2025
David Brossard
 

Data security auditing and accountability

  • 2. THE NEED FOR ACCOUNTABILITY Even though we allowed a party to access a resource, we need to ensure that they behave in accordance with rules set.
  • 4. ACCOUNTABILITY • Provides the means to trace activities in our environment back to their source. • Depends on identification, authentication, and access control being present so that one can know who a given transaction is associated with and what permissions were used to allow them to carry it out. • Providing sufficient controls in place to deter or prevent those that would break the rules and abuse the resources they have access to
  • 5. SECURITY BENEFITS OF ACCOUNTABILITY • NONREPUDIATION • Refers to a situation in which sufficient evidence exists to prevent an individual from successfully denying that he or she has made a statement, or taken an action. • Example : system or network logs
  • 6. SECURITY BENEFITS OF ACCOUNTABILITY • DETERRENCE • If those monitored are aware that they are monitored and has been communicated to them that there will be penalties for acting against the rules, these individuals may think twice before straying outside the lines.
  • 7. SECURITY BENEFITS OF ACCOUNTABILITY • INTRUSION DETECTION AND PREVENTION • example implementation of alerts based on unusual activities in our environment and check information we have logged on a regular basis
  • 8. SECURITY BENEFITS OF ACCOUNTABILITY • ADMISSIBILITY OF RECORDS • It is often much easier to prove admissibility when records are produced from a regulated and consistent tracking system. This means the organization can provide a solid and documented chain of custody for said evidence such as showing where evidence was at all times, how exactly it passed from one person to another, how it was protected while it was stored and so on.
  • 9. AUDITING • A methodological examination and review of resources • Provides with data which can be implemented for accountability
  • 10. WHAT DO WE AUDIT • Password • Policies must be implemented to dictate how passwords are constructed and use • Software Licensing • Systems owned by the organization that all software used is appropriately licensed • Internet Usage • Use of instant messaging, e-mails, file transfers, or other transactions
  • 11. LOGGING • Gives history of the activities that have taken place in the environment being logged. • Logging mechanisms can be setup to log anything from solely critical events to every action carried out by the system or software such as : • Software error logs • Hardware failures • Users logging in and out • Resource access • Tasks requiring increased privileges in most logs
  • 12. LOGGING • Available to administrators for review and are usually not modifiable by the users of the system. • Logs must be regularly reviewed in order to catch anything unusual in their contents. • Logs may be asked to be analyze in relation to a particular incident or situation
  • 13. MONITORING • Subset of auditing and tends to focus on observing about the environment being monitored in order to discover undesirable conditions such as failures, resource shortages, security issues, and trends that might signal the arrival of such conditions.
  • 14. MONITORING • Typically watching specific items of data collected such as : • Resource usage on computers • Network latency • Attacks occurring repeatedly against servers with network interfaces exposed to the Internet • Traffic passing through physical access controls at unusual times of day • CLIPPING LEVEL – activities are occurring levels above what is normally expected
  • 15. ASSESSMENTS • A more active route of determining whether everything is as it should be and compliant with relevant laws, regulations, policies by examining the environment for vulnerabilities. • APPROACHES • Vulnerability Assessment • Penetration Testing
  • 16. VULNERABILITY ASSESSMENT • Involves use of vulnerability scanning tools in order to locate a vulnerability. • NESSUS • Vulnerability scanning tool checking target systems to discover which ports are open and then interrogating each open port to find out exactly which service is listening on the port in question. • With the information collected, it checks its database of vulnerability information to determine whether any vulnerability may be presernt.
  • 17. PENETRATION TESTING • Mimicking the techniques an actual attacker may use to penetrate a system.