ITM 309 Lecture Notes - Lecture 10: Dumpster Diving, Identity Theft, Phishing

Information security: the protection of information from accidental or intentional misuse by persons inside or outside an organization: downtime: refers to a period of time when a system is unavailable. The first line of defense people: organizations must enable employees, customers, and partners to access information technology, the biggest issue surrounding information security is not a technical issue but a people issue. Pretexting: the first line of defense on organization should follow to help combat insider issues is to develop information security policies and an information security plan. The second line of defense technology: authentication and authorization, prevention and resistance, detection and response. Authentication and authorization: authentication: method for confirming identities, authorization: process of giving someone permission to do or have something. Phishing: gain personal info via fraud emails. Pharming: reroutes to fake websites: most secure authentication has: Something that is part of the user (highest level of security) Intel developing trukey facial recognition to replace passwords.