Академический Документы
Профессиональный Документы
Культура Документы
Security is “the quality or state of being secure – to be free from danger”. That
means to be protected from challenges, from those who would do harm, intentionally or
otherwise.
• Physical Security
• Personal security
• Operations security
• Communications security
• Network security
• Information security
The Information System assets we must protect via security measures can be
divided into two segments:
Assets
Physical
Personnel
Hardware
Logical
Mainframe, minis, micros
Data/Information
Peripherals: online/offline
Software
Storage media
System
Network
Application
Facilities
Documentation
Supplies
After the approval of the security policy it is necessary to develop the standards,
measures, practices and procedures.
Organization
It is necessary to formulate a proper organization for information security
management. The Information Security policy should provide general guidance on the
allocation of security roles and responsibilities in the organization. This should also be
supplemented with more detailed guidance for specific sites, systems or services. Local
responsibilities for individual physical and information assets and security processes,
such as business continuity planning should be defined clearly.
Executive management
Executive management in the organization is responsible for overall information
system asset protection. Executive management has to show commitment for
information security management by providing budgets and have follow-ups on
information security management policies and plans.
Security committee
The policies and procedures developed for information security management in
the organization affect the whole organization. Hence it is important to have support from
all stakeholders of the organization regarding information security management policies.
In order to implement the security policies and procedures in the organization a security
committee may be formulated. Formal terms of references may also be formulated for
this committee and recommendation be adopted by the organization.
Data owners
Data owners have the responsibility of maintaining accuracy, completeness and
integrity of data relating to different organizational business processes.
Process owners
Process owner have to ensure that the processes running on computer systems
are secure and are in-line with the procedures defined in the scope of security policies of
the organization.
IT developers
Security specialists/Advisors
Users
IT/IS users of the organization are responsible for having full knowledge of all
policies and procedures developed within organization. Users also have a heavy
responsibility of protecting individual Logon ID’s and Passwords to ensure security of
assets. They also maintain physical security of organizational assets.
IS Auditors
Intruders of the computer crimes have different categories including the following:
i. Hackers
A hacker is a person who attempts to invade the privacy of a system. Hackers
are normally skilled programmers, and have been known to crack system
passwords with consummate ease. The fact that billions of bits of information can
be transmitted in bulk over the public telephone network has made it hard to
trace individual hackers, who can therefore make repeated attempts to invade
systems. Hackers, in the past, have mainly been concerned to copy information,
but a recent trend has been their desire to corrupt it. The Computer Misuse Act
1990 addresses the problems of hacking, but clearly cannot prevent it.
ii. Employees
Organizational employees are another source of threat to the organizational
information assets. These employees may include both authorized and un-
authorized. Un-authorized employees intentionally attempt to break the security
implementations within the organization and try to gain access to organizational
information assets. While authorized employees, may cause loss to assets
intentionally or by mistake.
iii. IS personnel
These have the easiest access to organizational information, since they are the
custodians of information assets. Good segregation of duties apart from checks
like logical access controls will ensure reduction in attacks on assets from this
category of personnel.
iv. Outsiders
This may include the organized criminals like hackers, competitors or crackers
(paid hackers)
1. Fire Damage
Fire is often the most serious threat to physical security of information system
assets. A well designed fire-protection plan should be made in the organization.
Features of such like plan may include the following:
i. Both automatic and manual fire alarms are placed in the computer
rooms etc.
ii. Automatic fire extinguishers are placed at strategic places in the
organization.
iii. When a fire alarm is activated, a signal is sent automatically to a
control station that is always staffed.
iv. To minimize the risk of extensive damage from electrical fires,
electrical wiring should be placed in fire resistant panels and conduit.
Security administrators should arrange regular inspections and test of all dire-
protection system and ensure that they are properly serviced. Periodic trainings
of the staff to use such like equipments should also be arranged.
2. Water Damage
Water damage to information system assets might result in due to a fire (e.g. a
water based fire extinguisher is used which cause outflow of water in computer rooms
etc.). However water damages can also happen due to other natural disasters like floods
or torrential rains. To protect assets from water damages following measure could be
adapted:
3. Energy Variations
They can not only disrupt hardware operations in the organization but also
disturb the environmental factors (air-conditioning etc). Thus careful assessment
of the likelihood of energy failures is required to be made in the organization to
ensure continuous operations.
4. Terrorist activity
Political terrorism is the main risk, but there are also threats from individuals with
grudges. In some cases there is very little that an organisation can do: its
buildings may just happen to be in the wrong place and bear the brunt of an
attack aimed at another organisation or intended to cause general disruption.
There are some avoidance measures that should be taken, however.
Physical access to buildings should be controlled.
5. Accidental damage
People are a physical threat to computer installations: there can be few of us who
have not at some time spilt a cup of coffee over a desk covered with papers, or
tripped and fallen doing some damage to ourselves or to an item of office
equipment.
Combating accidental damage is a matter of:
i. Sensible attitudes to office behaviour.
ii. Good office layout.
LOGICAL THREATS
VIRUSES
Computer viruses are currently the case of much concern. A virus is a piece of
software which infects programs and data and which replicates itself. There are a
number of elements of design which may encourage the presence of a virus, including
the Trojan, the worm, the trap door, the logic bomb and the time bomb. The features of
these are described below.
Viruses need an opportunity to spread. The programmers of viruses therefore place
viruses in the kind of software which is most likely to be copied. This includes:
(a) free software (for example from magazine covers and bulletin boards);
(b) pirated software (cheaper than original versions); and
(c) games software (wide appeal).
The attractions of free or 'interesting' software are obvious. The dangers are not so
obvious. A popular computer game of the late 1980's, Leisure Suit Larry the Lounge
Lizard, has been reported as carrying a virus in pirated editions. This would appear to
be an extreme form of copyright protection, for if a user of a pirated version
successfully completed the game, his or her hard disk would be completely 'wiped'.
The problem has been exacerbated by the portability of computers and disks. Many
employees take disks home and may work on them on their own personal PCs. Office
PCs may be taken home and the opportunity taken to try out games or other software.
It is consequently very difficult to keep control over what disks are inserted into an
organisation's computers and similarly what computers may be used to retrieve data
from or store data to office disks.
Trojans
A Trojan is a program that while visibly performing one function secretly carries out
another. For example, a program could be running a computer game, while
simultaneously destroying a data file or another program. A Trojan's work is
immediate, and obvious. They are easy to avoid as they do not copy themselves onto
the target disk.
A classic example is a Trojan horse in the payroll calculating program that shaves
a barely noticeable amount off each paycheck and credits it to the perpetrator's
payroll account. Another example is a web application with a Trojan horse that
enables a perpetrator to execute arbitrary operating system commands in gaining
unauthorized access to a web server.
Worms
Whereas a Trojan attacks from without, a worm, which is a type of virus, attacks from
within. A worm is a program that survives by copying and replicating itself inside the
computer system it has entered, without necessarily altering that system. Other viruses
attach themselves to a program. When the host program is run, the virus attaches
itself to another program, so that if undetected every program in the system will be
infected. Viruses live anywhere, including the bootstrap program, and are designed to
remain hidden as long as possible.
Trap doors
A trap door is an undocumented entry-point into a computer system. It is not to be
found in design specifications but may be put in by software developers to enable
them to bypass access controls while working on a new piece of software. Because it
is not documented, it may be forgotten and rediscovered, by a hacker perhaps, at a
later date.
Logic bombs
A logic bomb is a piece of code triggered by certain events. A program will behave
normally until a certain event occurs, for example when disk utilisation reaches a
certain percentage. A logic bomb, by responding to set conditions, maximises damage.
For example, it will be triggered when a disk is nearly full, or when a large number of
users are using the system.
Time bombs
A time bomb is similar to a logic bomb, except that it is triggered at a certain date.
Companies have experienced virus attacks on April Fool's Day and on Friday 13th
These were released by time bombs.
Rounding Down
Programming areas
Computer room
Operator console
Tape library, tapes, disks, magnetic media
Storage rooms and supplies
Offsite backup facilities
Microcomputers
Power sources
Telecommunication
Printing facilities
LANs
Door locks
Access Logging
Cards allow a high degree of monitoring of staff movements; they can for
example be used instead of clock cards to record details of time spent on site.
Such cards can be incorporated into identity cards, which also carry the
photograph and signatures of the user and which must be displayed at all times.
Biometric access
Password policies
A password should be easy for the user to remember but difficult for
perpetrator to guess. Initial passwords may be allocated by the security
administrator or generated by the system itself. When the user logs on for the
first time, the system should force a password change to improve confidentiality.
Initial password assignments should be randomly generated and assigned,
where possible, on an individual, and not a group, basis.
iii. Passwords should not be particularly identifiable with the user (such as
first name, last name, spouse name, pet's name, etc.). Some
organizations prohibit the use of vowels, making word
association/guessing of passwords more difficult.
iv. The system should not permit previous password(s) to be used after
being changed.
Biometric Access
Server security
Workstation security
Client-server and distributed systems
Mainframe applications
Network security including remote access
The first instance where the user identification are entered is called the
primary domain. Every other resource, application or platform that uses those
identification is called a secondary domain. With a single user ID/password, a
user can log in to the enterprise network and access all network services,
databases, and applications that they need to perform their jobs. This eliminates
the need for users to have multiple user names and passwords.
Advantages of Single-sign on
Users select stronger passwords, since the need for multiple passwords
and change synchronization is avoided.
It reduces the time taken by users to log into multiple applications and
platforms.
Disadvantages of Single-Sign on
Using only one SSO server can introduce a single point of network failure.
The SSO server and other host security must be hardened since
Weaknesses can now be exploited across the enterprise.
Prepare a
project plan
Identify
Assets
Value
Assets
Identify
Threats
Assess
likelihood of
threats
Analyze
Exposures
Adjust
Controls
Prepare
Security
Report
Security Organization
Security
Physical Security Officer
Emergency Plan
Recovery Plan
The plan lays down the policies, guidelines and procedures for all
personnel who have responsibility for the Information Systems function to follow.
For example, it specifies the daily backup procedures that micro computer users
should follow and the site where recovery of main frame operations is to be
effected in the event of a fire.
Emergency Plan
In all cases, the personnel responsible for the actions must be identified,
and the protocols to be followed must be specified clearly.
Backup Plan
The backup plan specifies the type of backup to be kept the frequency
with which backup is to be undertaken, the procedures for making backup, the
location of backup resources, the site where these resources can be assembled
and operations restarted, the personnel who are responsible for gathering
backup resources and restarting operations, the priorities to be assigned to
recovering the various systems, and a time frame in which recovery of each
system must be effected. For some resources, the procedures specified in the
backup plan might be straightforward. For example, microcomputer users might
be admonished to make backup copies of critical .files and store them off site. In
other cases, the procedures specified in the backup plan could be complex and
somewhat uncertain. For example, it might be difficult to specify exactly how an
organization's mainframe facility will be recovered in the event of a fire.
The difficult part in preparing a backup plan is to ensure that all critical
resources are backed up. The following resources must be considered:
The need for backup highlights the value of using hardware and system
software that conform to widely accepted standards and developing portable
application systems. Specialized hardware and software might be more effective
and more efficient, but they undermine an organization's ability to recover from a
disaster quickly.
Recovery Plan
Test Plan
BCP is the act of proactively working out a way to prevent and manage the
consequences of a disaster, limiting it to the extent that a business can afford. Business
continuity planning determines how a company will keep functioning until its
normal facilities are restored after a disruptive event. This encompasses how
employees will be contacted, where they will go and how they will keep doing
their jobs.
Availability Interruption or
Disaster Event
Traditional Disaster
Recovery Plan
Restore Data
Periodic Periodic from Backups
Resume
offsite offsite Processing
Backup Backup Identify & Enter
Lost Data
Business
Continuous Perform target
mirroring of data to takeover and resume
Continuity
remote site processing
There are two key performance indicators (KPIs) that measure across the
business continuity spectrum:
i. Recovery Point Objective (RPO) – The pre-incident point in time that data
must be recovered to resume business transactions (acceptable
transaction data loss).
ii. Recovery Time Objective (RTO) – The maximum elapsed time required to
recover data and processing capability.
Each of these KPIs craft the meaning and levels of service that organizations
must consider when accessing business impact.
Business Continuity describes the processes and procedures an organization puts in
place to ensure that essential functions can continue during and after a disaster.
Business Continuity Planning seeks to prevent interruption of mission-critical services,
and to reestablish full functioning as swiftly and smoothly as possible. There are
standard for step processes to make a BCP.
2. Risk Analysis
Risk analysis identifies important functions and assets that are critical to a firm’s
operations, and then subsequently establishes the probability of a disruption to those
functions and assets. Once the risk is established, objectives and strategies to eliminate
avoidable risks and minimize impacts of unavoidable risks can be set. A list of critical
business functions and assets should first be compiled and prioritized. Following this,
determine the probability of specific threats to business functions and assets. For
example, a certain type of failure may occur once in 10 years. From a risk analysis, a set
objectives and strategies to prevent, mitigate, and recover from disruptive threats should
be developed.
4. Disaster Tolerance