Please enable JavaScript.
Coggle requires JavaScript to display documents.
Network Security (Ensuring Business Continuity
Make certain that…
Network Security
Importance of Network Security
- Major Business Concern
- Organizational data far exceeds cost of networks
- Losses associated with security failures can be large
-
-
Risk Assessment
Risk Assessment Frameworks
- Operationally Critical Threat,
Asset, and Vulnerability Evaluation (OCTAVE)
- Control Objectives for Information
and Related Technology (COBIT)
- Risk Management Guide for
Information Technology System (NIST guide)
Risk Assessment Step
1. Develop risk measurement criteria
- The measures used to examine how threats impact the organization
- Prioritize and evaluate each measure
2. Inventory IT assets
- Mission-critical applications and data are the most important
- Document and evaluate why each asset is important to the organization
3. Identify threats
- Any potential occurance that can do harm, interrupt
the system using the network, or cause a monetary loss to organization
- Create threats scenarios that describe how an asset can be compromised by a threat
4. Document existing controls
- Identify controls and determine how they will be used in risk control strategy
- Risk acceptance : Organizations may choose to take no actions for risks that have low impacts
- Risk mitigation : Use of control to remove or reduce impact of threat
- Risk sharing : Transferring all or part of impact (e.g., Insurance)
- Risk deferring : For non-imminent risks
5. Identify improvements
- It is infeasible to mitigate all risks
- Evaluate adequacy of the controls and degree of risk associated with each threat
- Establish priorities for dealing with threats to network security
Ensuring Business Continuity
Make certain that organization's data and applications will continue to operate even in the face of disruption, destruction, or disaster
Virus protection
- Nearly all organizations experience computer viruses
- Widespread infection is less common
- Threat mitigated using antivirus software and training
-
-
Device Failure Protection
Method of reducing failures and their impacts
- Redundancy in devices and circuits
- Uninterruptible power Supply (UPS)
- Failover server cluster
Disaster Protection
Disaster recovery plan
- identify response to different type of disasaters
- provide recovery of data, applications and network
- specify the backup and recovery controls
Intrusion Prevention
Firewalls
-
Application-level firewalls
Use stateful inspection to examine traffic at layer 5
for anomalous behaviour
Network Address Translation
- Convert one IP address to another
- Often from a publicly routable
address to a private address
-
User Authentication
- User profiles are used to manage access to resources
- Types of authentication
- Something you know
- e.g., passwords, passphrases, and pin numbers
- Something you have
- e.g., access cards, smart cards, tokens, phones
- Something you are
- Biometrics like fingerprints, handprints, retina
- Using multiple types of authentication provides increased security (multi-factor authentication)
- Most organizations moving to centralized authentication
Recommended Practices
- Clear disaster recovery plan
- Strong security policy
- Rigorously enforced
- User training
- Use of security controls
- Content filtering
-