DEFENSE IN DEPTH
Defense-in-depth involves using multiple layers of controls to avoid having a single point of failure. Computer security involves using a combination of firewalls, passwords, and other preventive procedures to restrict access. Redundancy also applies to detective and corrective controls.
Major types of preventive controls used for defense in depth include:
Authentication controls to identify the person or device attempting access.
Authorization controls to restrict access to authorized users. These controls are implemented with an access control matrix and compatibility tests.
Training to teach employees why security measures are important and teach them to use safe computing practices.
Physical access controls to protect entry points to
…show more content…
the building, to rooms housing computer equipment, to wiring, and to devices such as laptops, cell phones, and PDAs. Remote access controls include routers, firewalls, and intrusion prevention systems to prevent unauthorized access from remote locations. A border router connects the IS to the Internet. Behind the router is the main firewall.
It works with the border router to filter information trying to enter or leave the organization.
Data is transmitted over the Internet in packets through a protocol called TCP/IP. A set of rules called an access control list (ACL) determines which packets are allowed in and which are dropped. Stateful packet filtering examines the header of each packet in isolation. Deep packet filtering examines the data in the body of a packet to provide more effective access control. Deep packet filtering is the heart of a new type of filter called intrusion prevention systems.
Internal firewalls can be used to segment different departments within an organization.
Web servers and email servers are placed in a separate network outside the corporate network referred to as the demilitarized zone.
Special attention must be paid to use of rogue modems by employees. Wireless access and dial-up modems require special security procedures.
Host and application hardening procedures involve the use of supplemental preventive controls on workstations, servers, printers, and other devices. Special attention should be paid to host configuration, user accounts, and software
design. Encryption provides the final barrier. It involves transforming normal text, called plaintext, into unreadable gibberish, called cipher text. Decryption reverses the process. The factors that determine the strength of an encryption system are the length of the key, key management policies, and the nature of the encryption algorithm. There are both symmetric and asymmetric encryption systems. Symmetric systems use the same key to encrypt and decrypt. Asymmetric systems use both a public and a private key. E-business uses symmetric encryption to encode most data, since it is faster, and uses asymmetric encryption to safely send the symmetric key to the recipient. Hashing transforms plaintext into a short code called a hash. A digital signature is a hashed document that has been encrypted with the sender’s private key. A digital certificate certifies the owner of a particular public key. An organization that issues public and private keys and records the public key in a digital certificate is a certificate authority. Preventive controls are never 100% effective, so organizations implement controls to enhance security by monitoring the effectiveness of preventive controls and detecting incidents in which they have been circumvented. Detective controls include: Log analysisthe process of examining logs which record who accesses the system and the actions they take. Intrusion detection systems (IDS) automate the monitoring of logs of network traffic permitted to pass the firewall. The most common analysis is to compare the logs to a database containing patterns of known attacks. Managerial reports can be created to disclose the organization’s performance with respect to the COBIT objectives. Key performance indicators include downtime caused by security incidents, number of systems with IDS installed, and the time needed to react to security incidents once they are reported. Security testing includes Vulnerability scans, which use automated tools designed to identify whether a system contains any well-known vulnerabilities. Penetration testing which involves an authorized attempt by either an internal audit team or external security consulting firm to break into the organization’s IS. Corrective controls include the following: A computer emergency response teams (CERT), consisting of technical specialists and senior operations management, to deal with major incidents. The CERT leads the organization’s incident response process through four steps, which must be practiced regularly: Recognizing that a problem exists. Containing the problem. Recovery. Follow up.
4. Server hardening – Request copies for your hosting company’s server hardening steps. This will detail the process of how they apply their measures for security to your servers.
...work Security Article). With this given information in the essay, is a great start to learn how to keep your network secure. This is only a small part of the prevention of infiltration of your network and computer. If one desires to learn more, go above and beyond and continue to learn on how to keep your network secure.
Professor Dershowitz's article on "The Best Defense" details the faults and realities of the criminal justice system. Dershowitz's enumeration of the thirteen "rules" in the legal system shed a negative light not only on the players in the system, but on the whole criminal justice process. He brings to attention that many defendants are in fact guilty, but their guilt, or lack thereof, is not correlated to whether they serve time or not. His position as a professor and lawyer allows him to criticize the system, without fearing income repercussions for divulging certain unsaid secrets kept among the players in the system and give some insight to outsiders who are usually kept out of the loop on the unfairness of the system.
The firewall is commonly the first line of defense in the layered security structure. Also known as a broader sentry. “The firewall protects the internal network from unauthorized access from the internet, but also has the ability to protect internet from rogue users or applicatio...
Security helps the organization meet its business objectives or mission by protecting its physical and financial resources, reputation, legal position, employees, and other tangible and intangible assets through the selection and application of appropriate safeguards. Businesses should establish roles and responsibilities of all personnel and staff members. However, a Chief Information Officer should be appointed to direct an organization’s day to day management of information assets. Supporting roles are performed by the service providers and include systems operations, whose personnel design and operate the computer systems. Each team member must be held accountable in ensuring all of the rules and policies are being followed, as well as, understanding their roles, responsibilities and functions. Organizations information processing systems are vulnerable to many threats that can inflict various types of damage that can result in significant losses (Harris, 2014). Losses can come from actions from trusted employees that defraud the system, outside hackers, or from careless data entry. The major threat to information protection is error and omissions that data entry personnel, users, system operators and programmers make. To better protect business information resources, organizations should conduct a risk analysis to see what
Please read the article “Security Controls for Computer Systems” at the following URL. http://www.rand.org/pubs/reports/R609-1/index2.html 1.
It is clear that their primary concern is to protect their intellectual property. In order to align with the priority, a review of any and all security documentation, including but not limited to policies & procedures, plans (password, compliance, audit, risk, disaster recovery, incident response), and training. And based on the findings, provide recommendations for best practice and policy improvements where applicable. Network and architecture diagrams are necessary to understanding the infrastructure and identifying where the deficits
It was integrated with one platform( three products with various interfaces) and it is beneficial for the admin
Security includes several areas such as personal security, organizational security and among others. Security access control is an important aspect of any system.it is act of ensuring that an authenticated user accesses only what they are authorized to and no more. Nearly all application that deal with financial, privacy, or defence include some form of access control .Access control is concerned with determining the allowed activities of legitimate uses mediating every attempt by a user to access a resource in the system.
A firewall security policy is used to define that which traffic is authorized to pass in each direction. It can be designed either to operate as a filter at the level of IP packets or operate at a higher protocol layer.
Protecting information while at rest and motion is a part of the concept adopted from the defense in depth. Information saved in our computer systems may be exposed to so many threats like transfer of data from the system using a flash drive. To ensure the information is safe and well protected from such an incidence certain layers should be put in place. The three layers that help to conceptualize defense id depth include people who form the outer layer, network security forming the second layer, host-based security, and application security forming the inner layers respectively. These layers are formed from three controls (administrative controls, logical controls, and physical controls) in which the concept of defense in depth is based
Lock Down Your Wi-Fi Network: 8 Tips for Small Businesses | PCWorld. (n.d.). Retrieved from http://www.pcworld.com/article/244012/lock_down_your_wi_fi_network_8_tips_for_small_businesses.html
Access control is described as “the process of regulation of the kind of access (e.g. – read access, write access, no access) an entity has to the system resources” [7]. Access control can therefore prevent and enable parts of the systems to perform certain actions and access specific files and data. Access control lists are used to store the privilege information. Entries are stored in access control lists that specify whether an entity has the right to either access, write, or execute certain sections of a system [8].
Whether a person is an occasional computer user, works in a major corporation, or within a government agency there is a dangerous risk out there. That risk is one that everyone must be concerned with, inadequate computer security. Computer security has become essential in today’s well connected digital world. Everyone wants to communicate with someone at sometime, and normally these communications need to be secure. If these communications are going through any sort of electronic device they are passing through some type of communications network. Whether the information is traveling around the world or just across the room to another computer this information is at risk. Safeguards must be implemented to the computers and networks that they use to protect them from viruses, intruders, and system failures.
There are a wide variety of ways to protect confidential information, security software, encrypting files, requiring authorization, restricting access just to name most common forms of protection. Many companies require employees to use an employee ID card to scan into the building and go in certain areas of the building or use certain equipment. Companies also have systems where employees must request access to certain computer programs or systems that need a manager’s approval and for the IT department to get them set up and