210 likes | 393 Views
CS5493. Separate Domains of IT Infrastructure. 7 Domains of IT. User Domain Workstation Domain LAN Domain LAN to WAN Domain WAN Domain Remote Access System Application Domain. Logical Grouping of IT Domains. User/Workstation Network LAN LAN-WAN interface WAN
E N D
CS5493 Separate Domains of IT Infrastructure
7 Domains of IT • User Domain • Workstation Domain • LAN Domain • LAN to WAN Domain • WAN Domain • Remote Access • System Application Domain
Logical Grouping of IT Domains • User/Workstation • Network • LAN • LAN-WAN interface • WAN • Remote (Brave new world) • System/Application
User Domain • The subjects: • The people using the system. • This is the domain of the AUP
The AUP • Acceptable usage policy – a contract between the system owner and system user outlining the acceptable usage parameters of the computing system.
User Domain • Threats/Vulnerabilities • Lack of user awareness • User apathy toward policies • Security policy violations • Disgruntled employee attacks • Social engineering attacks • Etc • Mitigation strategies …
Workstation Domain • Usually refers to the computer on your desk or workspace. • This includes the staff supporting the workstations • The AUP is a key document for this domain
Workstation Domain • Risks/threats/vulnerabilities • Unauthorized access • Malware • Support staff threats/vulnerabilities • Social engineering attacks • Etc. • Mitigation strategies…
Network Domain • For the purpose of this course, we will combine the domains for LAN, LAN-to-WAN, and WAN into the Network Service Domain
Network Service Domain • Includes the equipment, cables, the wireless access, etc. • Key document is the SLA
SLA: Service Level Agreement • An agreement between the system provider and system user. Outlines provider responsibilities and defines realistic expectations to the users.
Network Service Domain • Threats/Vulnerabilities/ • Unauthorized access, physical or otherwise • Malware attacks • Hardware vulnerabilities • Support staff threats/vulnerabilities • Misuse of network resource by users • Clear-text (unencrypted) data traffic • DoS • Wireless attacks
Remote Access Domain • Accessing the computing services from outside the boundary of the computing system. • Smart phones • Laptop computers • PDAs • Remote E-mail usage • Wireless access • Access to cloud resources
Remote Access Domain • The AUP is the governing document
Remote Access Domain • threat/vulnerability • Theft or loss of electronic devices • Theft or loss of data • Unauthorized access (shoulder surfers) • Clear-text data transfer • Poor security on personal devices. • Reliability of cloud services
System/Application Domain • The critical infrastructure of server systems, applications, and data. • Payroll • Accounting, purchasing, billing • Sales • Intellectual property, etc. • Proprietary technology
System/Application Domain • Threat/vulnerability • Unauthorized access • Hardware failure • Data loss • Malware • Failure to keep systems and software up-to-date. • Social engineering attacks • etc
System/Application Domain • The governing document is the SLA.
Domain Group Assignments • User/Workstation Green Group • Network Blue Group • Remote Gold Group • System/Application Silver Group