1 / 69

Overview: Designing Security Business Continuity

Learn how to ensure the availability and security of your business in the face of system failures, disasters, and security threats. Understand business impact analysis, recovery time objectives (RTO), recovery point objectives (RPO), and various techniques for business continuity and disaster recovery planning.

nicholem
Download Presentation

Overview: Designing Security Business Continuity

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript


  1. Overview: Designing SecurityBusiness Continuity Security Planning Susan Lincke

  2. Information Security Goals Confidentiality CIA Triad Integrity Availability Conformity to Law & Privacy Requirements

  3. Imagine a system failure… • Server failure • Disk System failure • Hacker break-in • Denial of Service attack • Extended power failure • Snow storm • Spyware • Malevolent virus or worm • Earthquake, tornado • Employee error or revenge • How will this affect each business?

  4. First Step: Business Impact Analysis • Which business processes are of strategic importance? • What disasters could occur? • What impact would they have on the organization financially? Legally? On human life? On reputation? • What is the required recovery time period? • Answers obtained via questionnaire, interviews, or meeting with key users of IT

  5. Event Damage Classification Negligible: No significant cost or damage Minor: A non-negligible event with no material or financial impact on the business Major: Impacts one or more departments and may impact outside clients Crisis: Has a major material or financial impact on the business Minor, Major, & Crisis events should be documented and tracked to repair

  6. Determine Criticality of Business Processes

  7. Workbook:Disasters and Impact

  8. Recovery Time: Terms Interruption Window: Time duration organization can wait between point of failure and service resumption Service Delivery Objective (SDO): Level of service in Alternate Mode Maximum Tolerable Outage: Max time in Alternate Mode Disaster Recovery Plan Implemented Regular Service Regular Service Alternate Mode SDO Time… Restoration Plan Implemented Interruption Window Interruption Maximum Tolerable Outage

  9. Definitions Business Continuity: Offer critical services in event of disruption Disaster Recovery: Survive interruption to computer information systems Alternate Process Mode: Service offered by backup system Disaster Recovery Plan (DRP): How to transition to Alternate Process Mode Restoration Plan: How to return to regular system mode

  10. Classification of Services Critical $$$$: Cannot be performed manually. Tolerance to interruption is very low Vital $$: Can be performed manually for very short time Sensitive $: Can be performed manually for a period of time, but may cost more in staff Nonsensitive¢: Can be performed manually for an extended period of time with little additional cost and minimal recovery effort

  11. RPO and RTO Recovery Point Objective Recovery Time Objective Interruption Interruption 1 1 1 Hour Day Week 1 1 1 Week Day Hour How far back can you fail to? How long can you operate without a system? One week’s worth of data? Which services can last how long?

  12. Recovery Point Objective Backup Images Mirroring: RAID Orphan Data: Data which is lost and never recovered. RPO influences the Backup Period

  13. Business Impact Analysis Summary Work Book Partial BIA for a university

  14. High Availability Solutions • RAID: Local disk redundancy • Fault-Tolerant Server: When primary server fails, backup server resumes service. • Distributed Processing: Distributes load over multiple servers. If server fails, remaining server(s) attempt to carry the full load. • Storage Area Network (SAN): disk network supports remote backups, data sharing and data migration between different geographical locations

  15. RAID – Data Mirroring AB CD ABCD ABCD RAID 0: Striping RAID 1: Mirroring AB CD Parity Higher Level RAID: Striping & Redundancy Redundant Array of Independent Disks

  16. Network Disaster Recovery Last-mile circuit protection E.g., Local: microwave & cable Alternative Routing >1 Medium or > 1 network provider Long-haul network diversity Redundant network providers Redundancy Includes: Routing protocols Fail-over Multiple paths Diverse Routing Multiple paths, 1 medium type Voice Recovery Voice communication backup

  17. Question The amount of data transactions that are allowed to be lost following a computer failure (i.e., duration of orphan data) is the: Recovery Time Objective Recovery Point Objective Service Delivery Objective Maximum Tolerable Outage

  18. Question When the RTO is large, this is associated with: Critical applications A speedy alternative recovery strategy Sensitive or nonsensitive services An extensive restoration plan

  19. Question When the RPO is very short, the best solution is: Cold site Data mirroring A detailed and efficient Disaster Recovery Plan An accurate Business Continuity Plan

  20. Summary The main issue with Business Continuity is AVAILABILITY: How can an organization continue to operate without computers? BIA & BC Which services should be prioritized? Criticality Classification How much time/data can we afford to lose per service? RTO & RPO How does IT recover? Disaster Recovery Plan Techniques include: Cloud Recovery Sites Redundancy/High Availability Big Data Backup & Recovery Ensuring success: Planning Testing Measuring Insurance

  21. Info Security

  22. Information Security Principles Need-to-know: Persons should have ability to access data sufficient to perform primary job and no more Least Privilege: Persons should have ability to do tasks sufficient to perform primary job and no more Segregation of Duties: Ensure that no person can assume two roles: Origination, Authorization, Distribution, Verification Privacy: Personal/private info is retained only when a true business need exists: Privacy is a liability • Retain records for short time Personnel office should change permissions as jobs change

  23. Information Owneror Data Owner Is responsible for the data within business (mgr/director - not IS staff) Determines who can have access to data and may grant permissions directly OR Gives written permission for access directly to security administrator, to prevent mishandling or alteration Periodically reviews authorization to restrict authorization creep

  24. Other Positions Data Custodian • IS (security or IT) employee who safeguards the data • Performs backup/restore • Verifies integrity of data • Documents activities • May be System Administrator Security Administrator • Allocates access to employees based on written documentation • Monitors access to terminals and applications • Monitors invalid login attempts • Prepares security reports

  25. Criticality Classification Critical $$$$: Cannot be performed manually. Tolerance to interruption is very low Vital $$: Can be performed manually for very short time Sensitive $: Can be performed manually for a period of time, but may cost more in staff Nonsensitive ¢: Can be performed manually for an extended period of time with little additional cost and minimal recovery effort

  26. Proprietary: Strategic Plan Confidential: Salary & Health Info Private: Product Plans Public Product Users Manual near Release Sensitivity Classification(Example) Internal

  27. Sensitivity ClassificationWorkbook

  28. Handling of Sensitive Data

  29. Permission types Read, inquiry, copy Create, write, update, append, delete Execute, check Access Matrix Model (HRU)

  30. Information Asset Inventory Work book

  31. Question The person responsible for deciding who should have access to a data file is: • Data custodian • Data owner • Security administrator • Security manager

  32. Question Least Privilege dictates that: • Persons should have the ability to do tasks sufficient to perform their primary job and no more • Access rights and permissions shall be commensurate with a person’s position in the corporation: i.e., lower layers have fewer rights • Computer users should never have administrator passwords • Persons should have access permissions only for their security level: Confidential, Private or Sensitive

  33. Question A concern with personal or private information is that: • Data is not kept longer than absolutely necessary • Data encryption makes the retention of personal information safe • Private information on disk should never be taken off-site • Personal data is always labeled and handled as critical or vital to the organization

  34. Question The person responsible for restricting and monitoring permissions is the: • Data custodian • Data owner • Security administrator • Security manager

  35. Workbook:Role-Based Access Control

  36. Network Security

  37. Security: Defense in Depth Border Router Perimeter firewall Internal firewall Intrusion Detection System Policies & Procedures & Audits Authentication Access Controls

  38. Attacking the NetworkWhat ways do you see of getting in? Border Router/Firewall The Internet De-Militarized Zone Commercial Network Internal Firewall WLAN Private Network

  39. Filters: Firewalls & Routers The good, the bad & the ugly… Filter The Good The bad & the ugly Route Filter: Verifies source/destination IP addresses Packet Filter: Scans headers of packets Content Filter: Scans contents of packet (e.g., IPS) Default Deny: Any packet not explicitly permitted is rejected Fail Safe or Fail Secure: If router fails, it fails shut

  40. Packet Filter Firewall Web Response Illegal Dest IP Address Web Request Email Response SSH Connect Request DNS Request Web Response Ping Request Illegal Source IP Address Email Response FTP request Microsoft NetBIOS Name Service Email Connect Request Telnet Request

  41. Informal Path of Logical Access Campus Login Students &Instructors Desire2Learn Library Register Public: Potential Students Graduates Lab Advisors & Registrars Students &Instructors Public Web Legend Staff Nurses Public Health Services PoS Private Confidential

  42. Step 1: Determine Services: Who, What, Where?Workbook

  43. Step 2: Determine Sensitivity of ServicesWorkbook

  44. Multi-Homed Firewall:Separate Zones Internet Screening Device: Router The router serves as a screen for the Firewall, preventing Denial of Service attacks to the Firewall. Private Payment Card Zone Screened Host Demilitarized Zone IPS E-Commerce External DNS Email Server Web Server Protected Internal Network Zone Database/File Servers IDS

  45. Isolation & Compartmentalization • Compartmentalize network • by Sensitivity Class & Role • Segment Network into Regions = Zones • E.g., DMZ, wireless, Payment Card • Isolate Apps on Servers: • physical vs. virtual (e.g. VMware) • Virtual Servers combine onto one Physical server. • has own OS and limited section of disk. • Hypervisor software is interface between virtual system’s OS and real computer’s OS.

  46. Step 3: Allocate Network ZonesWorkbook

  47. Step 4: Define ControlsWorkbook

  48. Draw the Network Diagram Internet Router Demilitarized Zone External DNS Public Web Server E-Commerce Email Firewall Zone 3:Student Data Student Scholastic Student Billing Student History Zone 1: Student Labs & Files Zone 2: Faculty Labs & Files Student Records Student Billing Transcripts

  49. MSVisioDiagram

  50. Network Security Summary Step 1: Determine Services: What, Who, Where? Who accesses which services from where? Step 2: Determine Sensitivity of Services Compartmentalizationor Separationpartitions services across physical or virtual servers to provide protection between them Step 3: Allocate Network Zones Compartmentalizationpartitions a network to provide protection Step 4: Define Controls Confidentiality, authenticity, integrity, non-repudiation controls Anti-hacker controls Step 5: Draw the Network Diagram

More Related