80 likes | 206 Views
Driving Factors. Compliance. Risk Mgt. Security. Controls. Risks, Threats, Vulnerabilities. Risk – Generalized impact statement Ex: disclosure of ratepayer data would be bad Threat – a generic method of exploiting a risk Ex: interception of data in-flight or at rest
E N D
Driving Factors Compliance Risk Mgt Security Controls
Risks, Threats, Vulnerabilities • Risk – Generalized impact statement • Ex: disclosure of ratepayer data would be bad • Threat – a generic method of exploiting a risk • Ex: interception of data in-flight or at rest • Vulnerability – a specific, actual, existing technical issue that could be leveraged • Ex: an unencrypted customer information file on a server
Risk Profile: Confidential Data • Generalized Risks: • Disclosure, Unauthorized Modification • Threats: • Interception of data in-flight, at rest, after transformation, after export, before destruction • Vulnerabilities: • Unencrypted data transport • Unencrypted storage in flat files or in DB • Unencrypted storage after export to external components • Unencrypted data prior to disposal or destruction
Reliability Engineering • Security controls fail with individual unpredictability but consistently across large control sets or long periods of time • Layered security controls limit the scope and impact of individual control failures • Existing control set for this service • Firewalls, IDS, server hardening, patching, access request controls, authentication/authorization, filesystem access controls, virus scanning, enterprise hardening baseline analysis, OS software, service software, application software, maintenance scripts
Mapping Vulnerabilities to Controls • Vulnerability: Unencrypted data transport • Control: use NAESB, SFTP, or encrypted CD • Vulnerability: Unencrypted data storage • Control: • Vulnerability: Unencrypted data after transformation • Control: • Vulnerability: Unencrypted data prior to disposal • Control:
Data Transport Mechanisms • NAESB • Current Market Standard • Existing management and maintenance infrastructure • Existing application infrastructure • Strong authentication/encryption • SFTP • Strong transport encryption • Partially existing server infrastructure • Partially existing management infrastructure for static passwords • No existing management infrastructure for ssh-keys • Use of static passwords for authentication creates possibility for password recovery via brute-force or disclosure at endpoints • Reduced visibility from network security monitoring platform • Additional implementation risk • Additional management/maintenance risk
Data Transport Mechanisms • CD-R / DVD-R • Easy • Transportation via licensed/bonded couriers? • Still need to address encryption of data in transit • Physical media destruction becomes an issue • Need to develop operational procedures • Need to develop physical infrastructure for accepting, handling, storing, and destroying media