1 / 18

Note1 (Admi1) Overview of administering security

Note1 (Admi1) Overview of administering security. Outline. Issues in administering security Security planning & policy Risk analysis Auditing Disaster recovery Management of resources and systems Management of Network security. Issues in administering security. Security planning & Policy

jamesmorton
Télécharger la présentation

Note1 (Admi1) Overview of administering security

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. Note1 (Admi1)Overview of administering security

  2. Outline • Issues in administering security • Security planning & policy • Risk analysis • Auditing • Disaster recovery • Management of resources and systems • Management of Network security Overview of Administering Security

  3. Issues in administering security • Security planning & Policy • Risk analysis • Auditing • Disaster recovery • Management of resources and systems • Management of Network security Overview of Administering Security

  4. Security Planning • A security plan is a document that describes how an organization will address its security needs. • When the organization’s security needs change, its security plan needs to be periodically reviewed and updated. Overview of Administering Security

  5. Security Planning- Issues • What the plan should contain?  content • Who should write the plan?  the security planning team • Support for the plan?  securing commitment to the plan • Implementation of the plan?  methods, tools, resources, … Overview of Administering Security

  6. Security Planning- Issues • What the plan should contain? • Security policy • Current security status • Requirements • Responsibility for implementation • Timetable • Reviews & updates Overview of Administering Security

  7. Security Planning- Issues • Members of the security planning team • CIO (chief information officer) • Hardware support personnel • Systems programmers • Application programmers • Data entry personnel • Physical security personnel • Representative users Overview of Administering Security

  8. Security Planning- Issues • Securing support for the plan • The plan needs to be accepted by the users and the involved personnel. • User education and publicity are needed to increase the users’ understanding of security. • Training of personnel is needed for implementing the plan. • The plan must be carried out. • Management commitment • Managers are concerned with ROI, vulnerability, risks, laws, etc. • Surveys and outside experts may be needed to persuade the managers to commit. Overview of Administering Security

  9. Security Planning- Issues • Implementation of the plan • Policy versus mechanisms • A policy defines what are or are not allowed. • A policy is enforced by various mechanisms (tools, methods, procedures, etc.). Overview of Administering Security

  10. Risk analysis • The first step in security planning is risk analysis. • A process to determine the exposures and their potential harm • The result of the risk analysis is important in securing management commitment to the security plan. • It justifies expenditures for security. Overview of Administering Security

  11. Risk analysis • Three steps: • A list of all exposures of a computing system and the expected cost of the loss • For each exposure, possible controls and their costs • A cost-benefit analysis • Does it cost less to implement a control or to accept the expected cost of the loss? Overview of Administering Security

  12. Auditing • Administrators should use audit facilities provided in the systems or 3rd party auditing tools to automate the audit analysis process. • Auditing tools provide snapshots of a system’s status. • Anomalies in the audit logs indicate potential attacks or problems. Overview of Administering Security

  13. Auditing • Automated tools should be used to detect inconsistencies in the audit logs  Intrusion Detection Systems (IDS) • The audit logs should be protected, by being sent to separate machines or written immediately to a printer. Overview of Administering Security

  14. Disaster recovery • When attacks and/or problems cannot be prevented, how to recover from the damage and loss should be planned in advance. • A contingency plan • An incident response plan and team • User awareness • User notification mechanisms Overview of Administering Security

  15. Types of Disasters • Natural disasters flood, falling water, fire, extreme temperature change, … • Power loss • Human vandals • Unauthorized access and use • Viruses, worms Overview of Administering Security

  16. Management of resources and systems • Acceptable use • Accounts, passwords • Files and devices • Access controls • Network security • Perimeter protection • Connectivity • Remote access • Securing the hosts • backups Overview of Administering Security

  17. Management of Network security • Perimeter protection • Firewalls, routers, wireless access points • Connectivity • The Internet • Local backbone • A map of physical connections • Remote access • VPN for telecommuters ? • telnet, ftp, rlogin ? • Securing the hosts in the network • Insiders’ attacks vs attacks from outside Overview of Administering Security

  18. Summary • Administering the security of an organization’s computer systems involve many issues. • An up-to-date security plan is a must. • Support for the plan is necessary. • A disaster response/recovery plan is important. • Periodic review and update is needed. Overview of Administering Security

More Related