1 / 16

Assuring Reliable and Secure IT Services

Chapter 6 focuses on the critical aspects of availability in IT services, detailing strategies for high-availability facilities, uninterruptible power supply, and essential physical security measures. It covers proactive measures, including climate control, network connectivity, and effective help desk protocols. The chapter also addresses threat classification, from external attacks to virus intrusions, and outlines defensive strategies like security policies, firewalls, and encryption. Additionally, it promotes a robust security management framework to ensure disciplined change management and user education, ultimately prioritizing risks based on their consequences and probabilities.

laasya
Télécharger la présentation

Assuring Reliable and Secure IT Services

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. Assuring Reliable and Secure IT Services Chapter 6

  2. Availability Math • Availability of components in series

  3. High-availability Facilities • Uninterruptible electric power delivery • Physical security • Climate control and fire suppression • Network connectivity • Help desk and incident response procedures

  4. Classification of Threats • External attacks • Intrusion • Viruses and worms

  5. Defensive Measures • Security policies • Firewalls • Authentication • Encryption • Patching and change management • Intrusion detection and network monitoring

  6. A Security Management Framework • Make deliberate security decisions. • Consider security a moving target. • Practice disciplined change management. • Educate users. • Deploy multilevel technical measures, as many as you can afford.

  7. HIGH High Consequence High Consequence Low Probability High Probability CRITICAL THREATS Consequences PRIORITIZE THREATS Low Consequence Low Consequence Low Probability High Probability LOW MINOR THREATS 0 Probability 1 Managing Infrastructure Risks: Consequences and Probabilities Source: Applegate, Lynda M., Robert D. Austin, and F. Warren , Corporate Information Strategy and Management . Burr Ridge, IL: McFarlan McGraw - Hill/Irwin, 2002. Chapter 6 Figure 6 - 9

  8. Incident Management and Disaster Recovery • Managing incidents before they occur. • Sound infrastructure design • Disciplined execution of operating procedures • Careful documentation • Established crisis management procedures • Rehearsing incident response • Managing during an incident. • Managing after an incident.

More Related