Upload
maj
View
42
Download
0
Tags:
Embed Size (px)
DESCRIPTION
silver. consulting. JCC Elementary System/Application Domain. Alex Wehn Jacklyn Truong Nick Poczynek. silver. consulting. System/Application Domain. Consists of mission-critical systems, applications, and data Common threat targets Desktop OSs Server and Network OSs - PowerPoint PPT Presentation
Citation preview
JCC ElementarySystem/Application DomainAlex WehnJacklyn TruongNick Poczynek
silverconsulting
silverconsulting
System/Application Domain Consists of mission-critical systems, applications, and data Common threat targets
Desktop OSs Server and Network OSs E-mail applications and servers Enterprise Resource Planning applications and systems Web browsers
silverconsulting
Common Vulnerabilities Unauthorized physical or logical access to resources Weaknesses in server operating system or application
software Data loss from errors, failures, or disasters
Threat types Denial or destruction Alteration Disclosure
silverconsulting
Unauthorized Physical Access Gaining access to a physical entity or area without
permission from an administrative figure Computer rooms Data centers Wiring closets Physical data in transit
silverconsulting
Unauthorized Physical Access Examples
Poor security Unlocked doors Unguarded areas No badge access required Carelessness
Social engineering Impersonation to gain access Impersonation to gain access to someone/something with authorized
access
silverconsulting
Unauthorized Physical Access Why is it bad?
Sensitive systems could be destroyed Sensitive data stored on these systems could be stolen, altered,
or destroyed
silverconsulting
Unauthorized Physical Access Mitigation
Policies Escort all guests
Standards Secure areas containing sensitive systems
Lock doors
Security guard assigned to each secured area
Procedures RFID badge access to secure areas Check-in with valid ID badge
Guidelines Report suspicious activities Lock drawers before leaving your desk
silverconsulting
Unauthorized Logical Access Gaining access to data without permission from an
administrative figure Human resources and payroll Accounting and financial Student and parent information
Medical Grades Private information
silverconsulting
Unauthorized Logical Access Examples
Individuals have access to information unnecessary for their position in the workplace Non-payroll staff has access to all private employee information
Attacker gains access to systems Obtains unencrypted financial information
silverconsulting
Unauthorized Logical Access Why is it bad?
Staff with access to unnecessary data could accidently alter or destroy said data
Attackers can destroy, alter, and/or disclose information if they can gain access to our systems Deny access to important information
silverconsulting
Unauthorized Logical Access Mitigation
Encryption Classify data and roles
Certain roles are allowed to access only certain data
Second-level authentication Data handling standards
Do not store sensitive information on a personal thumb drive Encrypt e-mails Do not unnecessarily disclose information
silverconsulting
Software Vulnerabilities A flaw that exists in the programming of a software
component or system that allows a malicious attacker to gain unauthorized access to that system through an exploit.
Malware is malicious software that is capable of taking advantages of flaws in software and/or users in order compromise a software application.
silverconsulting
Software Vulnerabilities Vulnerabilities are often found in commonly used software:
Adobe Reader Adobe Flash Oracle Java Microsoft Office Microsoft Windows
Software built in-house is not immune to vulnerabilities.
silverconsulting
Software Vulnerabilities Why is it bad?
Gives attackers an entry point into your system Many remain undetected until they are actively exploited Sometimes user awareness isn't good enough Can be less targeted than other types of attacks
silverconsulting
Software Vulnerabilities Mitigation
User Awareness System Administrator Awareness Software Updates Good Security Policy Antivirus Software
silverconsulting
Server Vulnerabilities Server Vulnerabilities are vulnerabilities that occur in
software that exists on a server, rather than a user workstation
Server vulnerabilities may be similar to software vulnerabilities, but server vulnerabilities will require little to no user intervention to be exploited.
silverconsulting
Server Vulnerabilities Examples
Server Operating System Vulnerabilities Server Software Vulnerabilities Service Software (FTP, Apache, PHP .NET) Additional Software Vulnerabilities Security Software Vulnerabilities (Firewalls, Antivirus)
silverconsulting
Server Vulnerabilities Why is it bad?
Servers will generally have more access to sensitive information, therefore the impact of server vulnerabilities is much higher
Servers are not as carefully monitored as user workstations, allowing suspicious behavior to go unnoticed for extended periods of time
Many servers have services that are intentionally exposed to the internet, making them much easier to attack.
silverconsulting
Server Vulnerabilities Mitigation
Plan Configure
Careful/Minimal System Configuration Maintain
Software Updates Monitor for suspicious behavior
Improve Security Policy
silverconsulting
Data Loss What is "data"?
E-mails Grades Calendars and event schedules Payroll and employee records Curriculum
We deal with important data every day Teachers - imagine losing all of your course materials
Loss of data is one of computing's biggest threats
silverconsulting
Data Loss How do we prevent data loss?
Backups "A copy of a file or directory stored on a separate device" Must be performed frequently to be more useful Backups should be physically separated
silverconsulting
Data LossThere are three main types of backups:Full
Performed least often Bit-for-bit replica of a disk or partition
Differential Stores all data that has changed since the last full backup If differential backups become large, a new full image is needed
Incremental Backs up new or modified files Fast, provides a comprehensive revision history
silverconsulting
Data Loss Common Backup Mistakes
Backups should be verified What happens if you restore data from a backup that was corrupted?
Not separating applications and data System images should be available in case you need to reinstall your
OS and applications User data can then be grabbed as needed Some data is more static than other data
Performing backups infrequently If your most recent backup was over a week ago, what would you lose?
silverconsulting
Data Loss Common Vulnerabilities
Hardware failure When computer systems fail, we rely on backups and redundancy
Natural disasters Our backups need to be physically separated to avoid complete data
loss by fires and natural disasters
System errors System crashes can occur during data transfers
silverconsulting
Data Loss Working at a school presents additional data-related
concerns FERPA
Academic records are closely controlled under federal law Negligence in protecting this data presents legal issues
HIPAA We may be required to store and protect health information for
students, faculty, and staff
silverconsulting
Data Loss Be prepared
Business Continuity Plan (BCP) Conduct a business impact analysis to decide which computer uses are
most important Determine how long it will take to recover and make these uses
available (RTO) Prepare the BCP to focus on the most important uses for work to
continue
Disaster Recovery Plan (DRP) Prepare DRP based on BCP Start DRP for most important systems first Organize a DRP team and remote data center
silverconsulting
Data Loss Be aware of backup procedures and policies After a certain period, backups must be transferred to a more
permanent storage format
silverconsulting
Data LossHow is data recovered?A data recovery policy is put in placeAn electronic form is available to document the incidentThe help desk creates a ticket and gathers required informationThe requested data is accessed from the archives
If recovery is successfully, it must be delivered Can be transferred to requested disk location or emailed
silverconsulting
Data LossData recovery, cont.Keep in mind that recovery speed may vary based on the age of the requested file
Recovery from older tape archives can take a long time Recovery from yesterday’s incremental backup can be almost
immediate
silverconsulting
Reducing Risks Physically secure areas containing sensitive systems Implement encryption and data handling standards Minimize data access Backup data Develop a BCP and DRP Be aware of all applications on the network Plan, configure, maintain, and improve network servers Develop and implement standards Read and understand your provided Acceptable Use Policy
silverconsulting
What if I Need Help? Call the Help Desk! Report suspected IT policy violations to your supervisors For help with production systems and uses
Contact the Director of System and Applications or the Director of Software Development
For help with system/application domain security policies, standards, procedures, and guidelines Contact the Director of IT Security
Questions?
silverconsulting