Upload
emmeline-newman
View
223
Download
0
Embed Size (px)
Citation preview
7 Domains of IT
1. User Domain
2.Workstation Domain
3.LAN Domain
4.LAN to WAN Domain
5.WAN Domain
6.Remote Access
7.System Application Domain
Logical Grouping of IT Domains
● User/Workstation
● Network
● LAN● LAN-WAN interface● WAN
● Remote (Brave new world)
● System/Application
The AUP
• Acceptable usage policy – a contract between the system owner and system user outlining the acceptable usage parameters of the computing system.
User Domain
● Threats/Vulnerabilities– Lack of user awareness – User apathy toward policies– Security policy violations– Disgruntled employee attacks– Social engineering attacks– Etc
Mitigation strategies …
User Domain
…Mitigation Strategies
User awareness training
Accountability through an AUP
Implement personnel access controls
Workstation Domain
● Usually refers to the computer on your desk or workspace.– This includes the staff supporting the workstations– The AUP is a key document for this domain
Workstation Domain
● Risks/threats/vulnerabilities– Unauthorized access– Malware– Social engineering attacks– Etc.
Mitigation strategies…
Workstation Domain
…Mitigation Strategies
User awareness training
logging
anti-malware
Accountability through an AUP
Network Service Domain
● For the purpose of this course, we will combine the domains for LAN, LAN-to-WAN, and WAN into the Network Service Domain
Network Service Domain
● Includes the equipment, cables, the wireless access, etc.
● Key document is the SLA
SLA: Service Level Agreement
• An agreement between the system provider and system user. Outlines provider responsibilities and defines realistic expectations to the users.
Network Service Domain
● Threats/Vulnerabilities/
– Unauthorized access, physical or otherwise– Malware attacks– Hardware vulnerabilities– Support staff threats/vulnerabilities– Misuse of network resource by users– Clear-text (unencrypted) data traffic– DoS– Wireless attacks
Network Service Domain
…Mitigation Strategies
IDS – intrusion detection system, like SNORT.
IPS – intrusion prevention system, like a firewall
Network Service Domain
…Mitigation Strategies
drop malicious packets, reset connection, block traffic from offending IP addresses, etc.
set up a DMZ, …
Remote Access Domain
● Accessing the computing services from outside the boundary of the computing system.– Smart phones– Laptop computers– PDAs– Remote E-mail usage– Wireless access– Access to cloud resources– Social media access
Remote Access Domain
● threat/vulnerability– Theft or loss of electronic devices– Theft or loss of data– Unauthorized access (shoulder surfers)– Clear-text data transfer– Poor security on personal devices.– Reliability of cloud services
Remote Domain
…Mitigation Strategies
User awareness training
Accountability through an AUP
reliable authentication (MFA?)
Data Encryption, etc
System/Application Domain
● The critical infrastructure of server systems, applications, and data.– Payroll– Accounting, purchasing, billing– Sales– Intellectual property, etc.– Proprietary technology– Personal information
System/Application Domain
● Threat/vulnerability– Unauthorized access– Hardware failure– Data loss– Malware– Failure to keep systems and software up-to-date.– Social engineering attacks– etc
System/Applications Domain
…Mitigation Strategies
Awareness training
Backup/RAID
Physical security,
Logging,
Data/system integrity monitor
Disaster recovery plan
etc