Separate Domains of IT Infrastructure

CS5493

7 Domains of IT

1. User Domain

2.Workstation Domain

3.LAN Domain

4.LAN to WAN Domain

5.WAN Domain

6.Remote Access

7.System Application Domain

Logical Grouping of IT Domains

● User/Workstation

● Network

● LAN● LAN-WAN interface● WAN

● Remote (Brave new world)

● System/Application

User Domain

● The subjects:● The people using the system.● This is the domain of the AUP

The AUP

• Acceptable usage policy – a contract between the system owner and system user outlining the acceptable usage parameters of the computing system.

User Domain

● Threats/Vulnerabilities– Lack of user awareness – User apathy toward policies– Security policy violations– Disgruntled employee attacks– Social engineering attacks– Etc

Mitigation strategies …

User Domain

…Mitigation Strategies

User awareness training

Accountability through an AUP

Implement personnel access controls

Workstation Domain

● Usually refers to the computer on your desk or workspace.– This includes the staff supporting the workstations– The AUP is a key document for this domain

Workstation Domain

● Risks/threats/vulnerabilities– Unauthorized access– Malware– Social engineering attacks– Etc.

Mitigation strategies…

Workstation Domain

…Mitigation Strategies

User awareness training

logging

anti-malware

Accountability through an AUP

Network Service Domain

● For the purpose of this course, we will combine the domains for LAN, LAN-to-WAN, and WAN into the Network Service Domain

Network Service Domain

● Includes the equipment, cables, the wireless access, etc.

● Key document is the SLA

SLA: Service Level Agreement

• An agreement between the system provider and system user. Outlines provider responsibilities and defines realistic expectations to the users.

Network Service Domain

● Threats/Vulnerabilities/

– Unauthorized access, physical or otherwise– Malware attacks– Hardware vulnerabilities– Support staff threats/vulnerabilities– Misuse of network resource by users– Clear-text (unencrypted) data traffic– DoS– Wireless attacks

Network Service Domain

…Mitigation Strategies

IDS – intrusion detection system, like SNORT.

IPS – intrusion prevention system, like a firewall

Network Service Domain

…Mitigation Strategies

drop malicious packets, reset connection, block traffic from offending IP addresses, etc.

set up a DMZ, …

Remote Access Domain

● Accessing the computing services from outside the boundary of the computing system.– Smart phones– Laptop computers– PDAs– Remote E-mail usage– Wireless access– Access to cloud resources– Social media access

Remote Access Domain

• The AUP is the governing document

Remote Access Domain

● threat/vulnerability– Theft or loss of electronic devices– Theft or loss of data– Unauthorized access (shoulder surfers)– Clear-text data transfer– Poor security on personal devices.– Reliability of cloud services

Remote Domain

…Mitigation Strategies

User awareness training

Accountability through an AUP

reliable authentication (MFA?)

Data Encryption, etc

System/Application Domain

● The critical infrastructure of server systems, applications, and data.– Payroll– Accounting, purchasing, billing– Sales– Intellectual property, etc.– Proprietary technology– Personal information

System/Application Domain

● Threat/vulnerability– Unauthorized access– Hardware failure– Data loss– Malware– Failure to keep systems and software up-to-date.– Social engineering attacks– etc

System/Applications Domain

…Mitigation Strategies

Awareness training

Backup/RAID

Physical security,

Logging,

Data/system integrity monitor

Disaster recovery plan

etc

System/Application Domain

• The governing document is the SLA.

Domain Group Assignments

● User/Workstation Green Group● Network Blue Group● Remote Red Group● System/Application Gold Group