Total Security
Issues to consider:
Physical Security
who has physical access to the computer?
audit logging of all activities
removable hard drives
ZIP disks, JAZZ drives, etc.
USB memory sticks - encrypt data in
case of loss or theft
backup tapes
backup tape encryption
host-based
encryption, where the host (the server) performs the encryption
•encryption
before
the
data hits the wire by an encrypting PCI card, which authenticates to and
receives
keys from a key-management appliance on the same network.
•data-encrypting
backup software (i.e. Symantec, Legato Networker)
standalone
and inline appliances, where encryption happens in transit
•all
data passes through the applicance, and undergoes compression and encryption
encryption
at
the tape drive, where the drive performs encryption as part of the recording
process
•devices
such as the Sun StorageTek T10000 employ AES256 encryption
ports - USB, parallel, SCSI, etc..
Network Control Policy / Network Node Validation
posture - information is gathered on patch levels, software
versions,
running processes, etc.. before the mode is allowed
to connect to the network
identity - authentication
Cisco calls it NAC = Network Admission Control
Juniper calls it Secured and Assured Networking
Symantec calls it NAC = Network-Access Control
micro$oft calls it NAP = Nework-Access Protection
if nodes don't meet requirements, they can be confined to a
restricted VLAN or a call for human intervention can be made.
posture
posture ID requires analysis, locally with
an agent or remotely using a scanning mechanism
authentication
which user is using the node
authorization
a ruleset then determines, based on the posture
and authentication,
what permissions to grant
the authorization component must be able
to communicate with infrastructure (i.e. switches, router, firewall) to permit
or deny traffic flows
Inside - the chief security threats come from inside
www.accenture.com
www.systemexperts.com