bab 7 (assuring reliable and secure it services)

� The emergence of web-based commerce has

accelerated the expansion of a worldwide

network capable of transmitting information

reliably and securely across vast distances.

� Unfortunately, some components of a firm’s

infrastructure are not inherently reliable. The

reliability of processing systems depends on how

they are designed and managed.

� Businesses need policies that determine how to

integrate redundant elements into a company’s

overall infrastructure: how backup systems and

equipment will be brough online, how problems

will be diagnosed and triaged, and who will be

responsible for responding to incidents.

� Making the wrong decision in designing or

maintaining infrastructure or in responding to

incidents can severely harm a business.

� In modern context, a 98 percent availability rating

for a system usually means that its probability of

being up and running at any given time is 98

percent – period.

� Moreover, for real-time infrastructure, 98 percent

is not nearly good enough.

� In fact, the availability of today’s IT infrastructure

is often expressed in terms of a number of ‘nines’

(99.999) percent.

1. Uninterruptible electric power delivery

2. Physical security

3. Climate control and fire suppression

4. Network connectivity

5. Help desk and incident response procedures

6. N+1 and N+N redundancy

� Classification of threats

1. External atttacks

2. Intrusion

3. Viruses and Worms

� Defensive measures

1. Security Policies

2. Firewalls

3. Authentication

4. Encryption

5. Intrusion detection and network monitoring

1. Make deliberate security decision

2. Consider security a moving target

3. Practice disciplined change management

4. Educate users

5. Deploy multilevel technical measures, as many

as you can afford

� Managing incidents before they accur

1. Sound infrastructure design

2. Disciplined execution of operating procedures

3. Careful documentation

4. Established crisis management procedures

5. Rehearsing incident response

� Managing during an incident

1. Emotional responses, including confusion, denial,

fear and panic

2. Wishful thinking and groupthink

3. Political maneuvering, diving for cover and ducking

responsibility

4. Leaping ti conclusions and blindness to evidence that

contradicts current beliefs

� Managing after an incident

1. Rebuild parts of the infrastructure

2. Sometimes erasing and rebuilding everything from

scratch is the only way to be sure the infrastructure is

restored to its preincident state

3. It is essential to communicate the seriousness with

which a company protects the information entrusted

to it

1. How available do our systems need to be? Are our

infrastructure investments in availability aligned with

requirements?

2. Are we taking security threats seriously enough? How

secure is our current infrastructure? How do we assess

information security on an ongoing basis? Have IT staff

members received adequate training? How do we

compare with information security best-in-class

organizations?

3. Do we have plans for responding to infrastructure

incidents? Do we practice them on a regular basis? Are

staff members trained in incident response? What are

our plans and policies for communicating information

about incidents to external parties such as customers,

partners, the press and the public?