Security Information Management Firewall Management, Intrusion Detection, and Intrusion Prevention Intrusion Detection Busters Katherine Jackowski Elizabeth

Download Security Information Management Firewall Management, Intrusion Detection, and Intrusion Prevention Intrusion Detection Busters Katherine Jackowski Elizabeth

Post on 24-Dec-2015

212 views

Category:

Documents

0 download

Embed Size (px)

TRANSCRIPT

<ul><li> Slide 1 </li> <li> Security Information Management Firewall Management, Intrusion Detection, and Intrusion Prevention Intrusion Detection Busters Katherine Jackowski Elizabeth Kearney-Lang Daureen Lingley-Chor </li> <li> Slide 2 </li> <li> Selected Topics: The two areas of interest our team chose are: Firewall Management and Intrusion Detection, Intrusion Prevention Security Information Management complement each other well focusing on the safeguarding of company assets </li> <li> Slide 3 </li> <li> Control Objectives Security Information Management: To control access to the Information Systems to prevent unauthorized use and to restrict authorized use. To ensure proper controls are in place to ensure data and system availability in order for the Information Systems to fully support the organizations objectives. </li> <li> Slide 4 </li> <li> Control Objectives Firewall Management and Intrusion Detection, Intrusion Prevention To ensure preventative, detective, and corrective measures are in place and working as intended to protect the Information System from intrusion. To ensure proper controls are in place to safeguard assets and prevent, detect and mitigate fraudulent activity. </li> <li> Slide 5 </li> <li> Research Our research began with An Introduction to Computer Security: The NIST Handbook National Institute of Standards and Technology Special Publications: SP 800-41 Revision 1 entitled Guidelines on Firewalls and Firewall Policy, SP 800-61 Revision 1 entitled Computer Security Incident Handling Guide, SP 800-94 entitled Guide to Intrusion Detection and Prevention Systems. </li> <li> Slide 6 </li> <li> Research Collaboration: wikispaces Warious vendor website White Papers </li> <li> Slide 7 </li> <li> Control for Firewall Management, Intrusion Detection &amp; Prevention Implement and enforce Back-up Procedure Category: Procedure Type: General, Secondary, Corrective Control Benefit: Up-to-date back-up if needed Adverse Impact: Unnecessary extended downtime </li> <li> Slide 8 </li> <li> Control Evidence In Place: Written documentation of procedure, documentation readily available in hardcopy or online. In Effect: All data will be properly backed up, personnel responsible for back-up procedure will have knowledge of procedure and documentation of all back-ups that occur. </li> <li> Slide 9 </li> <li> Audit Steps In Place: Review written documentation of procedure and search for online copy. In Effect: Test and verify the existence of back- up data stores. Interview employees to determine responsibilities and accountable party. </li> <li> Slide 10 </li> <li> Control for Security Information Management Written Acceptable Use Policy with required signature of employee Category: Legal Type: General, Secondary, Preventative Control Benefit: Ensures employee knowledge of and responsibility to properly safeguard the system. Adverse Impact: Lack of knowledge and responsibility would create usage problems and security issues </li> <li> Slide 11 </li> <li> Control Evidence In Place: Documented Policy, documents with employees signatures. In Effect: Understanding of policy by employees, file of signed policies will exist. </li> <li> Slide 12 </li> <li> Audit Steps In Place: Review documentation of policy and check for signatures of all active employees. In Effect: Interview employees and review file of signed policies. </li> <li> Slide 13 </li> <li> Image Polymers Company, LLC Covisia Solution, Inc. Test of controls </li> <li> Slide 14 </li> <li> Best Practices for the AUP Explain employee rights and monitoring expectations Educate employees on legal issues State the consequences of noncompliance Ensure that all the employees are informed about the AUP </li> <li> Slide 15 </li> <li> Acceptable Use Policy The System, including the email system and Internet connections, is the property of the Company. Each employee is responsible for the use of the System and for observing all laws. In the event that any employee is found to have improperly used the System, he or she is subject to disciplinary action, up to and including immediate dismissal. </li> <li> Slide 16 </li> <li> Acceptable Use Policy The company may review the following at its discretion: History of sent and received email by employees Contents of sent and received email by employees History of access to the WWW by employees Contents viewed by employees Time spent by employee on the www Voicemail messages </li> <li> Slide 17 </li> <li> Challenge Audit Work Program </li> <li> Slide 18 </li> <li> Questions? </li> </ul>