SECURITY
Hardening puts in place actions that mitigate threats for each phase in the threat lifecycle. For example, during the reconnaissance phase an attacker scans to find open ports and determine the status of services that are related to the network and the SMS. To mitigate this, hardening guidance is to close unnecessary system ports in the SMS and Windows configurations.
“Just under half (46%) of all UK
businesses identified at least one cyber security breach or attack in 2016.”
The risk and threat assessment process includes the following steps: identifying information and security risks, assessing and prioritising risks, implementing policy, procedures and technical solutions to mitigate these risks. Security and privacy controls represent specific actions and recommendations to implement these as part of a risk management process. It is important that the process includes the assessment of the organisation, the particular requirements of a given deployment, and the aggregation of these activities into a security plan.
The risk management process is interactive, and responses and their outcomes are iterative. Security threats, risks, responses and results are dynamic and adapt, and as a result, the security plan must reflect this.
www.tomorrowsfm.com
A risk management framework considers IT systems, business processes, and the organisation as a whole to find a balance for the security plan. When hardening a system, it is important to balance the impact on business productivity and usability for the sake of security, and vice versa, in the context of the services and organisation delivers. Security guidance is not isolated from other business and IT activities. For example, when a user enters their password incorrectly on three consecutive attempts, the password is blocked and they cannot access the system. The system is secure from brute-force attacks, but the user can no longer use the device to do their work.
The hardening of system components involves changing configurations to reduce the risk of a successful attack. Attackers try to find a way in, and look for vulnerabilities in exposed parts of the system. Electronic security systems can involve hundreds or even thousands of components and failure to secure any one component can compromise the system.
To help secure your electronic security system, access to servers must be restricted; servers should be kept in locked rooms and prevention methodologies need to be in place to protect access to network and power cables. The network should be designed to utilise physical network or VLAN segmentation as much as possible. Many precautions can be taken when it comes to general set up. In addition to firewalls, these include techniques to segment the network and control access to the servers, clients and applications.
TOMORROW’S FM | 43
Page 1 |
Page 2 |
Page 3 |
Page 4 |
Page 5 |
Page 6 |
Page 7 |
Page 8 |
Page 9 |
Page 10 |
Page 11 |
Page 12 |
Page 13 |
Page 14 |
Page 15 |
Page 16 |
Page 17 |
Page 18 |
Page 19 |
Page 20 |
Page 21 |
Page 22 |
Page 23 |
Page 24 |
Page 25 |
Page 26 |
Page 27 |
Page 28 |
Page 29 |
Page 30 |
Page 31 |
Page 32 |
Page 33 |
Page 34 |
Page 35 |
Page 36 |
Page 37 |
Page 38 |
Page 39 |
Page 40 |
Page 41 |
Page 42 |
Page 43 |
Page 44 |
Page 45 |
Page 46 |
Page 47 |
Page 48 |
Page 49 |
Page 50 |
Page 51 |
Page 52 |
Page 53 |
Page 54 |
Page 55 |
Page 56 |
Page 57 |
Page 58 |
Page 59 |
Page 60 |
Page 61 |
Page 62 |
Page 63 |
Page 64 |
Page 65 |
Page 66 |
Page 67 |
Page 68 |
Page 69 |
Page 70 |
Page 71 |
Page 72 |
Page 73 |
Page 74
