Presentation is loading. Please wait.

Presentation is loading. Please wait.

IS4550 Security Policies and Implementation

Published byMarshall Baldwin Modified over 5 years ago

Similar presentations

Presentation on theme: "IS4550 Security Policies and Implementation"— Presentation transcript:

1 IS4550 Security Policies and Implementation
Unit 6 IT Infrastructure Security Policies

2 Class Agenda 7/21/16 Lesson Covers Chapter 9 Learning Objectives
9/23/2018 Class Agenda 7/21/16 Lesson Covers Chapter 9 Learning Objectives Lesson Presentation and Discussions. Discussion on Assignments. Discussion on Lab Activities. Break Times as per School Regulations. Try to read the text book before class. (c) ITT Educational Services, Inc.

3 Learning Objective Describe the different information security systems (ISS) policies associated with the information technology (IT) infrastructure.

4 Key Concepts Policies unique to the workstation domain
Policies associated with local area network (LAN) and wide area network (WAN) domains Policies related to telecommunications Policies specific to remote access, systems, and applications Differences between public and private IT infrastructure security policies

5 EXPLORE: CONCEPTS

6 IT Infrastructure Domains
Personal computer (PC) is an example of the workstation domain Office computer is an example of the LAN domain Internet is an example of the WAN domain

7 IT Infrastructure Domains (Continued)
Mobile phone is an example of telecommunications and WAN Virtual Private Network (VPN) is an example of remote-access domain

8 Workstation Domain Security Policies
All computing devices used by end user are consider to be in the Workstation domain Malicious code Software usage Configuration management Access enforcement Device identification and authentication Acquisitions Software use Session lock Control standards for this domain include: To meet those requirements, you should have baseline security settings for each device The baseline settings are described in baseline standards

9 LAN Security Policies The LAN domain refers to organization’s LAN infrastructure LAN allows two or more computers to connect within a small physical area

10 LAN Security Policies (Continued)
Control standards for this domain can include: Firewall Wi-Fi security Protection of audit information Router security

11 LAN Security Policies (Continued)
Audit monitoring Security assessments Intrusion detection system (IDS) and intrusion prevention system (IPS) Controls over media

12 LAN Security Policies (Continued)
Where there is a specific technology component, you’ll need a baseline standard to document the security settings for those devices, examples include: Wi-Fi access point (AP) security configuration guide

13 WAN Domain Policies A WAN is a network that covers a large geographical area The Internet is an example of a WAN, a private WAN can be built for a specific organization to link offices across the country or globally

14 WAN Domain Policies (Continued)
WAN Controls can include: Domain name services (DNS) WAN router security Web services WAN protocols From the control standards above, there will be specific technology requirements for your WAN infrastructure devices

15 WAN Domain Policies (Continued)
Where there is a specific technology component, you’ll need a baseline standard for the specific security requirements for those devices, examples include: WAN router configuration Web services

16 Telecommunications Policies
The telecommunications area refers to the uses of telephone equipment and voice services that don’t fit into the other domain areas Telecommunications devices include fax machines, modems, mobile phones, and personal digital assistants (PDAs) Telecommunications controls include: Voice over Internet Protocol (VoIP) Telecommunications equipment and devices usually have specific technology requirements, examples of baseline standards: Blackberry enterprise server configuration Use of Bluetooth communications Malware prevention controls for mobile devices VoIP security product requirements

17 Remote Access Domain Policies
The remote access domain refers to the technology that controls how end users connect to an organization’s LAN remotely An example is someone needing to connect to the office network from their home or on the road Remote Access Controls (RAC) include: VPN From the control standards above, there are specific technology requirements for your Remote Access infrastructure devices and client software Here are a few examples of these types of baseline documents you’ll need: VPN gateway options and requirements VPN client software options and requirements Access control entry (ACE)/Remote Authentication Dial-In User Service (RADIUS) server security requirements

18 LAN-to-WAN Domain Policies
The LAN-to-WAN domain refers to the technical infrastructure that connects the organization's LAN to a WAN This section is primarily related to how devices are permitted to access the WAN and what controls are imposed over users accessing such resources, including Internet access

19 LAN-to-WAN Domain Policies (Continued)
LAN-to-WAN controls can include: Content filtering devices Internet filtering rules Internet proxies LAN-to-WAN Domain control standards usually refer to specific technology requirements for network devices, including servers

20 LAN-to-WAN Domain Policies (Continued)
Where there is a specific technology component, you’ll need a baseline standard to document the security settings for those devices. Examples include: IDS/IPS rules Firewall configurations for demilitarized zone (DMZ) architecture

21 System/Application Domain Policies
The System/Application Domain refers to the technology and application software needed to collect, process, and store company data. System/Application Controls can include: Data classification Separation of environments Physical security Developer-related data restriction and the use of test data Within the control standards for the System/Application Domain are specific technology requirements, examples include: Public key infrastructure certification authority (CA) Approved cryptographic algorithms and key lengths Physical security baseline Developer coding standards

22 EXPLORE: ROLES

23 Roles and Responsibilities
IT Manager Responsible for funding and support of policy creation IT Auditor Responsible for ensuring that controls are in place per policy

24 Roles and Responsibilities (Continued)
System/Application Administrator Responsible for applying controls to Workstation, LAN, and LAN-to-WAN Domains Information Security (IS) Manager Responsible for policy creation, application, and alignment with organizational goals

25 EXPLORE: RATIONALE

26 Lack of Controls With lack of controls all of the following and more are possible: Workstations would have different configurations LANs would allow unauthorized traffic WANs would have vulnerabilities Network devices would not be configured the same Users would have access to data they are not directly working with

27 Summary In this presentation, the following were covered:
Various IT infrastructure domain security policies, such as workstation domain security policies, LAN security policies, WAN domain policies, telecommunications policies, remote access domain policies, LAN-to-WAN domain policies, and system/application domain policies Roles and responsibilities associated with IT infrastructure domain security policies Advantages of lack of controls

28 Unit 5 Discussion and Assignments
Discussion 6.1 IT Infrastructure Security Policies Assignment 6.3 IT Infrastructure Policies

29 Unit 6 Lab Activities Lab is in the lab manual on line Lab 6.2 Define a Remote Access Policy to Support Remote Healthcare Clinics Reading assignment: Read chapter 10

30 Class Project-Draft Unit 5-U.S. compliance laws now affecting the firm, and any problems, or questions. Unit 6-DoD policy 1–5, and any problems, or questions. Deliverables or milestone drafts as specified in the project content will be submitted. Final project Due on Week 11

Download ppt "IS4550 Security Policies and Implementation"

Similar presentations

Firewalls By Tahaei Fall 2012. What is a firewall? a choke point of control and monitoring interconnects networks with differing trust imposes restrictions.

Firewalls By Tahaei Fall What is a firewall? a choke point of control and monitoring interconnects networks with differing trust imposes restrictions.
Guide to Network Defense and Countermeasures Second Edition

Guide to Network Defense and Countermeasures Second Edition
Separate Domains of IT Infrastructure

Separate Domains of IT Infrastructure
Network Security Topologies Chapter 11. Learning Objectives Explain network perimeter’s importance to an organization’s security policies Identify place.

Network Security Topologies Chapter 11. Learning Objectives Explain network perimeter’s importance to an organization’s security policies Identify place.
Building Your Own Firewall Chapter 10. Learning Objectives List and define the two categories of firewalls Explain why desktop firewalls are used Explain.

Building Your Own Firewall Chapter 10. Learning Objectives List and define the two categories of firewalls Explain why desktop firewalls are used Explain.
Security Awareness: Applying Practical Security in Your World

Security Awareness: Applying Practical Security in Your World
1 Chapter 19 Networks. 2 What’s Inside and on the CD? In this chapter you’ll learn: –Basic network terminology –To identify network components –About.

1 Chapter 19 Networks. 2 What’s Inside and on the CD? In this chapter you’ll learn: –Basic network terminology –To identify network components –About.
Lesson 11-Virtual Private Networks. Overview Define Virtual Private Networks (VPNs). Deploy User VPNs. Deploy Site VPNs. Understand standard VPN techniques.

Lesson 11-Virtual Private Networks. Overview Define Virtual Private Networks (VPNs). Deploy User VPNs. Deploy Site VPNs. Understand standard VPN techniques.
Professor Michael J. Losacco CIS 1150 – Introduction to Computer Information Systems Communications and Networks Chapter 8.

Professor Michael J. Losacco CIS 1150 – Introduction to Computer Information Systems Communications and Networks Chapter 8.
Telecommunication and Networks

Telecommunication and Networks
© 2015 Jones and Bartlett Learning, LLC, an Ascend Learning Company www.jblearning.com All rights reserved. Security Policies and Implementation Issues.

© 2015 Jones and Bartlett Learning, LLC, an Ascend Learning Company All rights reserved. Security Policies and Implementation Issues.
Presented by Manager, MIS.  GRIDCo’s intentions for publishing an Acceptable Use Policy are not to impose restrictions that are contrary to GRIDCo’s.

Presented by Manager, MIS.  GRIDCo’s intentions for publishing an Acceptable Use Policy are not to impose restrictions that are contrary to GRIDCo’s.
ITGS Networks Based on the textbook “Information Technology in a Global Society for the IB Diploma” by Stuart Gray.

ITGS Networks Based on the textbook “Information Technology in a Global Society for the IB Diploma” by Stuart Gray.
Current Job Components Information Technology Department Network Systems Administration Telecommunications Database Design and Administration.

Current Job Components Information Technology Department Network Systems Administration Telecommunications Database Design and Administration.
Chapter 6 of the Executive Guide manual Technology.

Chapter 6 of the Executive Guide manual Technology.
11 SECURING YOUR NETWORK PERIMETER Chapter 10. Chapter 10: SECURING YOUR NETWORK PERIMETER2 CHAPTER OBJECTIVES  Establish secure topologies.  Secure.

11 SECURING YOUR NETWORK PERIMETER Chapter 10. Chapter 10: SECURING YOUR NETWORK PERIMETER2 CHAPTER OBJECTIVES  Establish secure topologies.  Secure.
Firewalls Nathan Long Computer Science 481. What is a firewall? A firewall is a system or group of systems that enforces an access control policy between.

Firewalls Nathan Long Computer Science 481. What is a firewall? A firewall is a system or group of systems that enforces an access control policy between.
Network and Perimeter Security Paula Kiernan Senior Consultant Ward Solutions.

Network and Perimeter Security Paula Kiernan Senior Consultant Ward Solutions.
© 2006 Cisco Systems, Inc. All rights reserved.Cisco PublicITE I Chapter 6 1 Exploring the Enterprise Network Infrastructure Introducing Routing and Switching.

© 2006 Cisco Systems, Inc. All rights reserved.Cisco PublicITE I Chapter 6 1 Exploring the Enterprise Network Infrastructure Introducing Routing and Switching.
NETWORK INFRASTRUCTURE SECURITY Domain 5. Computer Security “in short, the average computer is about as secure as a wet paper bag, and it is one of the.

NETWORK INFRASTRUCTURE SECURITY Domain 5. Computer Security “in short, the average computer is about as secure as a wet paper bag, and it is one of the.

Similar presentations

Ads by Google