Presentation is loading. Please wait.

Presentation is loading. Please wait.

Separate Domains of IT Infrastructure

Similar presentations

Presentation on theme: "Separate Domains of IT Infrastructure"— Presentation transcript:

1 Separate Domains of IT Infrastructure

2 7 Domains of IT User Domain Workstation Domain LAN Domain
LAN to WAN Domain WAN Domain Remote Access System Application Domain

3 Logical Grouping of IT Domains
User/Workstation Network LAN LAN-WAN interface WAN Remote (Brave new world) System/Application

4 User Domain The subjects: The people using the system.
This is the domain of the AUP

5 The AUP Acceptable usage policy – a contract between the system owner and system user outlining the acceptable usage parameters of the computing system.

6 User Domain Threats/Vulnerabilities Lack of user awareness
User apathy toward policies Security policy violations Disgruntled employee attacks Social engineering attacks Etc Mitigation strategies …

7 User Domain …Mitigation Strategies User awareness training Accountability through an AUP Implement personnel access controls

8 Workstation Domain Usually refers to the computer on your desk or workspace. This includes the staff supporting the workstations The AUP is a key document for this domain

9 Workstation Domain Risks/threats/vulnerabilities Unauthorized access
Malware Social engineering attacks Etc. Mitigation strategies…

10 Workstation Domain …Mitigation Strategies User awareness training logging anti-malware Accountability through an AUP

11 Network Service Domain
For the purpose of this course, we will combine the domains for LAN, LAN-to-WAN, and WAN into the Network Service Domain

12 Network Service Domain
Includes the equipment, cables, the wireless access, etc. Key document is the SLA

13 SLA: Service Level Agreement
An agreement between the system provider and system user. Outlines provider responsibilities and defines realistic expectations to the users.

14 Network Service Domain
Threats/Vulnerabilities/ Unauthorized access, physical or otherwise Malware attacks Hardware vulnerabilities Support staff threats/vulnerabilities Misuse of network resource by users Clear-text (unencrypted) data traffic DoS Wireless attacks

15 Network Service Domain
…Mitigation Strategies IDS – intrusion detection system, like SNORT. IPS – intrusion prevention system, like a firewall

16 Network Service Domain
…Mitigation Strategies drop malicious packets, reset connection, block traffic from offending IP addresses, etc. set up a DMZ, …

17 Remote Access Domain Accessing the computing services from outside the boundary of the computing system. Smart phones Laptop computers PDAs Remote usage Wireless access Access to cloud resources Social media access

18 Remote Access Domain The AUP is the governing document

19 Remote Access Domain threat/vulnerability
Theft or loss of electronic devices Theft or loss of data Unauthorized access (shoulder surfers) Clear-text data transfer Poor security on personal devices. Reliability of cloud services

20 Remote Domain …Mitigation Strategies User awareness training Accountability through an AUP reliable authentication (MFA?) Data Encryption, etc

21 System/Application Domain
The critical infrastructure of server systems, applications, and data. Payroll Accounting, purchasing, billing Sales Intellectual property, etc. Proprietary technology Personal information

22 System/Application Domain
Threat/vulnerability Unauthorized access Hardware failure Data loss Malware Failure to keep systems and software up-to-date. Social engineering attacks etc

23 System/Applications Domain
…Mitigation Strategies Awareness training Backup/RAID Physical security, Logging, Data/system integrity monitor Disaster recovery plan etc

24 System/Application Domain
The governing document is the SLA.

25 Domain Group Assignments
User/Workstation Green Group Network Blue Group Remote Red Group System/Application Gold Group

Download ppt "Separate Domains of IT Infrastructure"

Similar presentations

Ads by Google