1. Applegate, L.M., Austin, R.D, and Soule, D.L., Corporate Information Strategy and Management, 8 th edition, Burr Ridge, IL: McGraw-Hill/Irwin, 2009 Instructor’s Manual Chapter 6 Key Learning Objectives for Chapter 6: Understand factors that drive IT availability and how to provision high-availability systems Recognize sources of IT systems risk and how to secure IT systems Recognize trade-offs involved in IT risk management and the inevitability of incidents Understand management approaches to contain and recover from such incidents Assuring Reliable and Secure IT Services

2. Applegate, L.M., Austin, R.D., and Soule, D.L., Corporate Information Strategy and Management, 8 th edition, Burr Ridge, IL: McGraw-Hill/Irwin, 2009 Chapter 6: Assuring Reliable and Secure IT Services The key to reliable systems is “redundancy” Reliability thru redundancy comes at a price How much reliability to buy is a management decision highly contingent on numerous, mostly business, factors How costly (including tangible and intangible) is a 15-minute (n-hour) failure of the order management system? Redundant systems are more complex than non-redundant systems, and this complexity must be managed.

3. Applegate, L.M., Austin, R.D., and Soule, D.L., Corporate Information Strategy and Management, 8 th edition, Burr Ridge, IL: McGraw-Hill/Irwin, 2009 Chapter 6: Assuring Reliable and Secure IT Services Managers also must guard against malicious threats to computing infrastructure Attacks, intrusions, viruses, worms, … 機密資料竊取、 DoS … Securing systems against malicious threats is an arms race, a high-stakes contest requiring constantly improving defenses against increasingly sophisticated weaponry.

4. Applegate, L.M., Austin, R.D., and Soule, D.L., Corporate Information Strategy and Management, 8 th edition, Burr Ridge, IL: McGraw-Hill/Irwin, 2009 Chapter 6: Assuring Reliable and Secure IT Services Availability Math In modern contexts, a 98 percent availability rating for a system usually means that its probability of being up and running at any given time is 98 percent-period The availability of today's IT infrastructure is often expressed in terms of a number of "nines." "Five nines" means 99.999 percent availability, which equates to less than a second of downtime in a 24-hour day Overall service availability is generally lower than the availability of individual components

5. Applegate, L.M., Austin, R.D., and Soule, D.L., Corporate Information Strategy and Management, 8 th edition, Burr Ridge, IL: McGraw-Hill/Irwin, 2009 Chapter 6: Assuring Reliable and Secure IT Services Five Components in Parallel (Each 98 percent available)

6. Applegate, L.M., Austin, R.D., and Soule, D.L., Corporate Information Strategy and Management, 8 th edition, Burr Ridge, IL: McGraw-Hill/Irwin, 2009 Chapter 6: Assuring Reliable and Secure IT Services High-Availability Facilities Uninterruptible Electric Power Delivery Physical Security （鎖、監視系統、保全人員等） Climate Control and Fire Suppression （含預警系統、無毒滅 火等） Network Connectivity （ involve at least two backbone providers ） Help Desk and Incident Response Procedures N + 1 and N + N Redundancy N + I means that for each type of critical component there should be at least one unit standing by. (Good enough if N is small) Management decisions about the design of IT infrastructures always involve trade-offs between availability and the expense of additional components.

7. Applegate, L.M., Austin, R.D., and Soule, D.L., Corporate Information Strategy and Management, 8 th edition, Burr Ridge, IL: McGraw-Hill/Irwin, 2009 Chapter 6: Assuring Reliable and Secure IT Services Securing Infrastructure against Malicious Threats Richard Clarke, the former U.S. national coordinator for security, infrastructure protection, and counterterrorism, often chided companies for spending less on information security than on coffee. "If you spend as much on information security as you do on coffee," he argued, "you will be hacked, and you'll deserve to be hacked 嘿，如何說服老闆才是王道！

8. Applegate, L.M., Austin, R.D., and Soule, D.L., Corporate Information Strategy and Management, 8 th edition, Burr Ridge, IL: McGraw-Hill/Irwin, 2009 Chapter 6: Assuring Reliable and Secure IT Services Classification of Threats External Attacks The most common external attacks are "denial of service" (DoS) attacks

9. Applegate, L.M., Austin, R.D., and Soule, D.L., Corporate Information Strategy and Management, 8 th edition, Burr Ridge, IL: McGraw-Hill/Irwin, 2009 Chapter 6: Assuring Reliable and Secure IT Services A Distributed Denial-of-Service Attack

10. Applegate, L.M., Austin, R.D., and Soule, D.L., Corporate Information Strategy and Management, 8 th edition, Burr Ridge, IL: McGraw-Hill/Irwin, 2009 Chapter 6: Assuring Reliable and Secure IT Services Classification of Threats DoS 的變形 External Attacks DDoS A slow-motion DoS attack-attacks of this kind have been called "degradation of service" attacks-looks almost exactly like real e-commerce traffic DoS attacks are very difficult to defend against

11. Applegate, L.M., Austin, R.D., and Soule, D.L., Corporate Information Strategy and Management, 8 th edition, Burr Ridge, IL: McGraw-Hill/Irwin, 2009 Chapter 6: Assuring Reliable and Secure IT Services Classification of Threats Intrusion Unlike external attackers, intruders actually gain access to a company's internal IT infrastructure by a variety of methods social engineering (or fishing) One of the most difficult problems arising from intrusion is figuring out what exactly intruders might have done while they were inside company defenses. Viruses and Worms

12. Applegate, L.M., Austin, R.D., and Soule, D.L., Corporate Information Strategy and Management, 8 th edition, Burr Ridge, IL: McGraw-Hill/Irwin, 2009 Chapter 6: Assuring Reliable and Secure IT Services Defensive Measures Security Policies Firewalls (WAFs: Web Application Firewalls) Authentication Encryption(Symmetric vs. Asymmetric) Patching and Change Management Intrusion Detection and Network Monitoring

13. Applegate, L.M., Austin, R.D., and Soule, D.L., Corporate Information Strategy and Management, 8 th edition, Burr Ridge, IL: McGraw-Hill/Irwin, 2009 Chapter 6: Assuring Reliable and Secure IT Services A Security Management Framework Make Deliberate Security Decisions General managers must educate themselves on security related subjects and take responsibility for decisions in this area Consider Security a Moving Target Practice Disciplined Change Management Educate Users Deploy Multilevel Technical Measures, as Many as You Can Afford

14. Applegate, L.M., Austin, R.D., and Soule, D.L., Corporate Information Strategy and Management, 8 th edition, Burr Ridge, IL: McGraw-Hill/Irwin, 2009 Chapter 6: Assuring Reliable and Secure IT Services Risk Management of Availability and Security Companies cannot afford to address every threat to the availability and security of IT infrastructure with equal aggressiveness Management actions to mitigate risks must be prioritized with an eye to their costs and potential benefits One method of prioritizing involves computing the expected loss associated with incidents … by multiplying the probability of an incident and its cost if it occurs.

15. Applegate, L.M., Austin, R.D., and Soule, D.L., Corporate Information Strategy and Management, 8 th edition, Burr Ridge, IL: McGraw-Hill/Irwin, 2009 Chapter 6: Assuring Reliable and Secure IT Services Risk Management of Availability and Security For most companies, however, the logic of risk management is more complicated. Managers' attitudes toward risk may be too complex to be summarized by simple probabilities and costs A further complication arises from the difficulty of estimating costs and probabilities in some situations. In addition, not all risks can be countered with well-defined management actions.

16. Applegate, L.M., Austin, R.D., and Soule, D.L., Corporate Information Strategy and Management, 8 th edition, Burr Ridge, IL: McGraw-Hill/Irwin, 2009 Chapter 6: Assuring Reliable and Secure IT Services Managing Infrastructure Risks: Consequences and Probabilities

17. Applegate, L.M., Austin, R.D., and Soule, D.L., Corporate Information Strategy and Management, 8 th edition, Burr Ridge, IL: McGraw-Hill/Irwin, 2009 Chapter 6: Assuring Reliable and Secure IT Services Incident Management and Disaster Recovery No matter how available and secure they make a company's infrastructure, managers can expect incidents Infrastructure incidents present a rare business challenge: a need to solve problems under the pressure of a ticking clock

18. Applegate, L.M., Austin, R.D., and Soule, D.L., Corporate Information Strategy and Management, 8 th edition, Burr Ridge, IL: McGraw-Hill/Irwin, 2009 Chapter 6: Assuring Reliable and Secure IT Services Incident Management and Disaster Recovery Managing Incidents before They Occur Sound infrastructure design Disciplined execution of operating procedures Careful documentation Established crisis management procedures Rehearsing incident response

19. Applegate, L.M., Austin, R.D., and Soule, D.L., Corporate Information Strategy and Management, 8 th edition, Burr Ridge, IL: McGraw-Hill/Irwin, 2009 Chapter 6: Assuring Reliable and Secure IT Services Incident Management and Disaster Recovery Managing during an Incident When faced with a real-time crisis, human decision makers have numerous psychological obstacles … in the crisis. Common psychological obstacles are Emotional responses, including confusion, denial, fear, and panic Wishful thinking and groupthink Political maneuvering, diving for cover, and ducking responsibility Leaping to conclusions and blindness to evidence that contradicts current beliefs Another difficulty managers face in crises is "public relations inhibition."

20. Applegate, L.M., Austin, R.D., and Soule, D.L., Corporate Information Strategy and Management, 8 th edition, Burr Ridge, IL: McGraw-Hill/Irwin, 2009 Chapter 6: Assuring Reliable and Secure IT Services Incident Management and Disaster Recovery Managing after an Incident To avoid future incidents of the same type, managers need to understand what happened Typically, a company owes business partners information about the nature of a failure so that those partners can determine the consequences that might flow to them as a result (??)