- Cybersecurity
- CIA-DAD
- I-A-A-A
- Defense in Depth
- Hardware and Software Security
- Firewalls, Access Controls, and Access Control Lists
- Physical Security
- Practical Example of a Server Security in an Organization
- Summary
- Chapter 1 Questions
- Answers to Chapter 1 Questions
Practical Example of a Server Security in an Organization
Let’s consider an example of how corporate security is set up. Tables 1-1 through 1-5 illustrate how we can set up layers of security to achieve defense in depth. Each layer has an extensive framework of rules and regulations that must be followed. Though each layer is cohesive and acts independently, all units in a corporation work with each other with a common goal of a highly secure environment because security is everyone’s responsibility. Note that this is a simplified example and can expand and shrink depending on the size of the corporation, needed security, the location of the site, and many other factors—both locally and on a larger scale.
Table 1-1 Physical Security Aspects in an Organization
| Item | Why Is It Important? | Remediation | 
|---|---|---|
| Gate and door entries | Avoids forced entries and piggybacking, helps block unwanted intruders. | Implement access cards with a PIN, station a guard to check manually. | 
| Server rooms | Protection of servers, data, and personnel. | Implement additional card access, closed doors at all times. | 
| Lock and key for files or records | Corporate data protection, theft of PII. | Use locks and keys and advise users to always lock unused cupboards or overhead storage bins. | 
| Computers, printers, phone, or fax | Equipment is expensive and valuable for daily work, and it isn’t easy to replace. | Buy insurance for equipment, locks and keys with a chain, electronic lock protection. | 
| Fire and smoke | Danger for all working people, suffocation, hardware parts can be damaged from change in humidity levels. | Install alarms, avoid storing flammable and unapproved items in office. | 
| Lighting inside | Bad lighting can cause physical eye problems for employees and may encourage theft. | Install adequate lighting, automatic lighting that turns on and off when people enter and exit premises. | 
| Inventory and storerooms | Missing or stolen equipment can be a problem. Bad log records cannot trace inventory—who is borrowing what from the inventory and where the equipment is used and to whom it is allotted. | Use closed-circuit cameras, video and audio recordings, up-to-date logs/records of equipment being checked in and checked out with proper signatures of customers. | 
| Door locks/blind spot mirrors | Dangers of being locked in or out or having secure doors unlocked due to power failures, shootings, and other dangers to human lives. | Make sure the correct type of doors are installed. Regularly check mirror and video camera (pan/zoom) alignments. | 
| First aid kits and emergency supplies | Not being installed, or regularly checked, or not restocked results in danger to human lives. | Check regularly, update with portable pacemakers. Educate employees how to use them. | 
| Alternate sites | If not up to date, disaster recovery is difficult. Data can be lost. Can result in financial burden. | Keep data up to date on all alternate sites. Check regularly with a tabletop or live exercise. | 
| Other physical assets | These help run the business smoothly. | 
 | 
Table 1-2 Software Security Aspects in an Organization
| Item | Why Is It Important? | Remediation | 
|---|---|---|
| Software copies, if any (repositories) | Lost copies are hard to restore. Can fail an independent audit. Loss of copyrights and possible duplication. | Install software repositories, update and maintain copies by version regularly. Save hard disks or USB drives with software copies. Label drives correctly. | 
| Removable media | Loss can cause data loss and financial penalties, jail time, and other repercussions. | Protect data in transit and at rest. Maintain a secure safe and bank for removable media. | 
| Firewalls | Weak or default rules can allow viruses and malware to get in. | Update/create firewall rules, update software, watch the logs daily. | 
| Development/test copies | Loss can destroy basic software design idea, requirements, testing rules, and results. | Maintain separate repositories by version, check repositories for safety regularly. | 
| Production copy | Loss can result in financial doom and piracy. Hard to recover and involves lawsuits and lengthy legal processes. | Maintain separate repositories by version, check repositories for safety regularly. Patent or copyright the software as required. | 
| Antivirus | Not installing up-to-date protection and new patches leaves software vulnerable against new viruses and attacks. | Choose good antivirus software, update regularly with patches, watch logs daily. | 
| Log files | Loss of log files or not maintaining time synchronization can result in attacks being ignored. | Create code to send email to system administrators when there is any log file change. Track daily. | 
| VPN, networking software | For teleworking and remote personnel, VPN should be up to date with enough connections and security to prevent risk loss/theft of data. | Update the software. Install patches. Invest in a good software package with signed contracts. | 
| Trusted baseline image | Users install unnecessary software, exposing more vulnerabilities. Trusted baseline image allows least privilege uniformly across all machines. | Create the baseline after all tests are complete. Update accordingly but keep checking individual machines randomly and warn users about excess privileges. | 
| Data and other PII files | Loss of data can derail a corporation with a flurry of problems from law enforcement, government, and lawyers. | Maintain due diligence and due care; keep security up to date, watch data in transit, at rest, and in use. Take all precautions as required per local and federal laws. | 
| Other software assets | Vendor supplied, in-house software is hard to replace and may need more spending. | Keep vendor contracts up to date. Maintain all assets per regulations and expect the unexpected to happen and be ready. | 
Table 1-3 Hardware Security Aspects in an Organization
| Item | Why Is It Important? | Remediation | 
|---|---|---|
| Laptops and desktops | Loss, degradation, replacement, and updates are expensive, time-consuming, and need several hours of labor/contracts. | Keep equipment locked with physical locks and keys. Obtain and maintain up-to-date signed agreements from users for accepting the equipment. | 
| Cables, bricks, and chargers | Loss can result in a minor financial burden. These also often need replacement due to heavy use. | Be ready with additional inventory for replacement, for non-functioning or burned out units. | 
| Access card or other readers | Unauthorized access can result in various issues like tampering with email and files. Access should be only for permitted and approved users who sign NDAs. Card readers and associated software must be up to date. | Lock systems when not used with access cards or passwords/PINs. | 
| Printers or plotters | Important papers can be stolen. Printers/plotters/supplies are at a risk for damage/theft. | Allow printer access with access card or login only. Use chains and locks for expensive printers/plotters and supplies. | 
| Special phones | Video phones and VOIP are hard to set up, are expensive, and have messages stored in memory. People with disabilities may use special phones that are very expensive. | Install good versions; maintain and update software required regularly. People with disabilities may need extra care of their communication equipment. | 
| Office supplies | Though sometimes cheap, some are expensive, such as the plotter supplies, ink, and cartridges. | Track with logs who is using what and check logs regularly of the needed and depleted supplies. | 
| Servers (DB, network, and so on) | By far, these are the most expensive to replace or buy new. They also need special software. | Invest in a separate team that works on these machines and their security. | 
| Routers, modems, and so on | These network components are the bread and butter of the network. | Should regularly be checked and updated. Logs should be read daily for any possible trouble and malware attacks. Passwords should be enforced and maintained with strict corporate password policies. | 
| Other hardware assets | Hardware will continue to evolve and need investment to keep pace with the future. | Update as required, but do take care of data on older hard disks and other devices and follow corporate policy for data protection, preservation, and destruction. | 
Table 1-4 Network Security Aspects in an Organization
| Item | Why Is It Important? | Remediation | 
|---|---|---|
| LAN/WAN | Broken network inhibits data flow and causes financial losses, data loss, and innumerable other related issues. | Invest in good networking infrastructure and topology and update regularly. | 
| Antivirus | Not installing up-to-date antivirus protection and new patches does not protect against methods of attack. This software is different from normal antivirus software installed on each machine. | Choose good antivirus software, update regularly with patches, watch logs daily. | 
| Firewalls | Network firewalls, routing tables, and other safety features need to be updated regularly to avoid loss or theft of data. | Implement firewall rules, update regularly, and watch the logs. | 
| Other network security | Networks will continue to evolve and need investment to keep pace with the future (fiber optics, new topologies and networks, and so on). | Update as required and follow corporate policy for data protection, preservation, and destruction. | 
Table 1-5 Environmental Security Aspects in an Organization
| Item | Why Is It Important? | Remediation | 
|---|---|---|
| Barriers all around the building | Vehicles can ram into a building or crash, either accidentally or intentionally. | Barriers protect the building from severe damage. Orange or red paint warns users to stay away and not to park around these items. | 
| Surroundings | Dark, empty, dimly lit surroundings are a cause for concern for attacks, theft, and shootings. | Install light fixtures (solar powered, auto shut off) around the building. Alarms should be available to be activated in case of dangers. Regularly check the alarms and make sure they work through all seasons of the year. | 
| Roads to the building | Clear and drivable roads without potholes or thick plant and tree growth on either side. No long and winding roads. | Visibility should be clear with straight roads without hindrances. Regularly check and re-surface. | 
| Video surveillance | Serves as evidence or proof in a court of law. Can record very important information without human interaction. | Adjust pan and zoom of the camera, examine the recordings daily. Update broken lenses, dysfunctional cameras (due to weather or otherwise). | 
| Fire extinguishers | Help control fires and save human lives and equipment. | Should be examined, updated, or replaced per local fire department laws—usually once every six months or year. Work with the local codes and regulations to update. | 
| Water sprinklers for fire | All rooms must have functional sprinklers to save human lives and buildings in case of fire. | Test these regularly, replace dysfunctional units and update. | 
| Natural disasters | These are unexpected and unavoidable but risk and damage can be minimized with proper plans. | Buy insurance for these events; establish a chain of command to make sure all human lives are safe. | 
| Unexpected attacks | Terrorist or pandemic attacks cannot be expected ahead. | Be prepared for active shooters and terrorist attacks. Train employees regularly. | 
| Physical safety | Human life is irreplaceable and the first priority. Ensuring physical safety reduces financial burden on the corporation. | Establish a chain of command; train and retrain users regularly, conduct tabletop exercises to make sure all human life is protected. | 
| Parking lot/signs/fences | Fences, signs, and lot numbering help users find their vehicles; they also discourage intruders from entering the premises and otherwise help with safety. | Posted signs and warnings should be stern and clear. Fences and borders should be checked regularly and damages fixed. | 
| Other environmental | Rules can change from time to time and from county to county or state to state. | Discuss with local municipalities and counties/districts to see what is required to ensure safety. | 
In this book, we only discuss the database and software security in detail, but it is important to know that factors such as those listed in the preceding tables contribute to security for software and databases because a single lapse can directly affect databases or software regardless of whether they are small or big or developed in-house or acquired off the shelf. Remember, security is the responsibility of everyone. Failing to educate and train can be the fault of a corporation, but the fault rests equally on each person if they fail to report anything suspicious. As we previously stated, the rule in security is, “if you see something, say something.” Sometimes following simple rules can make a lot of difference in our lives.