Evaluation of an existing or proposed system and the environment it operates in is a vector approach to threats and how to recognize them. We can determine the complexity of threats and break them down by group. Physical threats can be grouped by the place where the data center lies physically and what could possibly exist within the environment. What is the bedrock geology of the building containing the computer center? How sturdy is the computer room walls constructed and of what material? I have had discussions with data center managers in my career that speak of buildings capable of surviving strong winds, even the effects of a nuclear blast, but not directly, since most likely the building would be away from a concentrated population center, so I am talking about secondary effects of a blast. The heart of the data center is of course the computer room. If it is built with an eye towards containment, then it will survive even a light airplane crash. Also keeping the computer complex on the remote confines outside of a major city and not giving away the true function of the building, no external markings, opaque windows and deliveries by unmarked trucks with a strong perimeter security fence that is manned with a primary entrance and checkpoint keeps the human interest level away from the building. During times of civil disorder, a data center may erect solid concrete pylons to deter even the ramming of trucks into barricades should a hostile crowd become a problem. Contract armed security can be purchased at reasonable rates and goes a long way of protecting the building and the major point of ingress/egress of employees, visitors and maintenance personnel.
Next we can control access to the data center via a security control center which Also can function as the nerve center to co-ordinate the access of all steel doors to the data center via intelligent cards (RUSCO) or newer generation smart cards that can track the assigned person internally in areas of controlled access by job function and also perhaps have some type of active and stored Biometric data of he user to control his/her movements as fixed employees of the company. Temporary workers or visitors or vendors to repair equipment are grouped in short term, high security visibility areas to control there movements.
Environmental protection can be decided by zoning and building code as the building will emit EM and radio interference and that was decided early on as a consequence of the environmental impact statement and building safety codes during the building phase. Third in ranking and importance is the Security of media library / tape vault, for both active and long term storage, governmental archive and other data centers who may physically send tapes for storage at your center. Tapes have to remain unmolested and there contents fully secured from any aberrant that could effect the reliability of encoded data. Data as moved in and out of a vault could also have a smaller sort down area where standard shift processing as needed to feed daily 12 hour shifts. Next we have the Security of microcomputers and any unusual safeguards for these machines and there attachment to external networks as opposed to the mainframe computer room. Housekeeping in the computer room and the attendant management of paper
waste can be a problem for two reasons. The hiring of external contractors to perform the mundane choirs of housekeeping is analogous to through background checks of the persons employed, who for want of a better word, \ clean and that’s all. Paper shredding; document destruction can be done on site via machines and a department assigned to the task or another vendor can be hired for document destruction, the shredding of used computer desktops, that is performing the removal of data from internal storage devices and assuring erasure, and complete destruction. Also the removal of property tags and the striking and removal of the equipment from internal property lists for both internal audit and depreciation for tax purposes. The removal for any other reason, of any restricted storage devices, laptops with critical data or even the excuse to take work home for any reason, other than work may be expressly forbidden due to the nature of the stored data and its security classification. Articles abound in newspapers of laptops being “misplaced” with critical nuclear data on board and even the disappearance of the laptop or even finding the laptop in a dumpster with the property label intact.
A through understanding of the main communication system can be achieved and restricted to assure no threats to privacy and to further and verify the authenticity of telecommunications, with security provided to a password system that has strong password protection and that prompts the user to use varied characters for stronger protection. A unique sign on process with the latest
encryption methods’ and procedures to thwart the most determined hacker. The use and employment of dedicated dial-up lines and internal LAN networks can also be hardened against external assault. An often overlooked and under appreciated area is often the hardware itself. We must remember the current state and proposed state (as in new systems procurement) can be a complex task, to meet management’s goal for processing. We will have to review in a top down fashion all mainframe computer security and TSO access. The JES II master console operators and their levels of training and areas of responsibility. All mini and microcomputer security and all access, both internal and external from remote terminal (RJE) has to be reviewed. All computer system peripheral devices including tape drives, cartridge drives, robot silos, and disk drives, laptops and other unique portable equipment will undergo review.
A complete and through software review and there attendant releases, Versions and available vendor patches and put-tapes will also be reviewed for Vulnerabilities. An open review and capability review of the OS (ZOS?) will Be reviewed and all Applications that are activated and controlled by a Scheduling package (Tivoli OPC, Zeke, Prism or CA7-11) and a through review Of any possibility of subverting these systems. Database security and review May be assigned to a separate team to conduct the unique review.
All operator documentation and related training material as relates to command center persons may have to be reviewed in the context of Sarbanes-Oxley and also within the review of vulnerability assessment due to faulty documentation that does not have a through thought process that is clean and sound in its reasoning and one that adheres to policy and scrutiny by audit.
Towards the end of our survey we may prepare for onsite management a Threat, impact and safeguard matrix that can be used as a training guide for management and to be used for official policy to enforce SLA with both local and state governments. It may also be used to assure stakeholders of the commitment towards vulnerability assessment, disaster recovery, counter measures and potential threat analysis standards and enforcement rules and procedures’. We can thus use these as guides for official behavior and to identify potential risks. We can then draw our own contingency plans or identify external organizations that can perform risk analysis on a contractual basis.
No comments:
Post a Comment