Implement security framework
Overview
Image: Overview
You should already know about developing a security framework. In this topic, you will learn how to establish a security perimeter and implement a security shield. You will learn how to identify the various network security perimeters and apply controls and countermeasures.
In this topic you will learn how to:
· establish a physical security perimeter through use of secure sites and components as required by the enterprise security plan
· establish a system security perimeter as required by the security plan and chosen technology
· establish an application security perimeter as required through the server configuration
· establish a data security perimeter through application access on the client/server system, wireless and use of VPN solution as required
· instruct the client on the security shield and their responsibilities according to the enterprise security plan.
This topic contains:
· reading notes
· activities
· references
· a topic quiz.
As you work through the reading notes you will be directed to activities that will help you practise what you are learning. The topic also includes references to aid further learning and a topic quiz to check your understanding.
Download a print version of this whole topic: Implement security framework (398 KB 2819.doc)
Reading notes
Image: Reading notes
Physical security perimeter
Establishing a physical security perimeter refers to actions taken to protect systems, buildings, and related infrastructure against threats. Three broad areas of protection are
· physical facilities
· geographic location
· supporting facilities.
Physical facilities
Physical facilities refer to the physical structures within the organisation that the system and its components operate. Structures can be static, mobile or portable. Static structures are fixed and are not movable like buildings. Mobile structures are typically vehicles with in-built systems and components that can be moved. Portable structures are systems that can be carried. They are typically used in buildings, vehicles or out in the open.
Threats to the physical facilities include natural disasters such as fire, floods, earthquakes, and environmental conditions like extremes of temperature and humidity, contamination, power fluctuations and electromagnetic interference.
Geographic location
The geographic location can make the system susceptible to many of the same threats as the physical facilities. Things like natural disasters, environmental conditions and manmade or deliberate threats are common. Common manmade or deliberate threats are theft and fraud, civil unrest, eavesdropping and bush fires.
Supporting facilities
Supporting facilities allow the system to function and include things like electrical power, air-conditioning systems, telecommunications and key personnel.
Physical perimeter threats and controls
As we identify physical perimeter threats, we also need to develop controls that are applied to minimise identified threats.
Threats
Five major consequences as a result of threats to the physical perimeter are
· Interruptions in providing system services: External threats can prevent the provision of system services. Losses will depend on duration and timing of service interruption and how critical these services are to the business.
· Physical damage: Hardware may be damaged or destroyed. Data may be destroyed as an act of sabotage on physical storage media. Losses will depend on how soon the hardware is replaced and the system restored via data recovery from backup media and the costs arising from service interruptions.
· Unauthorised disclosure of information: Insecure physical characteristics of the facility may allow an intruder to gain access to system hardware and data storage. Losses will depend on the type of sensitive information disclosed.
· Loss of control over system integrity: An intruder may gain access to the central system and be able to reboot the system and bypass logical access controls. Losses depend on information disclosure, fraud, replacement or modification of system software, replacement or modification of application software and introduction of Trojan horses. It can also be difficult to determine the scale of the damage.
· Physical theft: System hardware or data can be stolen. Losses depend on cost to replace stolen hardware, the cost of data recovery and costs arising from service interruptions.
Controls and countermeasures
Controlling threats to the physical perimeter require identifying and implementing controls and countermeasures for each identified threat. There are many threats to the physical perimeter. We will focus on the following five areas of security controls and look at ways of reducing or eliminating threats:
· physical access
· fire safety
· plumbing leaks
· structural collapse
· mobile and portable systems.
Physical access
Physical access to an organisation’s assets are evaluated to determine if further actions is necessary to secure the assets. When the elevation is complete, all the related actions and safeguards that are required are then compiled into the overall security plan that is to be actioned as soon as possible.
Physical access is where the entry and exit of personnel are restricted to office buildings, office suites, data centre and server rooms. Physical access to information system assets may include the following types of controls:
· controlled areas
· barriers to isolate each area
· entry points in the barriers
· personnel screening at each entry point.
Authorised staff members may also provide additional security by training them to challenge people whom they do not recognise.
Feasibility of surreptitious entry refers to intruders gaining access by
· climbing over a false ceiling to access the server room
· climbing under a false floor to access the server room
· observing combination lock keys entered by authorised staff
· using a stolen key-card.
Physical access controls are applied to these areas:
· location of physical hardware
· wiring closets
· POP (point of presence) – where telephone service enters the building
· MDF: Main Distribution Facility, usually located near POP. This is the central hub of copper-based and/or fibre-optic wiring.
· IDFs (intermediate distribution facility): due to the 100-metre distance limitation of STP (Shielded Twisted-Pair) cables, IDFs are typically located 50-metres or more from the MDF.
· electrical power closets
· air-conditioning and heating equipment
· telephone and data lines
· storage areas for data backup of media and source documents.
Each physical access control must be tested for effectiveness, both during and outside of business operating hours.
As an example, we will assume that you need to perform a routine performance check on a server. This server is used by your client - a bank - to store highly confidential data. Here is how you might get to the server:
· A receptionist greets you as you enter the building.
· Your details such as your name, position, and company are recorded and magnetically encoded onto a plastic card for you to wear.
· The plastic card may also be tagged via RFID (Radio Frequency ID) which allows the wearer of the card to be located within the building.
· Since the card may not be worn as required, another security policy may be enforced to mandate that every person in the building must wear a card.
· You now walk past the receptionist and toward a locked security door.
· A security guard visually checks that you are wearing your card while the RFID chip is scanned to identify you and where you are permitted to go. In this case, you are permitted to enter the server room. As such, ONLY the doors that lead to the server room will open for you. Should you need it, perhaps the toilet door as well.
· Once you get to the server, you will need to log in with the appropriate username and password.
· Specialised software on the server will monitor all your actions by date and time to leave an audit trail.
Fire safety
Fires can totally or partially damage the information system and its components. Smoke, corrosive gases, and high humidity can cause extensive damage to electronic equipment, rendering it useless and causing a disruption to business services. Six factors are relevant to understanding and controlling a fire. They are
· ignition
· fuel
· building operation
· building occupancy
· fire detection
· fire extinguishment.
Ignition
Typical ignition sources of fires are
· failure of electric devices and wiring
· carelessly discarded cigarettes
· improper storage of highly combustible chemicals or materials
· improper operation of heating devices
· arson.
Countermeasures may include the mandatory use of automatic power cut-off circuit-breakers, fire sprinklers, etc.
Fuel sources
The two fuel sources are the fire load – these are materials that fires use to grow – and the supply of oxygen.
Countermeasures will ensure that little or no fuel sources are made available. However, should they need to be there, fire retardant blankets may be used to cover flammable materials. Fuel source materials may also be stored in fireproof cabinets.
Building operation
This refers to maintaining fire barriers. As an example, stairwells may be protected by fireproof doors.
Other forms of countermeasures might be to ensure that swinging doors are made air-tight when closed or that double doors may be used to provide an extra barrier.
Building occupancy
This refers to how the building is used to store combustible materials. Some organisations are more prone to fire dangers due to the industries they operate in, such as a chemical warehouse.
Countermeasures include storing all combustible materials in fire-proof cabinets.
Water leaks
While plumbing leaks are rare, they can happen. In multi-story buildings, water barriers must be in place to stop water seeping down into lower floors if a water pipe is broken or if a fire sprinkler system is activated.
A building’s cut sheet may provide information on the location of plumbing lines and water barriers. Plumbing lines may carry cold water, chilled water, hot water, steam, corrosive chemicals, toxic chemicals or gases. These lines support taps, toilets, drains, water sprinkler systems and fire hose standpipes.
Check to ensure that the system components are stored away from these lines. As a countermeasure, major system components may be stored in a purpose-built rooms that are free from such lines.
Structural collapse
This refers to a building being subjected to loads beyond what they are designed for. Earthquakes, snow avalanches, etc. may render a building too dangerous to enter, especially high-rise buildings. This may prevent access to the system, its components, and even to data backup media.
One countermeasure might be to store major system components in a purpose-built room that is located two or three levels below the ground under a high-rise building.
Mobile and portable systems
These systems share an increased risk of theft. They can be misplaced or left unattended. Should these systems hold confidential information, data encryption should be used as stated in the security plan.
Countermeasures include file level and disk level encryption. In extreme situations, one possible countermeasure is to require an authorised login within ten minutes of the system starting and displaying the login prompt. Failure to provide the authorised login may initiate a process where the hard drive is automatically overwritten with binary zeros. The emergence of new Radio Frequency Identification (RFID) technologies can provide additional controls.
Activity 1
To practise, complete Activity 1 – Secure the physical perimeter, located in the Activities section of the Topic menu.
System security perimeter
When establishing the system security perimeter, it is important to identify the scope of the system you want to secure. There are numerous ways to classify just what a system is. We will begin with the three layer hierarchical design and then explore other methods of system perimeter demarcation.
System scope
You can identify the scope of the system in a number of ways, including
· using a hierarchical model
· looking at network boundaries
· Internet, intranet, extranet.
With all three methods you will need to map the network either by drawing it logically or by using a network mapping program.
Hierarchical approach
The hierarchical model is a layered approach that divides the system up by the way data transverses the network. There are 3 layers in the hierarchical model. They are the core, the distribution and the access layers. In most cases, the size and operational needs of the organisation will determine how extensive and complex each layer is.
· Core layer: Also called the backbone, the core layer is the area of a network where data passes from one network segment to another. It usually contains high speed network equipment that transfers data quickly without packet manipulation. The best way to visualise the core layer is to imagine a multinational company such as Microsoft. Microsoft has a need to connect their systems located in various countries. Microsoft-USA, Microsoft-Australia, Microsoft-UK, etc. are connected together to form a backbone to their global network. This is then Microsoft’s core layer, where routers are used to form a full or a partial mesh topology.
· Distribution layer: This layer consists of routers, switches, shared servers, etc. Microsoft-Australia has a need to connect their numerous systems that are spread across cities. As such, routers, switches, and shared servers will be placed in this Layer.
· Access layer: This is where the end-users reside. Equipment may include switches, departmental servers, workstations, laptops, etc.
Image: Network diagram with routers, switches and computers arranged in a pyramid format. The core routers and switches are at the top of the pyramid, then below in the middle are the distribution routers and switches. Then below at the bottom are the access switches and computers.
Figure 1: Network diagram
Network boundaries
Another way to establish system perimeter is to use the following network boundaries: PAN, LAN, CAN, MAN, WAN and GAN:
· PAN: Personal area networks are typically home-based systems used by telecommuting employees. However, with constantly emerging technologies, PANs now include small networks that are supported by any of the following technologies:
o Bluetooth
o Infrared
o USB
o Firewire