Information Security: Security Policies for the User Domain - Term Paper Example

Thesis ment The User Domain, one of seven domains in an IT infrastructure, is considered to be the domain most at risk for attack and compromise, primarily due to the inherent weakness of the human interaction element. There are several types of attacks on the User Domain that are prevalent, as they can be quite successful against an uninformed or untrained employee. By implementing good company policies and ensuring that best practices against these attacks are used, an organization should be able to mitigate the risks found in the User Domain. Tipton (2005) Before studying User Doman, it is crucial to understand the essence of user domain. The whole focal point of User Domain is to ensure that segregation of duties is conducted in computer’s main frame. Before attempting to observe the issue, it is essential to understand the focal point of user domain itself. In essence, user domain is defined as set of objects that allow a user to have controls and permissions. In essence, user domains can overlap. Tipton (2005) Another element of user domains is the fact that is allows users to possess segregation of duties. Segregation of duties allows users to have separate domains and grant permissions. User domains can range from simple user access accounts or it can be a specific domain such as sales, marketing, and managers. In the computing world, the weakest link in user domain is a user that has the least privilege. In essence, the weakest link is based on a hierarchy model in security policies and implementation issues. The weakest link can also be a possible vulnerability that can be exploited. One of the worst vulnerabilities for user domains are insider attacks. Insider attacks occur. For instance, denial of service and spoofing are one the most common themes that occur. The problem is the fact that intercepting authentication or other sensitive information can be executed with the current WAN technology since it utilizes the traditional TCP/IP in user domains. (Best Practices for the Security 2013)Moreover, spoofing can also be conducted since an intruder can deceive the network that it recognizes a possible unauthorized access. The problem with installing firewalls in a user domain is the fact that they are fully feasible. Insider attacks occur when one user domain gains more privilege than the other user and shares that information. Tipton (2005) This becomes extremely dangerous because it allows the hacker to have one central location to exploit information. (Best Practices for the Security 2013) Inside attacks can be vast and potent depending on the type of attack. For instance, an executing script can copy sensitive information and can make one central machine a master. This master to slave configuration can be used with full throttle for malicious attacks. Hence, segregation of duties as mentioned above should be embedded between the servers and the computer desktops to ensure sensitive information is not copied or modified. Social engineering for user domains should be based on layering approach. Hierarchy should be followed to ensure user domains have permissions based on hierarchy needs. Another huge aspect of social engineering is loopbacks and text fields. For instead, spoofing is conducted on regular basis for a user account domain password. The logic should be embedded that if an intruder tries to attempt to put incorrect passwords, the system recognizes that. In most cases, Windows and even other open OS such as Ubuntu have been embedding smart logic behind engineering of user domains. Social engineering occurs when a user is manipulated to trick a person into weakening a component of the system itself. One of the biggest dilemmas with social engineering is the fact that a hacker can obtain critical information via personnel relationships. This can be chaotic and cause many in adverse issues. Another method that plagues the dilemma of social engineering is pretexting. Pretexting occurs when a hacker calls an IT personnel for instance and give scenarios that will allow a hacker to have a perception for hacking. Another risk that seems to be prevalent in user domain accounts that correlated with human mistakes is the fact that it contains a Microsoft TFS code repository, which consists of code. Anytime a human does not encrypted code, it becomes vulnerable towards hacking. It is clear that traditionally a repository should be well-protected with firewalls and other IDS systems even in user domains. However, it seems certain that no firewall protects the code repository. This can be problematic if an intruder can potentially modify the code and embed the changes throughout the repository since no protection exists. This will affect user interface as well as processing of information into wrong domains. A huge problem with human engineering is avoiding SQL Ad hoc injections. The fourth element that important to address was to rectify the SQL ad hoc injections. In essence, the intruder can easily get access to the SQL and execute queries to derive personal information. In any given website, sensitive information may be present such as password and usernames, which can lead to further information. The first remedy to this solution is to place this network in a private server that saves all the sensitive information. The second tier of defense that can be embedded is a vendor solution known as EasySoft. EasySoft is great third party solution that will halt an intruder from injection malicious code intro strings. Moreover, it embeds hierarchy of database permissions that build a layer of security within SQL. For instance, if the user table would not succeed in running a query, it will only allow SELECT access command instead of update/delete. This means that the intruder cannot modify the contents within the SQL. In order to ensure that vulnerabilities are addressed, certain elements need to be addressed. First and foremost, OS has to be updated in regards of software Vulnerability. Updating to the new OS ensures that the system is not outdated and seals doors for advanced intruders. Furthermore, an effective patch management process can close vulnerabilities before malicious users or worms have an opportunity to exploit them. A great benefit of patching up OS is that it allows a more enhanced understanding of ongoing network flow along with detailed status reports. It is clear that downloading these logs will give the security team a better understanding of traffic and security vulnerabilities. Additionally, the timely deployment of these patches is crucial since it dramatically reduces corporate risk. Another aspect to consider is to ensure that networking protocols are rectified. Packet filtering is a crucial component of ingress and egress filtering must be conducted. Network protocols tend to protect traffic within the realms of their own networks. However, embedding ingress and egress network filtering will ensure that outgoing traffic gets approval. Although this can produce some latency in the network, it is an excellent method to embed in best practices. Enforcing an Access Control List along with VLAN can further mitigate these risks. Best practices for user domains consist of many aspects. First is authentication. Authentication should be done to ensure that only the proper user can have a channel to access that account. This is conducted via password protection, numbers, and codes.. Best practices are also discussed here to ensure that user domains are functioning optimally. The first best practice for any use domain is never to open attachments from an unknown source. Johnson (2011) This is one of the most simple and best practices to embed. Secondly, using least privilege concept is a great practice because it mitigates risk of vulnerability. Moreover, patch management should be conducted on a regular basis to ensure that again mitigates risk of vulnerability. Lastly, all user domains must have unique identity. Unique identity allows each separate account to have their own unique identity. Johnson (2011) AUP are set of standard and guidelines that are established by a user domain setting. AUP allows logical guidelines to ensure that audit practices are being conducted and risks are being controlled. AUP are extremely important component of framework of security policies because it dictates policies. AUP must be clear and concise in user domain. One of the most prominent factors of AUP is to ensure that user domains are separated by segregation of duties. Another prominent usage policy for user domain is bandwidth limitation for usage. In essence, one user cannot hog the buffer of the RAM. It is crucial to understand that utilizing AUP allows suspension of user domains from an administrator standpoint. Accounts can be suspended, given limited access, administration rights to install programs, etc. Moreover, AUP encompasses managing passwords, software licenses, noncompliance consequences, and escalations. Johnson (2011)When administrator rights are breached or abused, PAA level agreements are crucial that are enabled to enhance accountability of user rights. In essence, the PAA is a written, explicit agreement that a user must acknowledge to. The PAA allows the security team to generally have a contingency plan, audit in timely manner. The PAA is a typically a two page document between administration and organization. It can also enhance the dictating policy utilizing social media. Security Assessment Policy is a governing legislation that outlines Information Security policies, employee orientation, security incidents and plans for new and existing users. It allows users to understand and analyze the security awareness level and avoid any future mishaps that will disrupt business flows. It is clear that that user domain settings and guidelines are essential for any organization. Policies such as SAP, AUP, and PAA are crucial to regulate user domains. Having well-document policies that govern user domains are critical to ensure risks are being mitigated at a consistent level. Lastly, best practices are being implemented to ensure that concepts such as social engineering and insider attacks are being mitigated. References References Best Practices for the Security APIs. (n.d.). (Windows). Retrieved February 25, 2014, from http://msdn.microsoft.com/en-us/library/windows/desktop/ms717796(v=vs.85).aspx Johnson, R. (2011). Security policies and implementation issues. Sudbury, Mass.: Jones & Bartlett Learning. RQ News & Blog. (n.d.). ReliaQuest. Retrieved February 25, 2014, from http://www.reliaquest.com/three-steps-to-building-a-successful-security-awareness-program/ Tipton, H. F., & Krause, M. (2005). Information security management handbook (5th ed.). London: Taylor & Francis e-Library. Windows Azure Load Balancing: What To Know. (n.d.). InformationWeek. Retrieved February 24, 2014, from http://www.informationweek.com/software/enterprise-applications/windows-azure-load-balancing-what-to-know/d/d-id/899840 APA formatting by BibMe.org. Read More