Policies and Procedures of the Greiblock Credit Union - Case Study Example

Incident response plan Table of Contents Dynamic Vulnerability Analysis……………………………………………………..5 Purpose of the Dynamic Vulnerability Analysis Policy………………………….5 1.1 Purpose to the Firm……………………………………………………………….5 1.2 Purpose to the Employees………………………………………………………...5 1.3 Purpose to the Customer………………………………………………………….6 2. Scope of the Dynamic Vulnerability Analysis Policy…………………………….6 2.1 Central Office……………………………………………………………………..6 2.2 Branch Office……………………………………………………………………..6 3. Dynamic Vulnerability Analysis………………………………………………….7 3.1 Technical aspect of the policy…………………………………………………….8 3.2 Social Aspect of the Policy………………………………………………………..8 4. Metrics………………………………………………………………………………8 Intrusion Detection…………………………………………………………………..9 1. Purpose of the Intrusion Detection Policy………………………………………9 2. Scope of Intrusion Detection Policy……………………………………………..9 3. Policy of Intrusion Detection Policy……………………………………………..10 3.1 Technical Aspect of the Policy…………………………… ……………………….10 3.2 Social Aspect of the Policy…………………………………………………………10 4. Enforcement of the Intrusion Detection Policy…………………………………….10 5. Metrics……………………………………………………………………………..10 Incident Response……………………………….……………………………….......10 1. Purpose of the Policy……………………………………………………………….11 1.1 Purpose to the Firm…………………………………………………………………..12 1.2 Purpose to the Staff…………………………………………………………………..12 1.3 Purpose to the Customers…………………………………………………………….12 2. Scope of the Policy……………………………………………………………………12 3. Policy of incident response…………………………………………………….............13 3.1Technical Aspect………………………………………………………………………13 3.2 Social Aspect………………………………………………………………………….13 4. Enforcement of the Incident Response Policy………………………………………….14 5. Metrics……………………………………………………………………………………...14 References……………………………………………………………………………………15 Overview This document is about the policies and procedures of the Greiblock Credit Union (GCU) firm. These policies address specific parts of the firm: dynamic vulnerability analysis, intrusion detection, and incident response. It aims to develop the policies in these three spheres and come up with the technical and the social aspect of the policies Dynamic vulnerability analysis, intrusion detection and incident response policies are discussed differently using the format of Purpose of the policy, Scope of the policy, the Policy itself, Enforcement of the policy and Metrics of the policy in question The metrics are further discussed in relation to what is to be measured in the policy, how it is to be measured and the kind of action to be performed with the information. This is to ensure that the policy is workable and makes sense in relation to the fact that the impacts can be quantified. Dynamic Vulnerability Analysis 1. Purpose of the Dynamic Vulnerability Analysis Policy In the Information Technology, being a continuously developing field, there are risks that come with dynamic nature of the field. The exposure to such risks, if not secured, normally leads to loss of income in the sector. These risks involve hacking, using the website for adverts among others (Beale et al., 2003).In addition, the risks deserve some scrutiny so as to understand how to tackle them. The policy is supposed to ensure that the risks that lead to vulnerability are taken into consideration so that they can be mitigated or reduced to the minimal state possible. 1.1 Purpose to the Firm Analysis of such risks will ensure that the firm does not experience unnecessary loses that could be controlled through the use of appropriate policies and institutional framework. The unsecured risks that include hacking are the major challenges experienced in the IT sector and, therefore, tackling it will be of a much relief to the firm. This will also make the firm outstanding in terms of competition since its products will not be able to be duplicated or pirated thus a fair competition (Johnson, 2013). 1.2 Purpose to the Employees Addressing the unsecured risks will ensure that the IT firm gets its profit to the maximum thus eliminating issues like retrenchments and early retirement that are proposed by the firm due to low profits. The employees will also be able to work in an IT secured environment whereby their personal information and their unique work that come from their expertise cannot be leaked to the public without their consent. Their work also cannot be lost due to the deliberate introduction of computer viruses by the competitors (Easttom, 2013). 1.3 Purpose to the Customers The policy will ensure that the customers are able to get only the original products and services from the firm. This will ensure that there is reliability of the services provided and with ease when it comes to tackling the complaints. 2. Scope of the Dynamic Vulnerability Analysis Policy The policy will be implemented in both the central office and the branch offices. All the vulnerabilities in the central office will be determined and solutions are determined. The branch offices vulnerabilities will also be taken to account. Dynamic changes will be taken into account (Easttom, 2013). 2.1 Central Office The technical services will be scrutinized with the aim to determine the aspects that have dynamic vulnerability aspect. The human resource will also be taken through the process to ensure that there is no leakage of important information to the outside world. Changes that are related to improvement of the IT sector will be taken into the investigation before introduction into the firm (Easttom, 2013). 2.2 Branch Offices The human resource will be taken through the work conduct and scrutinized to ensure that there is no any kind of act on their part that will jeopardize the work of the firm in any way possible. In case of introduction of a new website of the new service provision system, the officers will be taken through thorough training and be made aware of the ‘do’s and Don’ts.’ This will be of the aim to ensure that the firm’s vulnerability is reduced to the insignificant state (Odera et al., 1993). 3. Dynamic Vulnerability Analysis Policy There is to be established a risk analysis body which shall consist of 10 IT and risk analysis experts appointed by the Greiblock Credit Union Chief Executive Officer (Collins, 2014). The team shall; I. Be responsible for policy formulation and direction in relation to risk analysis in the firm; II. Set goals and objectives and determine policies and priorities in relation to dynamic vulnerability analysis; III. Come up with the appropriate tools that will ensure efficient and effective analysis of the dynamic risks; and IV. Report the same to the head office giving desirable counter reacting solutions. V. Be responsible of capacity building the general staff from the central office to the branch office in relation to risk management and the executive in relation to the risk analysis in an understandable language and issue appropriate solutions and/ or what is expected from the human resource. VI. Take consideration of the staff input to ensure that the decision reached is comprehensive, and VII. Ensure that the vulnerability analysis techniques do not affect the staff or public (customers) in any way and if any, it’s in an insignificant form. 3.1 Technical aspect of the policy The technical aspect is that the team is the one that identifies and provides for the advisory solution in terms of dynamic vulnerability analysis. The team comprises of the experts. 3.2 Social aspect of the policy The policy aims to protect the customers from the vices related to the vulnerability of the information technology firms and GCU in specific. 4. Enforcement of Dynamic Vulnerability Analysis The risk analysis team shall be a body corporate with perpetual succession and a common seal. In its corporate name, it shall be able to; sue or be sued as per the aspects of its decisions and advices, advise the executive about the risk dynamics analysis, come with the appropriate technology and knowledge to determine the dynamic risks, and get a recommended budgeting fee from the executive and account for it (Collins, 2014). 5. Metrics The team will measure the rate of vulnerability of the firm through the use of an appropriate technology. The appropriateness of technology will be determined by the team’s suitability to use it effectively and the fact that it can give the appropriate information needed. There will be a need to give out the outcome in both quantitative and qualitative data so as to ensure triangulation of the analysis (Collins, 2014). The information that has been analyzed and refined will be tabled first to the C.E.O of the firm and explained in details. The team will also be expected to table the same information to the board of directors giving out the appropriate alternative recommendations stating their merits and demerits. With the help of the team, the board members will make a decision on the most appropriate recommendation and give the team a go ahead to implement it. Intrusion Detection 1. Purpose of the Intrusion Detection Policy The purpose of the policy is to ensure that there is no intrusion on the Greiblock Credit Union website. It aims to ensure that the website of the firm is secure from malpractices like hacking and other related activities. The intrusion can be on the part of the competitors or other players in the sector that want to know what is happening in the firm. The policy ensures that none of the information leaks out of the firm’s system without its consent. It protects the firm from duplication of the services, plans and procedures. It therefore aims to protect and reduce the impacts that is associated with intrusion incase it happens (Easttom, 2013). 2. Scope of the Intrusion Detection Policy The policy will be implemented within the Greiblock Credit Union main and branch offices. It will entail detailed scrutiny of the of the GCU website in both the main and the branch offices. The policy will be implemented by the Risk Team while the staff will be involved in the release of information whenever necessary. There will be a regular and constant check of the website and interaction of the staff to ensure that there is no intrusion (Beale et al., 2003). The policy will also ensure that the staffs are taken through a rigorous training to ensure that they understand the alarms that are related to intrusion so that they can alert the Risk team. Policy development and implementation will ensure that both the staff and team are involved in the decision making as a solution to intrusion. 3. Policy of Intrusion Detection There will be a need to form a risk intrusion detection team of five that that will include the information technology risk analyzers specialists. The team shall be involved in the detection of intrusion and its causes with an aim to put the firm intrusion proof (Beale et al., 2003). The specific role of the team will include: I. To sue or be sued in relation to intrusion detection, II. Identify the cause of intrusion and the means to mitigate the negative impacts, III. Develop policies that will minimize or eliminate controllable intrusions, and IV. Provide appropriate advice to the firm in relation to intrusion. 3.1 Technical Aspect of the Policy To ensure that the intrusion is identified in time with the aim to minimize the negative impacts that are associated with intrusion and also to ensure that the firm is protected from intrusion in the future. 3.2 Social Aspect of the Policy To ensure that the staff are not affected by the process of intrusion detection and if affected is on the part that they are directly involved with the deliberate support of the intrusion either directly or indirectly. 4. Enforcement of the Intrusion Detection Policy The policy is to be enforced by the risk team in place that will see that the element of intrusion is identified. Those involved in intrusion are sued and a framework is put in place to ensure that there are no future intrusions and if of any, the negative impacts are insignificant. The team will also give the appropriate advice to the management to ensure that intrusion in the DCU firm is detected in time in case of any (Beale et al., 2003). 5. Metrics The element to be measured is the vulnerability of the firm to intrusion. It is a measure of how often the Greiblock Credit Union website is intruded and how this can be easily detected. This will be measured through making records of the number of times the website is intruded and the amount of time it takes to identify the intrusion. The information is then analyzed and tabulated to develop the prominence and the source of the act. The findings are used to advise the management team through issuance of appropriate alternatives of mitigation measures (Beale et al., 2003). The management team then comes with the best mitigation measure with the help of the risk team then implements it with the aim to ensure that in future, the intrusions are easily detected and effects mitigated appropriately. Incident Response 1. Purpose of Incident Response Policy The policy aims to ensure that the incidents that may occur in the firm are efficiently and effectively responded to. It aims to ensure that the negative impacts associated with the incidents are brought down to a manageable level (insignificant level) and they are mitigated in the future if possible (Odera et al., 1993). 1.1 Purpose to the Firm It ensures that the firm does not incur significant losses that are related to incidents. It enables the firm to meet its strategic plans in appropriate time with the planned outcomes met. It increases and/ or maintains the profit margin of the firm since the losses due to incidents are managed. 1.2 Purpose to the Staff It enables the staff to be safe from the negative impacts associated with an incident’s occurrence that may involve retrenching of the staff (Odera et al., 1993). It also ensures that the staffs are in an appropriate working environment whereby the firm doesn’t struggle to meet their needs thus a bright career future. 1.3 Purpose to the Public (Customers) It ensures that the public expectations are met in an efficient and effective manner. The customers remain satisfied with the services that are free from fluctuations in demand, thus no fluctuations in the prices (Odera et al., 1993). This enables the customers to have an easy time while budgeting. 2. Scope of the Incident Response Policy The policy will entail the team that identifies the incidents, the rate of the incident’s occurrence, how to mitigate the negative impacts associated with the impacts and how to mitigate the incidents and/ or reduce the occurrence rate of the incidents. The policy will aim to impact both the internal and external environment of the firm (Odera et al., 1993). 3. Policy of Incident Response The firm will formulate an Incident Response team that will comprise of five incident response experts. This team will be entitled to; I. Identification of the incidents, II. Developing of the response mechanisms, III. Budgeting in relation to incident response, IV. Mitigating the negative impacts associated with incidents, V. Advise the management in relation to Incident response, and VI. Develop policies that aim to address incidents. 3.1 Technical Aspect There will be a specialized team in place to deal with the incident response matters. The team will collect the relevant data needed and make appropriate decisions relating to the collected data, including advising the management (Odera et al., 1993). 3.2 Social Aspect The policy aims to involve the staff in the incident response process. It also aims to ensure that the customer’s needs are met by ensuring that the incident response that affect the services to the customers are minimized and/ or mitigated so as to ensure that the services are provided in a cost effective and efficient manner (Odera et al., 1993). 4. Enforcement of the Incident Response Policy The policy will be enforced by the five- expert team in place. The team will collect the necessary data in relation to the incidents; analyze the data coming up with the appropriate solutions. The team will also develop the response plan and advising the management responsibly in relation to the incident itself and incident response (Odera et al., 1993). 5. Metrics in the Incident Response Policy The policy aims to measure the incidents that occur in the firm. The incidents will be measured by collecting the data from the staff. The data will later be analyzed so as to develop elaborate and understandable information (Odera et al., 1993). The team will use the information to advise the management and the management will in return give out then go ahead for a response. The team will therefore have to use the most efficient and effective solution from the alternatives to respond to the incident at hand. References Beale, J., Foster, J.C.,Faircloth, J., & Caswell, B. (2003). Snort 2.0 Intrusion Detection. Bertelsmann, AG: Syngress. Collins, M. S. (2014). Network Security Through Data Analysis: Building Situational Awareness. Farnham, UK: OReilly Media. Easttom, W.C. (2013). Network Defense and Countermeasures: Principles and Practices New York, NY: Pearson IT Certification Johnson, L. (2013). Computer Incident Response and Forensics Team Management: Conducting a Successful Incident Response. Bertelsmann, AG: Syngress. Odedra, M., et al. (1993). Information technology policies and applications in the Commonwealth developing countries. London: Commonwealth Secretariat. Read More