StudentShare
Contact Us
Sign In / Sign Up for FREE
Search
Go to advanced search...
Free

System Security Planning: the Configuration of the System - Research Paper Example

Cite this document
Summary
This paper will look at some security measures considered incorporated in a system security plan. The system security plan is important for any organization. The security plan will ensure the information system of a particular organization is well preserved…
Download full paper File format: .doc, available for editing
GRAB THE BEST PAPER96.2% of users find it useful
System Security Planning: the Configuration of the System
Read Text Preview

Extract of sample "System Security Planning: the Configuration of the System"

Cybersecurity Profile due: System security plan System security plan is important to any organization. The security plan will ensure the information system of the particular organization is well preserved, and access is only available to authorized persons. The underlying objective is to improve the protection of information technology resources. The security plan addresses the policies, goals, and objectives of the organization’s security program and documents the process for making changes to the information system without any compromise. In general, the security plan provides an overview of the system’s security requirements and gives a description of the controls that are in place or are planned to meet the security requirements (Nancy & Gregory, 2011). While securing systems, users can be one of the weakest links, and they, therefore, need to be trained adequately for them to understand system security risks. The NIST requires a cybersecurity profile to outline clearly the alignment of the functions, categories and subcategories of the business requirements, risk tolerance and resources within the organization. The cyber security profile identifies opportunities for improvement of the cyber security and moving the system from its current to a better state in terms of security. This paper will look at some security measures considered incorporated in a system security plan. Access Control (AC) Controls These are safeguards incorporated in a computer, systems software, operation, and related devices for protection of critical IT resources against vulnerabilities both internally and externally. Implementation of effective logical access controls, an organization significantly reduces the risks to the system environment. Some logical access controls that have been incorporated into the system include assignment of access privileges, object re-use, session controls, re-certification of users, encryption, networking, dial-in, as well as use of warning banners. The core of an access-control system aims at securing evaluation of whether an established identity can access a particular computing resource, which is also called an object. A resource may be a service of some sort, an information receptacle such as a file or a Web resource like a uniform resource identifier (URI). The access control is decided over an existent security context and a controlled resource (Benantar, 2006). Intrusion detection system Intrusion detection systems are widely used in the enhancement of the security of information systems. The intrusion detection system detects and tracks the slightest signs of malicious activity and also keep a record of it. The systems deal with threats and attacks. This is accomplished by collection of information from a variety of systems and network sources. They then do an analysis of the information for possible security problems. It monitors a system under protection and also logs invasion attempts. Intrusion detection systems are of three types. They collect data and parse it with big analytics so as to produce signatures before spreading them to each instance requiring protection (Di & Mancini, 2008). The three classifications of IDS are; 1. Host-based intrusion detection system (HIDS), which collects data via endpoint security management systems. HIDS monitors the individual hosts and other devices on the network. It is the least harmful form of intrusion detection systems. It is capable of providing end-point protection by detecting unwelcome traffic and logging it for further analysis. It also ensures critical files are safeguarded by reporting any modification or deletion of such files to the administrator. 2. The other one is network-based intrusion systems (NIDS) that is tasked with the collection of data through anomaly detection systems. It performs an analysis of the passing traffic on the entire subnet. It works in a safe mode, where it matches the traffic passed on the subnets to the library of known attacks. After identification of the attack, the administrator is sent an alert. An example of NIDS will include its installation on the subnet where the firewalls are located such that they can detect any intruder into the firewall. 3. The third one is application-based intrusion detection systems (AIDS) whose role is the collection of data by integration of a Web application firewall with dynamic application security testing systems (Di & Mancini, 2008). Audit and accountability (AU) controls Audit and control of information systems is an important activity in an organization. According to NIST SP 800-53 control, an organization should develop, disseminate and periodically keep reviewing information such as the formal, documented, audit and accountability policy as a way of addressing the purpose, scope, roles, responsibilities, management commitment, and compliance. Documented procedures should be followed for facilitation of the audit and accountability policy and associated audit and accountability controls (Fitzgerald, 2011). The control identifies important events which require auditing and are relevant to the security of the information system. The organization then specifies the information in order of priority and carries out the auditing activities. Information system performance can be highly affected by the auditing activity. Based on risk assessment, the organization decides the events requiring auditing on a continuous basis and the event requiring auditing in response to particular situations. The audit records are generated at various levels of abstraction such as at the packet level as the information goes through the network. This makes it critical to select the most suitable level of abstraction for the actual audit record to facilitate the identification of root causes to problems. Once the causes have been identified, the auditable events are implemented which are defined by the organization after ensuring they are capable of supporting after the fact investigations of security incidents. This is followed by generation of audit records for events such as successful and unsuccessful log-on and log-off, change of passwords, opened and closed files, specific actions such as reading, editing, and deleting records or fields and printing reports. The captured events are saved in the administrator’s accounts where he can easily access and carry out risk mitigation (Fitzgerald, 2011). Implementation of control The organization maintains a regular analysis and review of its information system audit records which are used as indicators of any inappropriate or unusual activity. This is in accordance with NIST SP 800-53 control. Suspicious activities are investigated, and the report findings forwarded to the appropriate officials for them to take necessary actions. This is achieved by automated mechanisms which immediately alert security personnel of any inappropriate or unusual activities on the information system. Audit records will be used to show what happened after an event, for real-time analysis. The security specialists in the organization regularly review the audit information such as audit review after every event such as log on or off. The audit allows the management to hold employees responsible for user actions on the computer systems. To ensure the reliability of the audit records, the system is configured such that it includes a timestamp for each event which gets captured in the audit log. The system log files include the exact date and time for an event which was performed at a particular time. The system and network administrators can then configure organizational systems for synchronization with local system clocks to the corresponding organization time server (Raggad, 2010). Conclusion System security planning is a process involving several activities as recommended by the NIST. Use of tools such as access controls will ensure high-level security by keeping information away from unauthorized persons. Logical access controls provide encryption of data and give alerts in case of intrusion. However, intrusion detection systems are the best for the detection and alerting the administrators of any infiltration into the system. Data auditing, on the other hand, requires to be done on a regular basis. This serves to control the activities happening within the system. The control identifies important activities to be audited and recorded for the administrator to keep track of any threats on the information system. This is followed by the configuration of the system for synchronization with organization server in real time. References Benantar, M. (2006). Access control systems: Security, identity management and trust models. New York, NY: Springer. Di, P. R., & Mancini, L. V. (2008). Intrusion detection systems. New York: Springer. Fitzgerald, T. (2011). Information Security Governance Simplified: From the Boardroom to the Keyboard. CRC Press. Nancy R.Kingsbury,Gregory C.Wilshusen (2011). Information Security: IRS Needs to Enhance Internal Control Over Financial Reporting and Taxpayer Data. DIANE Publishing Raggad, B. G. (2010). Information security management: concepts and practice. CRC Press. Read More
Cite this document
  • APA
  • MLA
  • CHICAGO
(“Writer's choice Research Paper Example | Topics and Well Written Essays - 1250 words - 4”, n.d.)
Writer's choice Research Paper Example | Topics and Well Written Essays - 1250 words - 4. Retrieved from https://studentshare.org/information-technology/1698879-writers-choice
(Writer'S Choice Research Paper Example | Topics and Well Written Essays - 1250 Words - 4)
Writer'S Choice Research Paper Example | Topics and Well Written Essays - 1250 Words - 4. https://studentshare.org/information-technology/1698879-writers-choice.
“Writer'S Choice Research Paper Example | Topics and Well Written Essays - 1250 Words - 4”, n.d. https://studentshare.org/information-technology/1698879-writers-choice.
  • Cited: 0 times

CHECK THESE SAMPLES OF System Security Planning: the Configuration of the System

System Testing

They are performed to ensure that the behavior of the system is consistent with the requirement specifications set out earlier in software development.... All the functional requirements that are set out for the system must be achieved by the system (Burnstein, 2003).... The functional test must ensure that the system can perform these tasks effectively.... It also takes into consideration improper and illegal inputs which must be tested on the system and their results observed to be consistent with the required functions (Myers, Sandler, & Badgett, 2011)....
7 Pages (1750 words) Literature review

Thin Client Operating System Security

This report "Thin Client Operating system security" discusses thin client as a term that is used to refer to a network computer or PCs which are used by businesses whose design makes them be managed centrally and their configuration makes them to lack CD/DVD players or expansion slots.... nbsp;  The thin client operating system describes a small size client OS which requires much fewer resources as compared to fat clients which are much large and high resource-dependent....
8 Pages (2000 words) Report

Information Security Program Survey

The organization also faces challenges in effectively segregating incompatible duties and managing system configurations.... Information security Program Survey (Name) (University) (Date) Information security Program Survey Introduction The National Aeronautics and Space Administration (NASA) is the United States' agency to manage the nation's aerospace research, aeronautics, and other civilian space programs.... Since the NASA needs to manage highly sensitive data, information, strategic plans, and space programs, the organization pays particular attention to its information security program....
4 Pages (1000 words) Essay

Network Infrastructure Planning

In a bid to reduce the cost of setting up new systems for each of the satellite branches, the company can opt to use New Technology File system (NTFS) permissions or Active Directory (AD) permissions (Abel, 2009).... For example, a user logs into a computer in the satellite branches that is part of the Windows domain, the Active Directory examines the passwords and usernames submitted to discern whether the user is a normal user or system administrator.... Network Infrastructure planning Name Institution Date Network Infrastructure planning Permissions are the core component of server security architecture that can be applied to manage the process of authenticating groups, users and computers to have access to files in a network (Bruce & Smith, 2011)....
3 Pages (750 words) Research Paper

The Network Management Systems

No matter how stringent a network security may be, the selected network management system is required to provide a prompt disasters management and recovery mechanisms.... There are several network management frameworks like the Information Technology Infrastructure Library (ITIL) and fault-management, configuration, accounting, performance, and security (FCAPS) framework.... There are several network management frameworks like the Information Technology Infrastructure Library (ITIL) and fault-management, configuration, accounting, performance, and security (FCAPS) framework....
11 Pages (2750 words) Research Paper

Penetration Testing in Network Security

enetration testing entails security evaluation of a company's interconnection of computer systems with an effort to circumvent the security status of its key features based on the system design and implementation of the networking services.... To attain this goal, the network system has to be well configured that unauthorized access exceptionally prohibited from the system.... Address resolution protocol spoofing aids in obtaining the network address configuration of an organization....
10 Pages (2500 words) Report

The Adoption of the SCCM System to Upgrade the Current Management System Used by the Supreme Council

Still, the system is effective because it can handle several operations, and all its associated activities can be monitored.... "The Adoption of the SCCM system to Upgrade the Current Management system Used by the Supreme Council" paper presented the problem that has led to the adoption of the SCCM system to upgrade the current management system used by the supreme council.... nbsp;… The project report is all about the development of the SCCM (system center configuration manager) system with reference to supreme council management operational frameworks....
20 Pages (5000 words) Case Study

Information Technology Operations Department - Configuration Management System

General ObjectiveAccording to Maturana and Asenjo (2015), the configuration Management Department will be responsible for the tools and infrastructure that are necessary to centrally manage the configuration related servers that are hosted at Under Milkwood.... General ObjectiveAs stated by Prafullchandra et al (2013), the configuration Management Department will also be expected to maintain a secure organization's information technology environment by taking into consideration that the confidentiality, integrity, as well as availability of critical information and systems, is safeguarded....
12 Pages (3000 words) Report
sponsored ads
We use cookies to create the best experience for you. Keep on browsing if you are OK with that, or find out how to manage cookies.
Contact Us