Assuring Reliable and Secure IT Services - PowerPoint PPT Presentation

1 / 17
About This Presentation
Title:

Assuring Reliable and Secure IT Services

Description:

Intrusion (technological, patches, 'social engineering, back door, Trojan horses) ... Patching and Change Management (keeping system updated) ... – PowerPoint PPT presentation

Number of Views:62
Avg rating:3.0/5.0
Slides: 18
Provided by: csupo
Category:

less

Transcript and Presenter's Notes

Title: Assuring Reliable and Secure IT Services


1
Assuring Reliable and Secure IT Services
  • Chapter 6

2
IT Redundancy Its Value
  • Risk
  • Likelihood (frequency, pattern, etc.)
  • Consequences (business cost and other
    implications)

3
IT Redundancy Its Value
  • How much reliability to buy?
  • Customer Service impacted as a result of 15
    minutes downtime?
  • Privacy?
  • Security?
  • Normal Accidents?

4
Availability Math
  • 5 nines reliability (99.999 available 1 sec /
    day unavailable)
  • Availability of Components in Series

5
(No Transcript)
6
(No Transcript)
7
Availability Math
  • The effect of Redundancy on Availability
  • High Availability Facilities
  • N1 And NN Redundancy

8
(No Transcript)
9
(No Transcript)
10
Availability Math
  • Costly to provided needed redundancy
  • Tradeoff between availability and expense

11
(No Transcript)
12
High Availability Facilities
  • UPS
  • Duplicate power supplies sources
  • Multiple suppliers of various services (network
    capacity, phone service, etc.)
  • Physical security
  • Guards
  • Windows
  • Hardened site
  • HVAC
  • Support centers
  • NOCs
  • Help Desk

13
Securing Infrastructure Against Malicious Threats
  • Dont forget natural disasters (not malicious,
    but inevitable)
  • Classification of Threats
  • External Attacks (DoS, DDoS)
  • Intrusion (technological, patches, social
    engineering, back door, Trojan horses)
  • Viruses and Worms

14
Securing Infrastructure Against Malicious Threats
  • Defensive Measures
  • Firewalls
  • Security Policies User Education
  • Authentication (strong authentication,
    biometrics)
  • Encryption
  • Patching and Change Management (keeping system
    updated)
  • Intrusion Detection and Network Monitoring

15
(No Transcript)
16
A Security Management Framework
  • Make Deliberate Security Decisions
  • Consider Security a Moving Target
  • Practice Disciplined Change Management
  • Educate Users
  • Deploy Multilevel Technical Measures, as many as
    you can afford

17
Risk Management of Availability and Security
  • See Figure 6.9 Managing Infrastructure Risk p445
  • Incident Management and Disaster Recovery
  • Managing incidents before they occur (see page
    447)
  • Managing incidents when they occur
  • Managing incidents after they occur
Write a Comment
User Comments (0)
About PowerShow.com