unit 8 essay
docx
keyboard_arrow_up
School
Columbia Southern University *
*We aren’t endorsed by this school
Course
SEC 4302
Subject
Information Systems
Date
Dec 6, 2023
Type
docx
Pages
6
Uploaded by briandjones127
Running head: UNIT VIII ESSAY
1
Unit VIII Essay
Brian Jones
Columbia Southern University
UNIT VIII ESSAY
2
Unit VIII Essay
Use of distributed applications has become a more commonplace method in modern
workplace environments. By having applications housed on servers, it allows for the use of
individual components of an application to be used instead of having the entire application
present on each workstation or computer. The domain that makes this possible is the
system/application domain.
The system/application domain has one thing in common with other domains of
information sharing infrastructure, the need to keep the data secure. Two of the main aspects of
this security are keeping data available for use and keeping it safe from unauthorized access. In
this particular domain, this is accomplished by centralizing business functions on networked
servers. This will allow for a centralized control process that will determine how the data is
stored and how it is accessed. The first step in the process of protecting this data is to classify
what data is private or sensitive, then work from there to design controls to safeguard it.
Unlike the other domains, that are more concerned with security of the data as it travels
from one network to the next, the system/application domain focuses on the security of data as it
is in use and being stored. The advantage of having the data and components centralized is that
multiple layers of security can be implemented to keep data secure. For instance, having data on
a server would require and attacker to first penetrate the network, then locate and access a server
within the domain, and finally run a program to collect the data (Weiss & Solomon, 2016). There
are multiple areas just within that scenario alone to deploy security measures.
Security Controls
When deploying security controls for the system/application domain, it is considered a
best practice to use simple, layered security. The main emphasis on the simple aspect. Having
UNIT VIII ESSAY
3
layered security that is too complex requires much effort to design, implement, and monitor.
These overly complex controls also have a greater chance of failure and would therefore defeat
their purpose. Complex controls can also sacrifice availability for security and make it more
difficult for authorized user to access the data they need. The controls typically used in this
domain fall into one of these three categories.
Isolation of data. One or more databases usually house a company’s sensitive data. Due to
this fact, it is imperative to place barriers between the data and other entities. Firewalls,
network design and subnets are all examples of barriers that can be placed between data
and outside entities.
Limited access to data. As with other domains, one of the most effective controls is the
limiting of access to data. Most operating systems offer at least one mechanism that will
authenticate a user, or group of users, as having been authorized to access the data.
Similarly, using network authentication will limit access of unauthorized devices.
Redundancy. Functionality and availability are of paramount importance. Should data
become lost or compromised, it would lose both of those attributes. Therefore, it is wise
to implement a control policy to enable redundancy. With redundant copies of the data,
work can carry on even in the event of a data loss or breach.
Several other domains also have many of these same attributes. However, the
system/application domain is the domain that, in essence, acts as a repository for all the
company’s sensitive data. Therefore, the security controls in this domain are the controls
closest to the data. Should an attacker breach the defenses in other domains and reach the
system/application domain, they would be remarkably close to their end goal. By having
Your preview ends here
Eager to read complete document? Join bartleby learn and gain access to the full version
- Access to all documents
- Unlimited textbook solutions
- 24/7 expert homework help
UNIT VIII ESSAY
4
additional security measures in place within this domain will ensure that the data remains
secure and unaltered.
Physical Security and Server Room
In addition to the system and IT controls, there must also be thought given to physical
controls for this domain. The data, and potentially backups, will be housed in a dedicated space
within the facility. Access to this room should be limited to only those employees that have been
given access by management. The doorway into this room should feature a heavy-duty lock at
the very least. Biometrics or some other means of verification would be best.
The room that houses the servers will also have some specific needs. Regular fire
suppression systems typically rely on water to douse a fire. The problem there is that electronic
components and water do not mix well. It is therefore recommended that any room housing
servers utilize a “dry”, gaseous extinguishing system. These systems not only extinguish fire, but
also protect the components (Edwards & Bhuta, 2017).
Finally, servers generate a lot of heat. A dedicated ventilation/HVAC system may need to
be installed to ensure the components do not overheat. Also, depending on local weather,
humidity may become an issue in the warmer months. A dehumidifier may need to be installed to
prevent failure of the components from moisture.
Compliance Requirements
The system/application domain is no different than other domains when it comes to
compliance. The various laws that govern the specifics of how best to keep data confidential
should be followed to maintain this compliance. Standards such as HIPAA and PCI dictate how
data is classified and what is considered sensitive or personal.
Procedures and Best Practices
UNIT VIII ESSAY
5
There is a myriad of best practices that can be employed to not only keep the
system/application domain secure, but in compliance as well.
Use one firewall at a bare minimum to limit network traffic from other domains to
authorized traffic only.
Use defined controls to limit access to data.
Ensure that all data is encrypted, even backup copies.
Frequently update operating system and software to the latest available configuration.
Use application monitoring system to highlight availability or performance issues.
Again, these are but a few of the procedures that can be established to keep data away
unauthorized users. These best practices will also help to facilitate the availability of the data and
enhance integrity as well.
Summary
In summation, the system/application domain can be an exceptionally useful tool to
improve efficiency within a workplace setting. Much like the other domains, it must be looked
after and monitored to ensure that it fulfills its job. During audits, should any findings appear, the
source of the finding should be traced back and corrected. Password requirements may need to
be modified. Access to various servers may need to be further restricted. Should the company
expand, policies may need to be instituted for satellite locations. These are a few examples that
may, or may not, come into play. That defines the true importance of the audit as a business tool.
During the audit is the prime time to view the stability and security of the network. After the
audit has concluded, the changes that need to be made can be studied and improved upon.
UNIT VIII ESSAY
6
References
Edwards, J. A., & Bhuta, D. (2017). Fire protection engineers should understand which clean
agent fire suppression system is most appropriate for a mission critical facility.
Consulting Specifying Engineer
, 54(4). Retrieved from
http://eds.b.ebscohost.com.libraryresources.columbiasouthern.edu/eds/pdfviewer/pdfview
er?vid=0&sid=6aa462f9-824b-4bcf-8da7-4226baafbcca%40pdc-v-sessmgr01
Weiss, M. M., & Solomon, M. G. (2016).
Auditing IT infrastructures for compliance
(2nd ed.).
Burlington, MA: Jones & Bartlett Learning
Your preview ends here
Eager to read complete document? Join bartleby learn and gain access to the full version
- Access to all documents
- Unlimited textbook solutions
- 24/7 expert homework help