Chapter 16 Administration

manage the security of the info system
admin of security features

tradeoffs: controls in system vs. controls in environment
security vs. ease of use & productivity
security vs. cost

Place more effort in architectural & environmental controls than in system's control

centralized admin: complete view of enterprise, info consolidation & correlation, lights-out operations where all management & monitoring done remotely
reduction, categorization, prioritization of security events
automation of tasks: system installation, new user account, log analysis

Administration: maximize services to user while minimizing susceptibility to attack
but services depend on the same attributes of systems & networks that make attacks possible

Security features should be easy to install & enable & configure for specfic needs

Security activities: backups, training, cryptographic key management, user admin & access privileges, updating SW

Discovery of new ways to intentionally or unintentionally bypass or subvert security

Security adds admin cost. Much systems admin relates to security, eg. admin of identification, authentication, authorization, accountability

Admin errors are partially responsible for many security incidents.

Incidents based on known vulnerabilities could be eliminated if current patches applied.