Phase 1 Inspection
Risks can be minimized but not eliminated. Thus contingency plan
- Resource inventory: value of info assets
- Loss analysis: harm caused if lost, altered, disclosed
- Threat assessment: type & size
- Vulnerabilities: where
- Safeguards: appropriate & effective
Identify the info resources, evaluate the risks, apply security
Security can not make it impossible to suffer a loss. Can reduce
likelihood and make cost of attack prohibitve for the info gained.
Threats can not be eliminated, only anticipated. Safeguards to
minimize threats' impact.
- people: creators, consumers, caretakers of info
- property: physical stuff
- infrastructure: utilities
- human error: accidents
- system failures: HW & SW
- natural disasters
- malicious acts: human or automated attacks, theft by disgruntled
employee, hacker, spy, criminal
You as prospective target: image, activities, associations
- remote users
- security holes in SW
- spam, viruses
Vulnerability compromised by a threat causing a loss.
- Denial of service (loss of availability): most visible,
immediately apparent. Often most important to service business.
- Disclosure (loss of confidentiality): usually greatest concern
- Destruction or corruption (loss of integrity): tampering or
accident. May be most devastating type of loss.
In HW & SW, policies & procedures, people. In anything that can be
exploited by a threat.
Known vulnerabilities are most common source of intrusions. Thus
admin must keep up to date.
- design flaw
- implementation: install, admin
- innovative misuse: unanticipated
- social engineering: get people to divulge info they shouldn't
Safeguards: HW, SW, policies, procedures
proactive: protect info before it's compromised. Better but not
reactive: detect compromise and act to minimize damage. Always needed.
Evaluate current status: compare current security to areas the risk
analysis has determined to be important.
--assess policies & procedures. compare with other organizations.
--test the quality