IT Security Management: Risks, Procedures, and Disaster Recovery Plan
VerifiedAdded on 2024/05/30
|30
|6006
|199
Report
AI Summary
This report provides a comprehensive overview of IT security within organizations, beginning with identifying various types of security risks, such as unauthorized system use, data theft, physical asset damage, and natural disasters. It then describes organizational security procedures, including business continuity planning, data backup and restoration, IT security audits, and testing procedures. The report proposes a method for assessing and treating IT security risks using the ISO/IEC 27005:2011 standard. It also identifies the potential impact of incorrect firewall configurations and VPN setups on IT security, illustrating how implementing a DMZ, static IP addresses, and NAT can improve network security. Furthermore, the document discusses risk assessment procedures, data protection processes, and regulations, summarizing the ISO 31000 risk management methodology. Finally, it covers the design and implementation of a security policy, the main components of a disaster recovery plan, the impact of IT security audits, and the roles of stakeholders in implementing security audit recommendations. The document emphasizes the importance of robust security measures to protect organizational data and resources.
SECURITY
Paraphrase This Document
Need a fresh take? Get an instant paraphrase of this document with our AI Paraphraser
TABLE OF CONTENTS
Introduction......................................................................................................................................1
LO1..................................................................................................................................................2
P1 Identify types of security risks to organizations.....................................................................2
P2 Describe organizational security procedures..........................................................................4
M1 Propose a method to assess and treat IT security risks.........................................................6
LO2..................................................................................................................................................7
P3 Identify the potential impact to IT security of incorrect configuration of firewall policies
and third-party VPNs...................................................................................................................7
P4 Show, using an example for each, how implementing a DMZ, static IP and NAT in a
network can improve Network Security......................................................................................9
M2 Discuss three benefits to implement network monitoring systems with supporting reasons.
...................................................................................................................................................11
LO3................................................................................................................................................13
P5 Discuss risk assessment procedures.....................................................................................13
P6 Explain data protection processes and regulations as applicable to an organization...........15
M3 Summaries the ISO 31000 risk management methodology and its application in IT
security.......................................................................................................................................17
LO4................................................................................................................................................18
P7 Design and implement a security policy for an organisation...............................................18
P8 List the main components of an organizational disaster recovery plan, justifying the reasons
for inclusion...............................................................................................................................20
M4 Discuss possible impacts to organization security resulting from an IT security audit......22
M5 Discuss the roles of stakeholder in the organization to implement security audit
recommendations.......................................................................................................................23
Conclusion.....................................................................................................................................24
Introduction......................................................................................................................................1
LO1..................................................................................................................................................2
P1 Identify types of security risks to organizations.....................................................................2
P2 Describe organizational security procedures..........................................................................4
M1 Propose a method to assess and treat IT security risks.........................................................6
LO2..................................................................................................................................................7
P3 Identify the potential impact to IT security of incorrect configuration of firewall policies
and third-party VPNs...................................................................................................................7
P4 Show, using an example for each, how implementing a DMZ, static IP and NAT in a
network can improve Network Security......................................................................................9
M2 Discuss three benefits to implement network monitoring systems with supporting reasons.
...................................................................................................................................................11
LO3................................................................................................................................................13
P5 Discuss risk assessment procedures.....................................................................................13
P6 Explain data protection processes and regulations as applicable to an organization...........15
M3 Summaries the ISO 31000 risk management methodology and its application in IT
security.......................................................................................................................................17
LO4................................................................................................................................................18
P7 Design and implement a security policy for an organisation...............................................18
P8 List the main components of an organizational disaster recovery plan, justifying the reasons
for inclusion...............................................................................................................................20
M4 Discuss possible impacts to organization security resulting from an IT security audit......22
M5 Discuss the roles of stakeholder in the organization to implement security audit
recommendations.......................................................................................................................23
Conclusion.....................................................................................................................................24
References......................................................................................................................................25
LIST OF TABLES
Table 1: Potential benefits of network monitoring tools..............................................................11
Table 2: Types of risks..................................................................................................................21
LIST OF TABLES
Table 1: Potential benefits of network monitoring tools..............................................................11
Table 2: Types of risks..................................................................................................................21
⊘ This is a preview!⊘
Do you want full access?
Subscribe today to unlock all pages.
Trusted by 1+ million students worldwide
LIST OF FIGURES
Figure 1: Different types of security test.........................................................................................5
Figure 2: NAT interfaces.................................................................................................................9
Figure 3: DMZ in network.............................................................................................................10
Figure 5: Components of security policies....................................................................................18
Figure 1: Different types of security test.........................................................................................5
Figure 2: NAT interfaces.................................................................................................................9
Figure 3: DMZ in network.............................................................................................................10
Figure 5: Components of security policies....................................................................................18
Paraphrase This Document
Need a fresh take? Get an instant paraphrase of this document with our AI Paraphraser
Introduction
Organization applies IT solution in the network for improving it functionality and performance
which also introduce various challenges in the network. Therefore, the organization must
maintain network security which consist of various policies, standards and methods which are
used for monitoring and preventing the organization from unwanted and unauthorized access of
data and resources. In these report fundamentals of network security will be studied along with
understanding various risk associated with the organizational network. Any kind of network gaps
will result in loss and unavailability of data and resources to the users. Various policies and
strategies used in an organization for minimizing and protecting the network against the risk will
be studied. The report discusses about procedure that is required for risk assessment in the
network. Lastly the current report will illustrate a design for upholding network security that is
implemented along with implementation of several security policies. The report will also discuss
about a plan for disaster recovery if the organization faces damages.
1
Organization applies IT solution in the network for improving it functionality and performance
which also introduce various challenges in the network. Therefore, the organization must
maintain network security which consist of various policies, standards and methods which are
used for monitoring and preventing the organization from unwanted and unauthorized access of
data and resources. In these report fundamentals of network security will be studied along with
understanding various risk associated with the organizational network. Any kind of network gaps
will result in loss and unavailability of data and resources to the users. Various policies and
strategies used in an organization for minimizing and protecting the network against the risk will
be studied. The report discusses about procedure that is required for risk assessment in the
network. Lastly the current report will illustrate a design for upholding network security that is
implemented along with implementation of several security policies. The report will also discuss
about a plan for disaster recovery if the organization faces damages.
1
LO1
P1 Identify types of security risks to organizations
Some of the common risk faced by organization are discussed below:
Unauthorized use of a system:
Access is said to be unauthorized when somebody has the admission to a system, website, server,
programs. Unauthorized access is when a user tries to enter a system are where they are not
permitted. Common types of unauthorized access are Tailgating, Door Propping, Levering
Doors, Keys, Access Cards. Accessing the system Illegally will result in generation of dangerous
situations for the organizational business hence for combating this type access control
technologies must be applied. System administrators must set up alerts if any attempts of
unauthorized access attempt, along with application of user ID and passwords for securing the
systems.
Unauthorized removal or copying of data:
Unauthorized removal or copying of data is commonly called as Data thefts. Here a person or
hacker intestinally tries to steal or copy confidential organizational information to cause harm.
Common mode of data theft includes using memory cards, hard drives, emails, remote access.
These tools are used for stealing data of the organization which has some value for example,
customer details, algorithm or source code used in the system and network, network credentials,
personal information etc.
Damage of physical system assets and environment:
The hardware theft or damage occur even if the network is under the controls of administration
and technical support. Safeguarding the physical and environment are generally ignored.
However, it is most important technique to protect data and information of the organization. The
rooms and buildings that are used for storing the information and the system should be protected
appropriately so that physical damage is avoided.
Naturally occurring risks:
2
P1 Identify types of security risks to organizations
Some of the common risk faced by organization are discussed below:
Unauthorized use of a system:
Access is said to be unauthorized when somebody has the admission to a system, website, server,
programs. Unauthorized access is when a user tries to enter a system are where they are not
permitted. Common types of unauthorized access are Tailgating, Door Propping, Levering
Doors, Keys, Access Cards. Accessing the system Illegally will result in generation of dangerous
situations for the organizational business hence for combating this type access control
technologies must be applied. System administrators must set up alerts if any attempts of
unauthorized access attempt, along with application of user ID and passwords for securing the
systems.
Unauthorized removal or copying of data:
Unauthorized removal or copying of data is commonly called as Data thefts. Here a person or
hacker intestinally tries to steal or copy confidential organizational information to cause harm.
Common mode of data theft includes using memory cards, hard drives, emails, remote access.
These tools are used for stealing data of the organization which has some value for example,
customer details, algorithm or source code used in the system and network, network credentials,
personal information etc.
Damage of physical system assets and environment:
The hardware theft or damage occur even if the network is under the controls of administration
and technical support. Safeguarding the physical and environment are generally ignored.
However, it is most important technique to protect data and information of the organization. The
rooms and buildings that are used for storing the information and the system should be protected
appropriately so that physical damage is avoided.
Naturally occurring risks:
2
⊘ This is a preview!⊘
Do you want full access?
Subscribe today to unlock all pages.
Trusted by 1+ million students worldwide
Naturally occurring risk are unavoidable. Natural disaster such as hurricane, earthquakes, floods,
fire lightning can result in causing unembellished impairment to computer systems connected in
an organization. Damage of systems will cause loss of Information, reduction in productivity,
hardware damage and various other vital services will be disturbed. Natural risk also includes
war, riots, terrorist attacks and other human activity, that cannot protect the computer system
even by applying controls and policies of computer security. There are only limited safeguards
that can be applied in case of natural disasters. Best practice the organization can apply is to have
contingency and disaster-recovery plans which will be effective in restoring the loss data for
continuation of the business operation.
3
fire lightning can result in causing unembellished impairment to computer systems connected in
an organization. Damage of systems will cause loss of Information, reduction in productivity,
hardware damage and various other vital services will be disturbed. Natural risk also includes
war, riots, terrorist attacks and other human activity, that cannot protect the computer system
even by applying controls and policies of computer security. There are only limited safeguards
that can be applied in case of natural disasters. Best practice the organization can apply is to have
contingency and disaster-recovery plans which will be effective in restoring the loss data for
continuation of the business operation.
3
Paraphrase This Document
Need a fresh take? Get an instant paraphrase of this document with our AI Paraphraser
P2 Describe organizational security procedures
Organizational security:
Proper security measures and practices must be undertaken in an organization for protection of
the various information present in the network systems. Main purpose of the organizational
security procedure is to protect the network and information from unauthorized access,
corruption, destruction my minimal technical, physical and administrative involvement.
Description of security procedure that organization follows is provided below:
Business continuity
Continuity of business refers to a capability of the organization to continuing or preserving all
the important functions even after or during the occurrence of a disaster. Risk
management processes is included in business continuity method which are for avoiding
disruptions in the service which are very crucial and also to regenerate all the organizational
function effectively and fully as fast as possible. For planning a proper business continuity
plan all the unpredictable events, like natural disasters, outbreaks, fires, cyber attacks are taken
into consideration (White et al 2017). Key element of the business continuity plan includes
recovery, resilience and contingency.
Data backup and restoration
Data protection is the top priority on an organization. any kind of data loss will encourage surge
of customer complaints. Various protective methods are applied in the organization with an aim
to minimize chances of loss of data or system damage. The organization implements strict policy
of maintaining backups of data. Advance technologies like coping data to disks and clouds are
maintained which are relatively quicker and easy way of storing and retrieving data.
IT security Audits
Security audit is referred to an evaluation of organizational security in a systematic manner. It
studies and understands the information system of the organization by measuring and calculating
the performance of the network. In the process of auditing security of the network is assessed
characteristically in regarding to its environment, physical configuration, software used, process
used for information handling etc. mainly an organization opt to follow security audits for
determining the supervisory obedience.
4
Organizational security:
Proper security measures and practices must be undertaken in an organization for protection of
the various information present in the network systems. Main purpose of the organizational
security procedure is to protect the network and information from unauthorized access,
corruption, destruction my minimal technical, physical and administrative involvement.
Description of security procedure that organization follows is provided below:
Business continuity
Continuity of business refers to a capability of the organization to continuing or preserving all
the important functions even after or during the occurrence of a disaster. Risk
management processes is included in business continuity method which are for avoiding
disruptions in the service which are very crucial and also to regenerate all the organizational
function effectively and fully as fast as possible. For planning a proper business continuity
plan all the unpredictable events, like natural disasters, outbreaks, fires, cyber attacks are taken
into consideration (White et al 2017). Key element of the business continuity plan includes
recovery, resilience and contingency.
Data backup and restoration
Data protection is the top priority on an organization. any kind of data loss will encourage surge
of customer complaints. Various protective methods are applied in the organization with an aim
to minimize chances of loss of data or system damage. The organization implements strict policy
of maintaining backups of data. Advance technologies like coping data to disks and clouds are
maintained which are relatively quicker and easy way of storing and retrieving data.
IT security Audits
Security audit is referred to an evaluation of organizational security in a systematic manner. It
studies and understands the information system of the organization by measuring and calculating
the performance of the network. In the process of auditing security of the network is assessed
characteristically in regarding to its environment, physical configuration, software used, process
used for information handling etc. mainly an organization opt to follow security audits for
determining the supervisory obedience.
4
Testing procedures
The organization undergo various Security Testing, these are kind of Software Testing that are
helpful in guaranteeing that the network, system and data in the organizational network do not
have any loopholes or breaches. Tests are conducted for identifying and classifying all the
probable and possible gaps and network loopholes that may be are a reason for weakening
system leading to gateway for unauthorized access and data loss.
Figure 1: Different types of security test
Various security tests are applied for identifying the treats and vulnerabilities that in turn will be
helpful in calculating risk, through which proper measures and techniques can be implemented
for protection of the entire network.
5
SECURITY
TEST
VULNERABILITY
TEST
SECURITY
SCANNING
PENETRATION
TEST
RISK ASSESMNT
SECURITY
AUDITING
ETHICAL
HACKING
POSTURE
ASSESSMENT:
The organization undergo various Security Testing, these are kind of Software Testing that are
helpful in guaranteeing that the network, system and data in the organizational network do not
have any loopholes or breaches. Tests are conducted for identifying and classifying all the
probable and possible gaps and network loopholes that may be are a reason for weakening
system leading to gateway for unauthorized access and data loss.
Figure 1: Different types of security test
Various security tests are applied for identifying the treats and vulnerabilities that in turn will be
helpful in calculating risk, through which proper measures and techniques can be implemented
for protection of the entire network.
5
SECURITY
TEST
VULNERABILITY
TEST
SECURITY
SCANNING
PENETRATION
TEST
RISK ASSESMNT
SECURITY
AUDITING
ETHICAL
HACKING
POSTURE
ASSESSMENT:
⊘ This is a preview!⊘
Do you want full access?
Subscribe today to unlock all pages.
Trusted by 1+ million students worldwide
M1 Propose a method to assess and treat IT security risks
A number of Information Security (InfoSec) Risk Assessment techniques are present and
implement in different organization. The method of ISRA is chosen for an organization
according to the desired output result it achieves for the organizational network. One of the most
commonly used methods is using ISO/IEC 27005:2011x standard. The International
Organization for Standardization or ISO and the International Electro technical Commission
(IEC) are two organizations that helps in providing global standardization. ISO/IEC 27005:2011
is a subset of ISO27000 standard series which is capable of offering information security risk
management guidelines. And is designed for assisting the application of information security
which is according to risk management approach (ISO 27005, 2018)
Irrespective of size and structure ISO/IEC 27005 can be applied for attaining guidance and
advice in any organizations. Contents and benefit of ISO/IEC 27005 are as follows:
ISO/IEC 27005 offers guidelines that can be helpful for IT security risk management for
the organization.
This standard at present is completely associated with the risk management according to
International Standard, ISO31000. Along with ISO/IEC 27005, ISO31000 can be
implemented combined for managing the risk more accurately.
Combined concepts of ISO27001 and ISO27002 are used in ISO27005, providing better
and successful framework to the organization for managing their information security
efficiently.
6
A number of Information Security (InfoSec) Risk Assessment techniques are present and
implement in different organization. The method of ISRA is chosen for an organization
according to the desired output result it achieves for the organizational network. One of the most
commonly used methods is using ISO/IEC 27005:2011x standard. The International
Organization for Standardization or ISO and the International Electro technical Commission
(IEC) are two organizations that helps in providing global standardization. ISO/IEC 27005:2011
is a subset of ISO27000 standard series which is capable of offering information security risk
management guidelines. And is designed for assisting the application of information security
which is according to risk management approach (ISO 27005, 2018)
Irrespective of size and structure ISO/IEC 27005 can be applied for attaining guidance and
advice in any organizations. Contents and benefit of ISO/IEC 27005 are as follows:
ISO/IEC 27005 offers guidelines that can be helpful for IT security risk management for
the organization.
This standard at present is completely associated with the risk management according to
International Standard, ISO31000. Along with ISO/IEC 27005, ISO31000 can be
implemented combined for managing the risk more accurately.
Combined concepts of ISO27001 and ISO27002 are used in ISO27005, providing better
and successful framework to the organization for managing their information security
efficiently.
6
Paraphrase This Document
Need a fresh take? Get an instant paraphrase of this document with our AI Paraphraser
LO2
P3 Identify the potential impact to IT security of incorrect configuration of firewall policies and
third-party VPNs
Incorrect firewall configuration
Firewall plays a significant role in providing network security therefore it must be configured
properly. But is the configuration of the firewall being not proper it may result various network
breaches. If the configuration of firewall policies is not proper it will encourage unauthorised
user to enter the organisation and access important information and resources of the network.
Organisational data and files can be misused for various reasons like rivalry and personal use,
affecting the overall functionality of the organisation. Hackers can easily interfere using open
ports which will mainly result in data loss and they are even capable of misleading the
authenticate network users by altering or blocking their access to the stored data and available
resources of the organisation. Wrong configuration of firewall will lead to generation of network
breach that will in turn disturb security, accuracy and consistency (Stallings, 2000).
Firewall policies having, Shadowed rules, Unused rules, Unattached objects, Expired rules , and
Rules t are not optimally ordered should be discarded as soon as possible as it may leads in the
generation of issues such as, poor accountability, lack of visibility and undetected network
breaches.
Incorrect VPN configuration
Virtual private network operates through binary mode. If the connection of the VPN is not secure
then in most cases traffic sent does not reach a secured resource causing security breaches.
Common issues of VPN if not configured effectively are stated below:
Mismatch of Shared Key: This is one of the most commonly occurring errors that is found if
the configuration of the VPN connection is not proper. Shared key mismatches are listed as psk
mismatch errors. Hence it is recommended to verify the value of Shared Key for a VPN
connection.
Isolated Networks: The connection of VPN will fail in case of remote vDC/vApp network.
7
P3 Identify the potential impact to IT security of incorrect configuration of firewall policies and
third-party VPNs
Incorrect firewall configuration
Firewall plays a significant role in providing network security therefore it must be configured
properly. But is the configuration of the firewall being not proper it may result various network
breaches. If the configuration of firewall policies is not proper it will encourage unauthorised
user to enter the organisation and access important information and resources of the network.
Organisational data and files can be misused for various reasons like rivalry and personal use,
affecting the overall functionality of the organisation. Hackers can easily interfere using open
ports which will mainly result in data loss and they are even capable of misleading the
authenticate network users by altering or blocking their access to the stored data and available
resources of the organisation. Wrong configuration of firewall will lead to generation of network
breach that will in turn disturb security, accuracy and consistency (Stallings, 2000).
Firewall policies having, Shadowed rules, Unused rules, Unattached objects, Expired rules , and
Rules t are not optimally ordered should be discarded as soon as possible as it may leads in the
generation of issues such as, poor accountability, lack of visibility and undetected network
breaches.
Incorrect VPN configuration
Virtual private network operates through binary mode. If the connection of the VPN is not secure
then in most cases traffic sent does not reach a secured resource causing security breaches.
Common issues of VPN if not configured effectively are stated below:
Mismatch of Shared Key: This is one of the most commonly occurring errors that is found if
the configuration of the VPN connection is not proper. Shared key mismatches are listed as psk
mismatch errors. Hence it is recommended to verify the value of Shared Key for a VPN
connection.
Isolated Networks: The connection of VPN will fail in case of remote vDC/vApp network.
7
Unsupported VPN Types: There are some types of VPNs which do not supported VPN
connections between the Data Centres and n-premise networks.
NAT Traversal, on-premise (peer site) network does not support is placed behind a NAT device.
Source for the encryption domain must not be placed in NAT address but is behind NaviCloud
Director Firewall.
8
connections between the Data Centres and n-premise networks.
NAT Traversal, on-premise (peer site) network does not support is placed behind a NAT device.
Source for the encryption domain must not be placed in NAT address but is behind NaviCloud
Director Firewall.
8
⊘ This is a preview!⊘
Do you want full access?
Subscribe today to unlock all pages.
Trusted by 1+ million students worldwide
1 out of 30
Related Documents
Your All-in-One AI-Powered Toolkit for Academic Success.
+13062052269
info@desklib.com
Available 24*7 on WhatsApp / Email
![[object Object]](/_next/static/media/star-bottom.7253800d.svg)
Unlock your academic potential
Copyright © 2020–2025 A2Z Services. All Rights Reserved. Developed and managed by ZUCOL.