MIS 495 Assuring Reliable and Secure IT Services - PowerPoint PPT Presentation

1 / 11
About This Presentation
Title:

MIS 495 Assuring Reliable and Secure IT Services

Description:

Based on Chapter 6 of Applegate, Austin, ... Restoration and recovery. Are the backup media readable? ... What hardware would be available to resume operations? ... – PowerPoint PPT presentation

Number of Views:219
Avg rating:3.0/5.0
Slides: 12
Provided by: steven69
Category:

less

Transcript and Presenter's Notes

Title: MIS 495 Assuring Reliable and Secure IT Services


1
MIS 495Assuring Reliable andSecure IT Services
  • Dr. Steve RossWinter 2008

Based on Chapter 6 of Applegate, Austin, and
McFarlan, Corporate Information Strategy and
Management, 7th ed., 2007.
2
The Basis for Reliability
  • Redundancy provides reliability for the Internet
  • Failure of internal infrastructure
  • How much redundancy can be afforded?
  • How costly is an outage?
  • Redundancy increases complexity
  • Rehearsals important
  • Malicious attacks

3
Availability Math
  • Components in series
  • Product of availability percentages
  • Components in parallel
  • Product of non-availability percentages

4
High-Availability Facilities
  • Uninterruptible electric power
  • Physical security
  • Climate control
  • Fire suppression
  • Network connectivity
  • Redundancy
  • N 1 N N

5
Securing against Malicious Threats
  • Classification of threats
  • External attacks denial of service
  • Intrusion
  • Viruses and worms
  • Virus requires user to do something
  • Worm replicates automatically

6
Securing against Malicious Threats
  • Defensive measures
  • Security policies
  • Firewalls
  • Authentication
  • Encryption
  • Patching and change management
  • Intrusion detection and network monitoring

7
A Security Management Framework
  • Make deliberate security decisions
  • Consider security a moving target
  • Practice disciplined change management
  • Educate users
  • Deploy multilevel technical measures

8
Managing Incidents before They Occur
  • Sound infrastructure design
  • Disciplined execution of operating procedures
  • Careful documentation
  • Established crisis management procedures
  • Rehearsing incident response

9
Managing during an Incident
  • Beware of psychological obstacles
  • Emotional responses
  • Wishful thinking
  • Political maneuvering
  • Leaping to conclusions
  • Public relations inhibition

10
Managing after an Incident
  • Rebuilding often necessary
  • Documentation very helpful
  • Analyze
  • What caused the incident
  • The quality of response and recovery
  • Future prevention

11
Questions to ask Before Your Data Center Burns
  • Backup
  • Where are original copies stored?
  • What is being backed up?
  • What is not being backed up?
  • Where are the backups stored?
  • How often is backed-up data moved to a different
    place?
  • Restoration and recovery
  • Are the backup media readable?
  • What devices are required to read the backup
    media?
  • What software is needed to read the backup media?
  • Who knows how to restore the backed-up data?
  • What hardware would be available to resume
    operations?
Write a Comment
User Comments (0)
About PowerShow.com