Security Issues in Distributed Environment – QA

Q1

Our distributed environments have put much more responsibility on the individual users, facility management, and administrative procedures and controls than in old days. Physical security is not just the night guard who carries around a big flashlight. Now, security can be extremely technical, comes in many forms, and raise many liability and legal issues. Natural disaster, fires, floods, intruders, vandals, environmental issues, construction materials, and power supplies all need to be planned for and dealt with. Provide examples of facility management, administrative procedures, and controls to protect a distributed computer networks. You can list all aspects of relevant security issues to support your argument.

Answer:

The security of the computer systems and information has become the most important aspect for organization, and it has moved from organizational effort to individual ones. It is because the types of systems being implemented in organizations have also evolved; an example of such system is distributed computer networks where the computer has several resources distributed on different geological locations coordinating with one system. It is clear that the distributed computer networks are not placed on one location that they are meant to be secure just by securing a limited area. The security of the distributed computer network is important however the procedures and controls are to be defined on the assets to be secured. All the assets of the organization are meant to be secured, but those assets are meant to be prioritize as well (Alizabeth Calder, 2016). Securing the distributed computer networks, physical security is very important as if the unauthorized persons or intruders gain physical access to distributed computer network, he can get into the system and security of information can be compromised easily.

Natural disasters are always a threat to the security of the distributed computer networks, it is because the disaster cannot be stopped however, in this situations the damages to the assets and information can be mitigated to some extent by early time policy making and implementation methodologies and planning. The best practice to ensure the security of distributed computer network is formation of disaster recovery plan. In this system all the employees are trained to understand their roles and responsibilities in the time of any disaster that could cause a great damage to the whole computer network. In this DRP, first the security audit of the facility is performed and then appropriate actions are recommended in order to secure the facility (Firdhous, 2011). Once the natural disaster hits the center that might be flood or file, DRP is implemented in which each employee plays its part in order to secure the facility and other employees. On the other hand if people try to get unauthorized access to the computer or asset room, they must be stopped by implementing different physical barriers like fence and other boundaries so that they could not damage the asset.

The construction material is also very important in order to secure the distributed computer network, as it must be considered during the construction period. It is because the proper ventilation and other precautions must be taken so that it could be ensured only quality material is used that could stand in time of disaster as well. environmental issues like ventilations, temperature and humidity is also very important because if there is humidity in the center where asset is secured it might catch corrosion and same is the case with temperature that must be maintained as well. Routine audit of these practices and procedures is very important in order to ensure that all the aforementioned points are in place and working properly. Another important factor is the electricity that should never be discontinued, if there is every shortage of electricity it must be shifted to UPS or other electricity resources.

All these security aspects can be considered depending upon how important is the asset and the structure of the organization. All these procedures are implemented in order to secure the asset from intruders or unauthorized persons, but it cannot secure the asset from other threats like natural disaster, electricity shortage, and environmental security. All these threats can be dealt easily by conducting an audit of the facility.

Q2

Every organization must develop, implement and maintain a physical security program that contains the following control strategies: deterrence, delay, detection, assessment, and response. It is up to the organization to determine its acceptable risk level and the specific control required to fulfill the responsibility of each category. Provide examples of security controls to ensure deterrence, delay, detection, assessment, and response in real-world application. You may use fictitious examples to support your arguments.

Answer:

Each center containing distributed computer network should follow the mentioned procedures. The building must have a fence boundary so that it could control the masses or crowd in case of any chaos, moreover the asset to be secure should be in the middle of the building so that the intruders should have to face difficulty in order to gain access to that room containing the asset. The building must have also security guards who could keep the building secure from unauthorized person during the off time. Moreover the building should have verification methods in order to enter the building so that only authorized persons should enter the building, however the reception area should be separated. Moving towards the asset room, it should have cipher lock and biometric authentication method as well, so that if the intruder is able to reach the final door to asset, he must be able to pass through biometric authentication procedure that will be quite difficult.

These aforementioned procedures are applicable when the building has other authorized employees working during office hours. In order to secure the computer network assets during off hours when no one is in the building, even if the intruder get into the building, IDS can be implemented that might be expensive but it can be helpful in securing the assets (Brown, 2012). On the other hand CCTV surveillance can also help securing the asset but that will require other personals to keep an eye on the monitor screen. Moreover if the intruder still is successful in getting access to the asset room after all the security practices implemented, the room should be equipped with movement detection system that could identify the movement in the room and could trigger the alarm.  It is mandatory for security that whenever at any stage an intruder or unauthorized person is detected security alarm should be triggered in order to implement the emergency security plan.

The security audit is important thing to be implemented in organizations or centers where assets are meant to be secured, it is because there might be some new methodologies that are being adopted by intruders to gain access to asset room. Intrusion detection system is a must in case of security threat because, if intruders try to gain access to unauthorized areas, then IDS should trigger the alarm to alert the guards to take appropriate actions in order to stop the intruders (TANENBAUM, 1984). On the other hand the security guards should also be trained in appropriate way so that they know who to respond in the given situation.

Q3

This week we studied many of the different technologies within different types of networks, including how they work together to provide an environment in which users can communicate, share resources, and be productive. Each piece of networking is important to security, because any piece can introduce unwanted vulnerabilities and weakness into the infrastructure. Provide examples networking devices or components that can present vulnerabilities into the corporate networks, and how to mitigate them. You may use fictitious examples to support your arguments.

 

Answer:

The corporate networks require more security than other businesses, the reason for this more security requirement is that, the information is most important asset for them and they need to secure it at any cost. The corporate has large number of employees that have access to the network so that they can perform their duties and fulfill their job requirements. Every computer in corporate is connected to the network and has access to the database that stores all of the information. The information in organization is not meant to be accessed by everyone. Some of the information is meant to be accessible by only authorized persons in organization who have to take certain decision. Every device that is connected to network can be a gateway for intruder to gain access to sensitive information. In this regard there is need to secure the information by securing the network and the employees of the organization can also let the intruders help to get into the corporate network. This security threat to the network can be mitigated by educating employees about how to use their computer systems.

The organization should set up workshop for their employees that could educate them how to use their computers systems and other accounts while they are in or out of organization. In this security program, the employees are educated that they should never share their password and other credentials with anyone in the organization or out of the organization. They should only keep this information to themselves only. The employees should also be educated about the selection of password, what they should avoid while selecting a password for their account. Moreover the employees should not install any third party application to their computer systems without permission of network administrator. However if the employees need any application they should contact the network administrator and ask for installing that application for them. There are some third party applications, once they install they run their script and can extract information from the computers, that information may contain username, passwords and other information (Kruglov, 2014). These application may install some Trojan as well. On the other hand all the computer systems should have updated anti-virus software, it is because if there is any new virus definition, the corporate network should be secure from it as well.

Another security risk to corporate network is access to its routers that are open to the employees through Wi-Fi. The employees should be educated about not sharing Wi-Fi password as well, because it can also give a way for intruders to gain access to network.

Bibliography

Alizabeth Calder, C. R. (2016). Security Strategies for Distributed. Retrieved 4 3, 2016, from http://www.ittoday.info/AIMS/DSM/82-10-20.pdf

Brown, J. (2012, 8 1). Dissecting The Layers. Retrieved from Security Today: https://securitytoday.com/Articles/2012/08/01/Dissecting-The-Layers.aspx?Page=1

Firdhous, M. (2011). Implementation of Security in Distributed Systems – A Comparative Study. International Journal of Computer Information Systems,, 2(2), 1-6.

Institue, I. S. (2012, 12 8). Physical Security: Managing the Intruder. Retrieved from InfoSecInstitute: http://resources.infosecinstitute.com/physical-security-managing-intruder/

Kruglov, K. (2014, 11 7). Security holes in corporate networks: network vulnerabilities. Retrieved from SecureList: https://securelist.com/blog/security-policies/67452/security-holes-in-corporate-networks-network-vulnerabilities/

Marier, K. (2012, 3 5). The 5 D’s of Outdoor Perimeter Security. Retrieved from Security Magazine: http://www.securitymagazine.com/articles/82833-the-5-d-s-of-outdoor-perimeter-security

TANENBAUM, S. J. (1984). Protection and Resource Control in Distributed Operating Systems . Retrieved from Semantic Scholar: https://pdfs.semanticscholar.org/0501/f9fd35a999e17ac880873a0154c3f89f1cb1.pdf