IT Security Risks and Risk Management for EMC Cloud Solutions - Prof. Tran Trong, Study notes of Network Design

An assessment of IT security risks for EMC Cloud Solutions, identifying vulnerabilities and assets, and outlines procedures to minimize impacts. It discusses the importance of risk management, explains the role of DMZ, Static IPs, and NAT in securing networks, and highlights the benefits of network monitoring systems. Additionally, it covers ISO 31000 risk management standards and their application to IT security.

Typology: Study notes

2016/2017

Uploaded on 09/15/2022

trinh-ngoc-hung
trinh-ngoc-hung 🇻🇳

1 document

1 / 36

Toggle sidebar

This page cannot be seen from the preview

Don't miss anything!

bg1
PROGRAM TITLE: SECURITY
UNIT TITLE: Unit 05: Security
ASSIGNMENT NUMBER: 2
ASSIGNMENT NAME: EMC Cloud Solutions
SUBMISSION DATE: ……………………………………….
DATE RECEIVED: …………………………………………….
TUTORIAL LECTURER: ……………………………………
WORD COUNT: ……………………………………………..
STUDENT NAME: DOAN ANH QUAN
STUDENT ID: BKC18382
MOBILE NUMBER: (+84)705165591
pf3
pf4
pf5
pf8
pf9
pfa
pfd
pfe
pff
pf12
pf13
pf14
pf15
pf16
pf17
pf18
pf19
pf1a
pf1b
pf1c
pf1d
pf1e
pf1f
pf20
pf21
pf22
pf23
pf24

Partial preview of the text

Download IT Security Risks and Risk Management for EMC Cloud Solutions - Prof. Tran Trong and more Study notes Network Design in PDF only on Docsity!

PROGRAM TITLE: SECURITY UNIT TITLE: Unit 05: Security ASSIGNMENT NUMBER: 2 ASSIGNMENT NAME: EMC Cloud Solutions SUBMISSION DATE: ………………………………………. DATE RECEIVED: ……………………………………………. TUTORIAL LECTURER: …………………………………… WORD COUNT: …………………………………………….. STUDENT NAME: DOAN ANH QUAN STUDENT ID: BKC MOBILE NUMBER: (+84)

Summative Feedback: Strengths : The student understands type of security risk. The student knows how implement firewall policies, DMZ and NAT. The student understands security risk assessment procedures. Weaknesses: The current state of information security has not been explored much and there is a lack of new methods in preventing threats. Recommendations for future works: The student should read instructions more carefully before starting his work. He should find more trustworthy sources information to do research on. Grade : Pass Assessor Signature: Do Van Quang Internal verification:

are actually being discussed. You are hired by the management of EMC Solutions as a Security Expert to evaluate the security-related specifics of its present system and provide recommendations on security and reliability related improvements of its present system as well as to plan the establishment of the extension on a solid security foundation.

Activity 01

Assuming the role of External Security Consultant, you need to compile a report focusing on following elements to the board of EMC Cloud Solutions; 1.1 Identify types of security risks EMC Cloud is subject to, in its present setup and the impact, such issues would create on the business itself. Explain, vulnerabilities, assets, risk – risk for the company with impact to EMC 1.2 Develop and describe security procedures for EMC Cloud to minimize the impact of issues discussed in section (1.1) by assessing and treating the risks. – procedure for identified risks (name the procedure and explain that) *M - Risk management and treatment and explain risk management process.

Activity 02

2.1 Discuss how EMC Cloud and its clients will be impacted by improper/ incorrect configurations which are applicable to firewalls and VPN solutions. – Discuss how improper or incorrect firewall configurations, improper or incorrect VPN connections, improper firewall or VPN policies will affect the security (client) of the EMC. 2.2 Explain how following technologies would benefit EMC Cloud and its Clients by facilitating a ‘ trusted network ’. (Support your answer with suitable illustrations). i) DMZ – explain with illustration and impact of this three technologies to EMC ii) Static IP – explain with illustration and impact of this three technologies to EMC -Also DHCP iii)NAT– explain with illustration and impact of this three technologies to EMC How DMZ, NAT, Static IPs helps to a trusted network should be explained 2.3 Discuss the benefits of implementing network monitoring systems.

  • Explain about SNMP/Syslog/ NetFlow/ CDP/ Explain about tools use to network monitor.
  • Benefits of network monitoring (three or more than that)

Activity 03

3.1 Formulate a suitable risk assessment procedure for EMC Cloud solutions to safeguard itself and its clients. (Risk Assessment procedure attach to this section) 3.2 Explain the mandatory data protection laws and procedures which will be applied to data storage solutions provided by EMC Cloud. You may also highlight on ISO 31000 risk management methodology.

  • Explain about data protection laws and regulations that can be related to EMC
  • Explain about ISO 31000 standard

3.3 Comment on the topic, ‘IT Security & Organizational Policy’ Explain how IT security of the organization should be align to the organization policy. (Ex- password policy/ email policy/ IT security policy etc.…) Discuss the impact of any misalignment.

Activity 04

4.1 Develop a security policy for EMC Cloud to minimize exploitations and misuses while evaluating the suitability of the tools used in an organizational policy. 4.2 Develop and present a disaster recovery plan for EMC Cloud for its all venues to ensure maximum uptime for its customers (Student should produce a PowerPoint-based presentation which illustrates the recovery plan within 15 minutes of time including justifications and reasons for decisions and options used). 4.3 ‘Creditors, directors, employees, government and its agencies, owners /shareholders, suppliers, unions, and the other parties the business draws its resources’ are the main branches of any organization. Discuss the role of these groups to implement security audit recommendations for the organization.

Contents

  • Higher Nationals.......................................................................................................................................
  • Assignment Brief – BTEC (RQF).................................................................................................................
  • I. INTRODUCTION......................................................................................................................................
  • II. LO1. Assess risks to IT security.............................................................................................................
    • issues would create on the business itself............................................................................................ 1. Identify types of security risks EMC Cloud is subject to, in its present setup, and the impact, such
      1. Describe organisational security procedures....................................................................................
      1. Risk management process................................................................................................................
  • III. LO2 Describe IT security solutions.......................................................................................................
      1. Potential impact to the organization when there is an improper firewall system and VPNs............
      • 1.1. The firewall system....................................................................................................................
      • 1.2. Virtual private network (VPN)..................................................................................................
      • 1.3. How improper firewalls and VPNs impact the EMC company?................................................
      1. How would benefit DMZ, Static IPs, and NAT?...............................................................................
      • 2.1. DMZ (Demilitarized Zone).......................................................................................................
      • 2.2. Static IP...................................................................................................................................
      • 2.3. NAT (Network Address Translation)........................................................................................
      1. Trusted Network system.................................................................................................................
      1. Network Monitoring System...........................................................................................................
  • IV. LO3 Review mechanisms to control organizational IT security..........................................................
      1. Discuss risk assessment procedures...............................................................................................
      1. Explain data protection processes and regulations as applicable to an organization.....................
      1. Summarization of ISO 31000 risk management law.......................................................................
      • 3.1 What is the law?.......................................................................................................................
      • 3.2 Summarization of ISO 31000: 2018 related to EMC company..................................................
      • 3.3 ISO 31000: 2018 Risk Management..........................................................................................
      1. Possible impacts to organizational security resulting from an IT security audit.............................
      1. IT security Audit..............................................................................................................................
      1. IT security Audits can identify the Vulnerable points and problem areas in the company.............
      1. How IT security aligned with organization policy?..........................................................................
  • V. LO4 Manage organizational security..................................................................................................
      1. Suitability of the tools used in the polices......................................................................................
      • 1.1 SECURITY POLICY......................................................................................................................
  1. Develop and present a disaster recovery plan for EMC Cloud for its all venues to ensure maximum uptime for its customers.................................................................................................... 28 VI. References......................................................................................................................................... 31

I. INTRODUCTION

  • EMC Cloud Solutions is reputed as the nation’s most reliable Cloud solution provider in VietNam. A number of high-profile businesses in VietNam including Esoft Metro Camps network, SME Bank VietNam, and WEEFM are facilitated by EMC Cloud Solutions. EMC Cloud provides nearly 500 of its customers with SaaS, PaaS & IaaS solutions with high capacity compute and storage options. Also, EMC is a selected contractor for VietNam, The Ministry of Defense for hosting government and defense systems. EMC’s central data center facility is located at VietNam along with its corporate head office in Hanoi. Their premises at Hanoi is a six-story building with the 1st floor dedicated to sales and customer services equipped with public wifi facility. Second- floor hosts the HR, Finance, and Training & Development departments, and the third floor hosts a boardroom and offices for senior executives along with the IT and Data Center departments. Floor 4,5,6 hosts computer servers that make up the data center. With the rapid growth of information technology in Ho Chi Minh City (HCMC) in recent years, EMC seeks an opportunity to extend its services to HCMC. As of yet, the organization still considers the nature of such extension with what to implement, where are the suitable location and other essential options such as security are actually being discussed. According to the scenario, in the first task, I have mentioned the vulnerabilities, threats, assets, and risks. I had to select the suitable security procedures which were required for the company.
  • Some common risks:  Physical damages: Physical damages are basically known as the damages that can happen to physical properties. There is a loss of physical security system to the EMC company because of that the possibility of happening security damages is high to the company. When a company facing to physical damage it will Cost a huge loss to the company because the properties that used by the company get damaged after that the company can’t perform well as in the past.  Equipment malfunction: Equipment malfunction means when there are no virus guards to the computers or any other electronics it’s get affected by viruses and it gradually get malfunctioning so without any security, Equipment malfunction is also a certain type of risk to the EMC company.  Loss of data: Loss of data is a part of risks that can be affected to the company. When there is no security. Of the people may doing frauds to the business. This data loss is any process or event that results in data being corrupted or deleted and badly unreadable by the user.

2. Describe organisational security procedures. - The EMC company needs to implement a variety of procedures in order to minimize the risks faced previously by the procedures and policies. Procedures and policies are the rules and regulations implemented by every company to its security, avoid various types of fraud, etc. So, these procedures and policies should obey by both employees and employers. And the other reason to implement rules and regulations is to continue the business for the future. - List of Security procedures:  Property damage claim procedure: In order to reduce possible physical damage to property, we should use several security systems. The best approach is to maintain an asset damage claim process. We can claim damages using this property damage claim procedure.  Regular inspection procedure To minimize the risk of equipment malfunction, we can do it by checking it regularly. This way we can minimize frequent equipment failures at the beginning of this process, we create a test schedule under which we have our equipment tested on a regular basis to minimize trouble.  Create backup procedures To reduce the loss of data risk we can create the backup of every data we are inputting to the computers. By that we can reduce the risk of data loss. 3. Risk management process - To long-term growth, we need to maintain the protection of the company from security breaches, data loss, natural disasters ... To manage those risks requires a management process called a management process. risk management. So what does the risk management process mean? - The risk management process means monitoring and managing potential risks in order to minimize the negative impact they may have on the organization. From security breaches, data loss, network attacks, system failures and natural disasters, an effective risk management process helps identify which risks are the biggest threats to the organization and out instructions for handling them. - To have an effective risk management process, there are three steps.

III. LO2 Describe IT security solutions

1. Potential impact to the organization when there is an improper firewall system and VPNs. 1.1. The firewall system.

  • Many companies install firewalls on each server because it is like a security system used to protect important information. A firewall is a software program used to prevent unauthorized access. When there is unauthorized access or from another private network, the company is at risk because they may obtain all internal information. So to prevent most companies from using firewall systems. Firewalls are tools that can be used to increase the security of computers connected to the network. By installing a firewall system. Firewalls have many different possibilities. The main ability it has is that it can enhance security by allowing for detailed control of system functionality.  Defend resources  Validate access  Manage and control network traffic  Record and report on events  Act as an intermediary
  • The firewall Policy Firewall policy is a set of rules that includes how to use this software so it’s easy to handle the software. This an application that is designed to control the flow of internet protocol (IP). And the firewall policy has contained the types of firewalls and Firewall Architectures. When we talk about the types of firewalls there are various kinds types, they are  Packet filters  Proxy servers  Application gateways

Packet Filters : A packet filter is a firewall that reviews each packet for user-defined filtering rules to control whether to pass or block it. For example, the filtering rule might need all Telnet requests to be dropped. Using this information, the firewall will block all packets that have a port number 23 (the default port number for Telnet) in their header. Filtering rules can be built on source IP address, destination IP address, Layer 4 (that is, TCP/ UDP) source port, and Layer 4 destination port. Thus, a packet filter makes decisions based on the network layer and the transport layer. Proxy Servers : A proxy service is an application that redirects users’ requests to the real services based on an organization’s security policy. All message between a user and the actual server occurs through the proxy server. Thus, a proxy server performs as a communications broker between clients and the real application servers. Because it performs as a checkpoint where requests are validated against specific applications, a proxy server is usually processing intensive and can become a bottleneck under heavy traffic conditions Application Gateways: An application gateway is a proxy server that offers access control at the application layer. It performs as an application-layer gateway between the protected network and the untrusted network. Because it works at the application layer, it is talented to examine traffic in detail and, therefore, is considered the most secure type of firewall. It can stop certain applications, such as FTP, from incoming the protected network. It can also log all network actions according to applications for both accounting and security audit purposes.

1.3. How improper firewalls and VPNs impact the EMC company?

  • EMC is a well-reputed cloud solution provider. EMC cloud solution Company provides SAAS, PAAS, LAAS to their customers. EMC company is doing transactions with external countries when doing those transactions firewalls and VPNs are the two software that is very important to install. Because when doing transactions through networks some unauthorized accesses can be attacked to the network system, not only that some other private networks also can attack the network system. When it gets attacked by other accesses, they can get important information about EMC company, especially by the competitors. If the competitors EMC company get the details about the company it’s a huge risk to the company to prevent these kinds of risks the firewalls are very important to install. And if there are improper firewalls also, we have to face these risks
  • The other reason was the existence of improper VPNs it’s the other problem that arises when doing online transactions because when we doing online transactions without using proper VPNs sometimes there might have web traffic, snooping and interference by these web traffics transaction can’t do properly it may buffer. From the improper VPNs the reputation of the EMC company might get damaged because of that we have to install proper VPNs

2. How would benefit DMZ, Static IPs, and NAT? 2.1. DMZ (Demilitarized Zone) - A demilitarized zone (DMZ) is a perimeter network that protects an organization’s internal local area network (LAN) from untrusted traffic. - A common DMZ meaning is a subnetwork that sits between the public internet and private networks. It exposes external-facing services to untrusted networks and adds an extra layer of security to protect the sensitive data stored on internal networks, using firewalls to filter traffic. - The end goal of a DMZ is to allow an organization to access untrusted networks, such as the internet while ensuring its private network or LAN remains secure. Organizations typically store external-facing services and resources, as well as servers for the Domain Name System (DNS), File Transfer Protocol (FTP), mail, proxy, Voice over Internet Protocol (VoIP), and web servers, in the DMZ.

2.3. NAT (Network Address Translation)

  • Network Address Translation (NAT) is designed for IP address conservation. It enables private IP networks that use unregistered IP addresses to connect to the Internet. NAT operates on a router, usually connecting two networks together, and translates the private (not globally unique) addresses in the internal network into legal addresses before packets are forwarded to another network.
  • As part of this capability, NAT can be configured to advertise only one address for the entire network to the outside world. This provides additional security by effectively hiding the entire internal network behind that address. NAT offers the dual functions of security and address conservation and is typically implemented in remote-access environments.
  • Internet needs that require Network Address Translation (NAT) are quite compound but happen so quickly that the end-user hardly knows it has occurred. A workstation inside a network makes a request to a computer on the internet. Routers within the network identify that the request is not for a resource inside the network, so they send the request to the firewall. The firewall sees the request from the computer with the internal IP. IT then makes the same request to the internet using its own public address and returns the response from the internet resource to the computer inside the private network. From the outlook of the workstation, it appears that communication is direct with the site on the internet. When NAT is used in this way, all users inside the private network access the internet have the same public IP address when they use the internet.
  • Benefits of Network Address Translation (NAT)  Reuse of private IP addresses  Enhance security for private networks by keeping internal address private from the external network  Connecting a large number of hosts to the global internet using a smaller number of public (external) IP addresses, thereby conserving IP address space.
  • How Static IPs, DMZ, NAT help the EMC company? DMZ – This refers to host or another network system that exists as a secure and intermediate network system, in other words we can define it as a path between two or more organizations internal network and the external. When EMC company dealing with their clients some external network system might be attacked to the EMCs network work system. To prevent these kinds of attacks the EMC company can use DMZ network systems Static IPs – It is a permanent number assigned to a computer through internet service provider. Static IPs are useful to web hosting or voice over internet protocol (VOIP). The main advantage of using static IPs is speed and reliability. So, when EMC company is doing transaction with external countries it needs a fast internet connection for these kinds of activities the static IPs are highly help full to the EMC company. NAT – Network address translation is used to the limits the number of public IP address that EMC company must use, for both economically and security purposes. When there is public IP address the network system of the EMS company is used to reply to the requests that comes through unknown IP address. To prevent these activities NAT is highly help full to the EMC company.