Assuring Reliable and Secure IT Services Tsai Blake

Redundancy Availability Math High-Availability Facilities Securing Infrastructure against Malicious Threats Incident Management and Disaster Recovery

Redundancy

Availability Math

High-Availability Facilities

Securing Infrastructure against Malicious Threats

Incident Management and Disaster Recovery

Redundancy The key to reliable systems is redundancy How much reliability to buy? Some costs of failures are intangible and hard to quantify. It is difficult to estimate the probabilities of such failure. Redundant systems are more complex than non-redundant systems, and this complexity must be managed. Technologies to assure 24*7operations get better all the time.

The key to reliable systems is redundancy

How much reliability to buy?

Some costs of failures are intangible and hard to quantify. It is difficult to estimate the probabilities of such failure.

Redundant systems are more complex than non-redundant systems, and this complexity must be managed.

Technologies to assure 24*7operations get better all the time.

Availability Math The Availability of Components in Series

Availability Math The Effect of Redundancy on Availability

High-Availability Facilities Uninterruptible Electric Power Delivery ( UPS ) Physical Security Climate Control and Fire Suppression Network Connectivity Help Desk and Incident Response Procedures N + 1 and N + N Redundancy ( Six Sigma 99.99966% )

Uninterruptible Electric Power Delivery ( UPS )

Physical Security

Climate Control and Fire Suppression

Network Connectivity

Help Desk and Incident Response Procedures

N + 1 and N + N Redundancy ( Six Sigma 99.99966% )

A Representative E-Commerce Infrastructure Redundant modules RAID Money

Securing Infrastructure against Malicious Threats Responsible managers must build defenses to secure a company’s information-related assets ─ its data, infrastructure components, and reputation ─ against this escalating threat. Who are the attackers Classification of Threats Defensive Measures A Security Management Framework Risk Management of Availability and Security

Responsible managers must build defenses to secure a company’s information-related assets ─ its data, infrastructure components, and reputation ─ against this escalating threat.

Who are the attackers

Classification of Threats

Defensive Measures

A Security Management Framework

Risk Management of Availability and Security

Who are the attackers? Some are thrill seekers with too much time on their hands. People who like the challenge of defeating defenses or getting in where they are not supposed to be. Attackers have taken a specific dislike to a company and intend to do it harm. Sinister type of attacker attempts to steal a company’s proprietary

Some are thrill seekers with too much time on their hands.

People who like the challenge of defeating defenses or getting in where they are not supposed to be.

Attackers have taken a specific dislike to a company and intend to do it harm.

Sinister type of attacker attempts to steal a company’s proprietary

Classification of Threats External Attacks “ denial of service” DoS Attack, which disable infrastructure devices by flooding them with an overwhelming number of messages. “ Distributed Denial of Service” DDoS Attack. “ Spoofing” SYN-ACK, Handshake Intrusion Viruses and Worms

External Attacks

“ denial of service” DoS Attack, which disable infrastructure devices by flooding them with an overwhelming number of messages.

“ Distributed Denial of Service” DDoS Attack.

“ Spoofing”

SYN-ACK, Handshake

Intrusion

Viruses and Worms

DoS DoS DDoS Spoofing

Defensive Measures Security Policies Firewalls Authentication Encryption Patching and Change Management Intrusion Detection and Network Monitoring Digital Certificates Public-Private Key Encryption and Digital Signatures Virtual Private Networks

Security Policies

Firewalls

Authentication

Encryption

Patching and Change Management

Intrusion Detection and Network Monitoring

Digital Certificates

Public-Private Key Encryption and Digital Signatures

Virtual Private Networks

Security Policies What kids of passwords are users allowed to create for use on company systems, and how often should users change passwords? Who is allowed to have accounts on company systems? What security features must be activated on a computer before it can connect to a company network? What services are allowed to operate inside a company’s network? What are users allowed to download? How is the security policy enforced?

What kids of passwords are users allowed to create for use on company systems, and how often should users change passwords?

Who is allowed to have accounts on company systems?

What security features must be activated on a computer before it can connect to a company network?

What services are allowed to operate inside a company’s network?

What are users allowed to download?

How is the security policy enforced?

A Security Management Framework Make Deliberate Security Decisions Consider Security a Moving Target Practice Disciplined Change Management Educate Users Deploy Multilevel Technical Measures, as Many as You can Afford

Make Deliberate Security Decisions

Consider Security a Moving Target

Practice Disciplined Change Management

Educate Users

Deploy Multilevel Technical Measures, as Many as You can Afford

Risk Management of Availability and Security Consequences Probability Low Consequence Low probability MiNOR THREATS High Consequence Low Probability High Consequence High Probability PRIORITIZE THREATS CRITICAL THREATS Low Consequence High Probability HIGH LOW 0 1 Managing Infrastructure Risks ： Consequences and Probabilities

Incident Management and Disaster Recovery Managing Incidents before The Occur Sound infrastructure design Disciplined execution of operating procedures Careful documentation Established crisis management procedures Managing during an Incident Emotional responses, including confusion, and ducking responsibility Wishful thinking and groupthink Political maneuvering, diving for cover, and ducking responsibility Leaping to conclusions and blindness to evidence that contradicts current beliefs Managing after an Incident

Managing Incidents before The Occur

Sound infrastructure design

Disciplined execution of operating procedures

Careful documentation

Established crisis management procedures

Managing during an Incident

Emotional responses, including confusion, and ducking responsibility

Wishful thinking and groupthink

Political maneuvering, diving for cover, and ducking responsibility

Leaping to conclusions and blindness to evidence that contradicts current beliefs

Managing after an Incident