Higher Nationals
Internal verification of assessment decisions – BTEC (RQF)
INTERNAL VERIFICATION – ASSESSMENT DECISIONS
Programme title
Assessor
Unit(s)
Assignment title
BTEC Higher National Diploma in Computing
Mis. Gimhani
Internal Verifier
Unit 05: Security
EMC Cloud Solutions
Student’s name
List which assessment
criteria the Assessor has
awarded.
Pass
Merit
Distinction
INTERNAL VERIFIER CHECKLIST
Do the assessment criteria awarded match
those shown in the assignment brief?
Is the Pass/Merit/Distinction grade awarded
justified by the assessor’s comments on the
student work?
Has the work been assessed
accurately?
Y/N
Y/N
Y/N
Is the feedback to the student:
Give details:
• Constructive?
• Linked to relevant assessment
criteria?
Y/N
Y/N
• Identifying opportunities for
improved performance?
• Agreeing actions?
Does the assessment decision need
amending?
Sandun Blazon Lanka Poulier
Y/N
Y/N
Y/N
Unit - 05
011362
Assessor signature
Date
Internal Verifier signature
Date
Programme Leader signature(if
required)
Date
Confirm action completed
Remedial action taken
Give details:
Assessor signature
Date
Internal Verifier
signature
Date
Programme Leader
signature (if required)
Date
Sandun Blazon Lanka Poulier
Unit - 05
011362
Higher Nationals - Summative Assignment Feedback Form
Student Name/ID
Sandun Poulier/ KAN-A - 011362
Unit Title
Unit 05: Security
Assignment Number
1
Assessor
2020.10.15
Date Received 1st
submission
Submission Date
Mis. Gimhani
Date Received 2nd
submission
Re-submission Date
Assessor Feedback:
LO1. Assess risks to IT security
Pass, Merit & Distinction
P1
Descripts
LO2. Describe IT security solutions.
P2
M1
D1
Pass, Merit & Distinction
Descripts
P4
M2
D1
P3
LO3. Review mechanisms to control organisational IT security.
Pass, Merit & Distinction
P5
P6
M3
Descripts
M4
D2
LO4. Manage organisational security.
Pass, Merit & Distinction
Descripts
Grade:
P7
P8
M5
D3
Assessor Signature:
Date:
Assessor Signature:
Date:
Resubmission Feedback:
Grade:
Internal Verifier’s Comments:
Signature & Date:
* Please note that grade decisions are provisional. They are only confirmed once internal and external moderation has taken place and grades
decisions have been agreed at the assessment board.
Sandun Blazon Lanka Poulier
Unit - 05
011362
Assignment Feedback
Formative Feedback: Assessor to Student
Action Plan
Summative feedback
Feedback: Student to Assessor
Sandun Blazon Lanka Poulier
Unit - 05
011362
Assessor
signature
Date
Student signature
Date
Sandun Blazon Lanka Poulier
Unit - 05
011362
Pearson
Higher Nationals in
Computing
Unit 5 : Security
General Guidelines
1. A Cover page or title page – You should always attach a title page to your assignment. Use previous
page as your cover sheet and be sure to fill the details correctly.
2. This entire brief should be attached in first before you start answering.
Sandun Blazon Lanka Poulier
Unit - 05
011362
3. All the assignments should prepare using word processing software.
4. All the assignments should print in A4 sized paper, and make sure to only use one side printing.
5. Allow 1” margin on each side of the paper. But on the left side you will need to leave room for
binging.
Word Processing Rules
1. Use a font type that will make easy for your examiner to read. The font size should be 12 point,
and should be in the style of Time New Roman.
2. Use 1.5 line word-processing. Left justify all paragraphs.
3. Ensure that all headings are consistent in terms of size and font style.
4. Use footer function on the word processor to insert Your Name, Subject, Assignment No, and
Page Number on each page. This is useful if individual sheets become detached for any reason.
5. Use word processing application spell check and grammar check function to help edit your
assignment.
Important Points:
1. Check carefully the hand in date and the instructions given with the assignment. Late submissions
will not be accepted.
2. Ensure that you give yourself enough time to complete the assignment by the due date.
3. Don’t leave things such as printing to the last minute – excuses of this nature will not be accepted
for failure to hand in the work on time.
4. You must take responsibility for managing your own time effectively.
5. If you are unable to hand in your assignment on time and have valid reasons such as illness, you
may apply (in writing) for an extension.
6. Failure to achieve at least a PASS grade will result in a REFERRAL grade being given.
7. Non-submission of work without valid reasons will lead to an automatic REFERRAL. You will then
be asked to complete an alternative assignment.
8. Take great care that if you use other people’s work or ideas in your assignment, you properly
reference them, using the HARVARD referencing system, in you text and any bibliography,
otherwise you may be guilty of plagiarism.
9. If you are caught plagiarising you could have your grade reduced to A REFERRAL or at worst you
could be excluded from the course.
Sandun Blazon Lanka Poulier
Unit - 05
011362
Student Declaration
I hereby, declare that I know what plagiarism entails, namely to use another’s work and to present it as
my own without attributing the sources in the correct way. I further understand what it means to copy
another’s work.
1. I know that plagiarism is a punishable offence because it constitutes theft.
2. I understand the plagiarism and copying policy of the Edexcel UK.
3. I know what the consequences will be if I plagiaries or copy another’s work in any of the
assignments for this program.
4. I declare therefore that all work presented by me for every aspects of my program, will be my
own, and where I have made use of another’s work, I will attribute the source in the correct way.
5. I acknowledge that the attachment of this document signed or not, constitutes a binding
agreement between myself and Edexcel UK.
6. I understand that my assignment will not be considered as submitted if this document is not
attached to the attached.
Student’s Signature:
(Provide E-mail ID)
Date: 2020/10/15
(Provide Submission Date)
Poulier123456@gmail.com
Assignment Brief
Sandun Blazon Lanka Poulier
Unit - 05
011362
Student Name /ID Number
Sandun Poulier/ KAN-A - 011362
Unit Number and Title
Unit 5- Security
Academic Year
2019/2020
Unit Tutor
Assignment Title
EMC Cloud Solutions
Issue Date
Submission Date
15/10/2020
IV Name & Date
Submission Format:
The submission is in the form of an individual written report. This should be written in a concise, formal
business style using single spacing and font size 12. You are required to make use of headings, paragraphs
and subsections as appropriate, and all work must be supported with research and referenced using the
Harvard referencing system. Please also provide an end list of references using the Harvard referencing
system.
Unit Learning Outcomes:
LO1 Assess risks to IT security.
LO2 Describe IT security solutions.
LO3 Review mechanisms to control organisational IT security.
LO4 Manage organisational security.
Sandun Blazon Lanka Poulier
Unit - 05
011362
Assignment Brief and Guidance:
Sandun Blazon Lanka Poulier
Unit - 05
011362
EMC Cloud Solutions is reputed as the nation’s most reliable Cloud solution provider in Sri Lanka.
A number of high profile businesses in Sri Lanka including Esoft Metro Camps network, SME Bank Sri
Lanka and WEEFM are facilitated by EMC Cloud Solutions. EMC Cloud provides nearly 500 of its
customers with SaaS, PaaS & IaaS solutions with high capacity compute and storage options. Also EMC
is a selected contractor for Sri Lanka, The Ministry of Defense for hosting government and defense
systems.
EMC’s central data center facility is located at Colombo Sri Lanka along with its corporate head-office in
Bambalapitiya. Their premises at Bambalapitiya is a six story building with the 1st floor dedicated to sales
and customer services equipped with public wifi facility. Second-floor hosts HR, Finance and Training &
Development departments and the third-floor hosts boardroom and offices for senior executives along
with the IT and Data center department. Floor 4,5,6 hosts computer servers which make up the data
center.
With the rapid growth of information technology in Kandy area in recent years, EMC seeks opportunity to
extend its services to Kandy, Sri Lanka. As of yet, the organization still considers the nature of such
extension with what to implement, where is the suitable location and other essential options such as
security are actually being discussed.
You are hired by the management of EMC Solutions as a Security Expert to evaluate the security-related
specifics of its present system and provide recommendations on security and reliability related
improvements of its present system as well as to plan the establishment of the extension on a solid
security foundation.
Sandun Blazon Lanka Poulier
Unit - 05
011362
Activity 01
Assuming the role of External Security Consultant, you need to compile a report focusing on following
elements to the board of EMC Cloud Solutions;
1.1 Identify types of security risks EMC Cloud is subject to, in its present setup and the impact, such
issues would create on the business itself.
1.2 Develop and describe security procedures for EMC Cloud to minimize the impact of issues discussed
in section (1.1) by assessing and treating the risks.
Activity 02
2.1 Discuss how EMC Cloud and its clients will be impacted by improper/ incorrect configurations which
are applicable to firewalls and VPN solutions.
2.2 Explain how following technologies would benefit EMC Cloud and its Clients by facilitating a
‘trusted network’. (Support your answer with suitable illustrations).
=[;]’t\[i) DMZ
ii) Static IP
iii)NAT
2.3 Discuss the benefits of implementing network monitoring systems.
Activity 03
3.1 Formulate a suitable risk assessment procedure for EMC Cloud solutions to safeguard itself and its
clients.
3.2 Explain the mandatory data protection laws and procedures which will be applied to data storage
solutions provided by EMC Cloud. You may also highlight on ISO 3100 risk management methodology.
3.3 Comment on the topic, ‘IT Security & Organizational Policy’
Sandun Blazon Lanka Poulier
Unit - 05
011362
Activity 04
4.1 Develop a security policy for EMC Cloud to minimize exploitations and misuses while evaluating the
suitability of the tools used in an organizational policy.
4.2 Develop and present a disaster recovery plan for EMC Cloud for its all venues to ensure maximum
uptime for its customers (Student should produce a PowerPoint-based presentation which illustrates the
recovery plan within 15 minutes of time including justifications and reasons for decisions and options
used).
4.3 ‘Creditors, directors, employees, government and its agencies, owners /
shareholders, suppliers, unions, and the other parties the business draws its resources’ are the main
branches of any organization. Discuss the role of these groups to implement security audit
recommendations for the organization.
Sandun Blazon Lanka Poulier
Unit - 05
011362
Table of Contents
Table of figures ............................................................................................................................. 16
Acknowledgement ........................................................................................................................ 17
Task 1 ............................................................................................................................................ 18
1.1 Identify types of security risks EMC Cloud is subject to, in its present setup and the
impact, such issues would create on the business itself. ........................................................... 18
1.1.2 EMC cloud solution ..................................................................................................... 18
1.2 Develop and describe security procedures for EMC Cloud to minimize the impact of issues
discussed in section (1.1) by assessing and treating the risks. .................................................. 19
1.2.1 Security procedures for EMC Cloud to minimize the impact of issues by assessing and
treating the risks. ................................................................................................................... 19
Task 2 ............................................................................................................................................ 20
2.1 Discuss how EMC Cloud and its clients will be impacted by improper/ incorrect
configurations which are applicable to firewalls and VPN solutions. ...................................... 20
2.1.1 EMC Cloud and its clients will be impacted by improper/ incorrect configurations
which are applicable to firewalls and VPN solutions. .......................................................... 20
2.2 Explain how following technologies would benefit EMC Cloud and its Clients by
facilitating a ‘trusted network’. (Support your answer with suitable illustrations). (1. DMZ 2.
Static IP 3. NAT) ...................................................................................................................... 23
2.2.1 DMZ zone .................................................................................................................... 23
2.2.2 Trusted Networks ......................................................................................................... 26
2.2.3 Static IP ........................................................................................................................ 26
2.2.4 NAT ............................................................................................................................. 27
2.3 Discuss the benefits of implementing network monitoring systems. ................................. 31
Task 3 ............................................................................................................................................ 34
3.1 Formulate a suitable risk assessment procedure for EMC Cloud solutions to safeguard
itself and its clients.................................................................................................................... 34
3.2 Explain the mandatory data protection laws and procedures which will be applied to data
storage solutions provided by EMC Cloud. You may also highlight on ISO 3100 risk
management methodology. ....................................................................................................... 36
3.3 Comment on the topic, ‘IT Security & Organizational Policy’ .......................................... 37
3.3.1 IT security policy ......................................................................................................... 37
3.3.2 Organizational Policy................................................................................................... 38
Task 4 ............................................................................................................................................ 39
Sandun Blazon Lanka Poulier
Unit - 05
011362
4.1 Develop a security policy for EMC Cloud to minimize exploitations and misuses while
evaluating the suitability of the tools used in an organizational policy. ................................... 39
4.2 Develop and present a disaster recovery plan for EMC Cloud for its all venues to ensure
maximum uptime for its customers (Student should produce a PowerPoint-based presentation
which illustrates the recovery plan within 15 minutes of time including justifications and
reasons for decisions and options used). ................................................................................... 40
4.3 ‘Creditors, directors, employees, government and its agencies, owners /
shareholders, suppliers, unions, and the other parties the business draws its resources’ are the
main branches of any organization. Discuss the role of these groups to implement security
audit recommendations for the organization............................................................................. 40
4.3.1 Implement security audit recommendations for the organization................................ 41
Appendix ....................................................................................................................................... 43
Gantt chart ..................................................................................................................................... 46
Sandun Blazon Lanka Poulier
Unit - 05
011362
Table of figures
Figure 1: CIA triangle ................................................................................................................ 19
Figure 2: DMZ (demilitarized zone) ......................................................................................... 24
Figure 3: Example of a DMZ zone ............................................................................................ 25
Figure 4: setting up Static IP ..................................................................................................... 26
Figure 5: network Address Translation (NAT) ....................................................................... 29
Figure 6: What is PAT - Port Address Translation (NAT Overload) .................................... 30
Sandun Blazon Lanka Poulier
Unit - 05
011362
Acknowledgement
I’ve taken several efforts in this project to make it a success. However, it would not have been
possible without either the support or help of any individual. I would like give my sincere thanks
to all of the ones who helped and supported me in this project.
I highly thank my lecturer Mr. Sudesh for his guidance and endless supervision as well as for
providing necessary information regarding the project and for his sustenance in completing the
project.
And also I would like to express my gratitude towards my parents for their cooperation,
encouragement, which was a great help for me to complete this project. Moreover, my friends
deserve the thanks and appreciations in developing the project and also to the people who have
willingly helped me.
Sandun Blazon Lanka Poulier
Unit - 05
011362
Task 1
1.1 Identify types of security risks EMC Cloud is subject to, in its present
setup and the impact, such issues would create on the business itself.
1.1.2 EMC cloud solution
Since the EMC’s central data center facility is located at Colombo Sri Lanka along with its
corporate head-office in Bambalapitiya it seeks opportunity to extend its services to Kandy, Sri
Lanka. Being a security expert in a company like cloud solution there we come across numerous
threats and risk. According to the EMC cloud solution there we find numerous risks as follows,
Due to malicious attacks by the service providers EMC cloud service might be loss or even natural
disasters or data deletions could occur or happen. Accordingly, a solution doesn’t have a rescue
plan, long loosing sensitive information could be a huge loss for the solution. Since there are pretty
amount of servers in the EMC cloud solution heat on the server’s causes to control the temperature
should be low, so that the air cooler should be working well. Because of the climate in Sri Lanka
power cuts happen frequently not only power cuts but also electric maintenance, voltage problems
and etc. may happen which is a threat to the company.
Moreover, a computer security is the protection of computer systems from theft or damage
to their hardware, software or even electronic data, as well as from trouble or misdirection of the
services they provide. As human beings we could not control the natural disasters. Nature risks or
threats occurs naturally. Disasters like lightning floods, cyclone, storms and etc. might occur and
could not be controlled by human beings. But we can minimize them.
EMC cloud which already has a public Wi-Fi facility might be a risk to the solution as it is
the public people might connect their devices to the EMC’s public Wi-Fi so that the hackers could
easily access through the public Wi-Fi and this could lead to lose the sensational information’s or
the company records hacked. If there is no proper storage system in a company like EMC cloud
which is a backup, due to any physical threats like natural disasters, computer crashes, or even
deleted records and documents and sensational details may cause either a great loss or damage to
the company.
Sandun Blazon Lanka Poulier
Unit - 05
011362
Figure 1: CIA triangle
Confidentiality, integrity and availability, also known as the CIA triad, is a model designed
to guide policies for information security within an organization. The model is also sometimes
referred to as the AIC triad (availability, integrity and confidentiality) to avoid confusion with
the Central Intelligence Agency. The elements of the triad are considered the three most crucial
components of security (Rouse, 2019).
1.2 Develop and describe security procedures for EMC Cloud to minimize the
impact of issues discussed in section (1.1) by assessing and treating the risks.
1.2.1 Security procedures for EMC Cloud to minimize the impact of issues by assessing and
treating the risks.
To minimize the problems and issues from the natural disasters (said accordingly in above activity
1.1) a proper backup plan should be arranged. The disaster recovery plan covers will manage and
how we will do it. All these devices should be moved for a place where natural disasters won’t
affect these like flood for example (keys, routers, firewalls, servers) and low cost (computers and
printers) to make the most expensive. If EMC cloud designed a server room or data center, it’s
good for keeping these devices and staffs in a part of EMC cloud building, which will not be
Sandun Blazon Lanka Poulier
Unit - 05
011362
affected by the flood which occurs at the ground level, which will be protected and be safe to move
those devices and things to that relevant server room or data room if flood occurs suddenly.
Create and manage good documentation for the networks and resources used by large IT
departments. It means that there are strictly controlled entries for passwords and access points, it’s
better to Use IT tools that allow you to figure out unseen internet access pass through network
(malware or hackers access) and warns to detect possible tamper events.
In Sri Lanka generally power cuts happening as usual because of climate change, electricity
maintenance, voltage problems etc. so it is required to have many UPS in the server farm with the
goal that the work done won't be lost when the current is no more. Staff individuals ought to
dependably be checked deliberately utilizing legitimate bosses, CCTV cameras and just approved
people ought to be permitted to enter particular spots of the server farm. The idea that many
security managers are new is finding an internal threat and encouraging people to use or encourage
them. Understanding these behavioral components is an important tool, especially against an IT
sabotage of EMC cloud. High Digital CCTV cameras should be fixed on every area where there
is very important Data, especially a camera should be fixed in the server room, 24 hours’ following
should be existing and the clips should be squared whenever it is possible.
Task 2
2.1 Discuss how EMC Cloud and its clients will be impacted by improper/
incorrect configurations which are applicable to firewalls and VPN solutions.
2.1.1 EMC Cloud and its clients will be impacted by improper/ incorrect configurations
which are applicable to firewalls and VPN solutions.
Misconfigured Firewall
“A firewall is a network security system designed to prevent unauthorized access to or from a
private network. Firewalls can be implemented as both hardware and software, or a combination
of both” (Beal, 2019).
A firewall could be either a software or a hardware which is used to safeguard the security of the
private network. What firewall does is blocks the unauthorized users from private network which
is connected to the web.
Moreover, firewall Configuration is more important in EMC cloud solution; misconfiguration
could cause any level claim mound from code. If EMC company firewall is misconfigured by
gratuitous ports either open or allowing unofficial users to connect the network can cause the
server control to an unauthorized user, it’ll gilt up on closing the server farm. ACL dogmas
should be drilled to prevent unauthorized access to the EMC network.
Sandun Blazon Lanka Poulier
Unit - 05
011362
•
Benefits of using firewall
How Firewalls Work: Firewalls use rules to examine network packets as they pass through a
particular location on a network. If a packet does not contravene any of the firewall's rules, the
firewall will allow the packet through to its destination. However, a packet that breaks a firewall
rule -- for example, by originating from a host that has been blocked from sending traffic to the
network -- will be discarded.
Security Benefits: Firewalls provide markedly increased security for computers and other
devices, especially on networks that are connected to the Internet. Without firewall software, it
would be very easy for attackers to send malicious programs to your computer over a network,
drastically increasing the load on your computer's anti-virus and anti-malware programs. With a
firewall in place, however, you can dictate exactly what the computers on your network are able
to send and receive from the outside world, helping you to cut threats off at their source.
Monitoring With Firewalls: Firewall logging is the process of monitoring network traffic
through a firewall. By definition, firewalls need to examine network packets closely as those
packets pass by. Some firewalls can compile logs using the information that they gain from these
packets, noting parameters such as the packet's destination, source and size. These logs can then
be used to help determine network conditions, including which areas of the network are busiest
and which network applications consume the most data.
Enforcing Policies: Many networks have policies regarding which users can access data. For
example, a school would likely prevent all of its computers from accessing adult content, while a
home user might limit the amount of time that her children could use the Internet. Firewalls
allow users to actively enforce these policies by creating specific rules. As such, the school
might create a firewall rule blocking all content containing certain keywords, while the home
user might create a rule blocking all Internet traffic from her children's computer user accounts,
except at specific times.
Why are firewall used
Need of Firewall:
As there is always an increased malware threat targeting any system, use of security software
such as antivirus and firewall is always very essential. Firewall secures your system from
malware attackers who focus on hacking into your system, aiming to steal your user personal
information such as account details, bank data etc. The best firewall software always give
complete protection against these attacks, thereby helping to keep your system 100% problem
free.
Sandun Blazon Lanka Poulier
Unit - 05
011362
Misconfigured VPN
“A VPN, or Virtual Private Network, allows you to create a secure connection to another
network over the Internet. VPNs can be used to access region-restricted websites, shield your
browsing activity from prying eyes on public Wi-Fi, and more.
VPNs essentially forward all your network traffic to the network, which is where the benefits –
like accessing local network resources remotely and bypassing Internet censorship – all come
from. Most operating systems have integrated VPN support” (chrisbhoffman, 2019).
In other words, VPN is a private network which is built on a public groundwork. Security
appliances, example: encryption, through encryption it allows VPN users to strongly access a
network through different locations through a telecommunication network, such as the internet.
Some VPN such as Prompt VPN can act as proxy in which the proxy consents view webs
namelessly from everyplace the user wants
•
Benefits of using VPN
Enhanced security: When you connect to the network through a VPN, the data is kept secure
and encrypted. In this way, the information is away from the hackers’ eyes.
Remote control: In the case of a company, the great advantage of having a VPN is that the
information can be accessed remotely even from home or from any other place. That’s why a
VPN can increase productivity within a company.
Share files: A VPN service can be used if you have a group that needs to share data for an
extended period.
Online anonymity: Through a VPN you can browse the web in complete anonymity. Compared
to hide IP software or web proxies, the advantage of a VPN service is that it allows you to access
both web applications and websites in complete anonymity.
Unblock websites & bypass filters: VPNs are great for accessing blocked websites or for
bypassing Internet filters. This is why there is an increased number of VPN services used in
countries where Internet censorship is applied.
Change the IP address: If you need an IP address from another country, then a VPN can
provide you this.
Better performance: Bandwidth and efficiency of the network can generally be increased once
a VPN solution is implemented.
Reduce costs: Once a VPN network is created, the maintenance cost is very low. More than that,
if you opt for a service provider, the network setup and surveillance is no more a concern.
Sandun Blazon Lanka Poulier
Unit - 05
011362
Why are VPN used
Use Public or Hotel Wi-Fi securely: Public Wi-Fi offers no encryption security to its users, and
your signals are broadcast for anyone savvy enough to eavesdrop, therefore some people use
VPNs at Wi-Fi hotspots to prevent snoopers from collecting private information. Generally, the
most effective way to keep your data from entering the wrong hands is by using a VPN service
which makes all Internet use totally private and secure.
Secure Communication between Sites: Many businesses today have branch offices, and
connect these branches to the main office over the Internet using a site-to-site VPN connection.
For example, a businesses can enable workers with laptops on the road or at home to connect to
the company network as if they were sat at a desk in the office. A company that has offices in
two locations can connect them using a VPN across the internet so there appears to be one
network. Linking remote sites with a main office lets users send and receive information via a
secure connection. Employees can use file servers and printers which are not physically in the
same office.
Bypass the Web Censorship and Content Surveillance: Some countries put up firewalls to
restrict what their residents see, hear, and share with other people within and beyond their
borders. Connecting to a VPN server will enable you to 'tunnel out' of the censorship restrictions
and access the full World Wide Web.
2.2 Explain how following technologies would benefit EMC Cloud and its
Clients by facilitating a ‘trusted network’. (Support your answer with suitable
illustrations). (1. DMZ 2. Static IP 3. NAT)
2.2.1 DMZ zone
Pronounced as separate letters, DMZ is short for demilitarized zone, a computer or small sub
network that sits between a trusted internal network, such as a corporate private LAN, and an
untrusted external network, such as the public Internet.
Typically, the DMZ contains devices accessible to Internet traffic, such as Web (HTTP )
servers, FTP servers, SMTP (e-mail) servers and DNS servers.
The phrase demilitarized zone comes from military use, meaning a buffer area between two
enemies (Webopedia Staff, 2019).
Sandun Blazon Lanka Poulier
Unit - 05
011362
Figure 2: DMZ (demilitarized zone)
If an organized threat actor is able to get through the initial firewall, they must then gain
unsanctioned admittance to those services earlier they can do any mutilation, and those systems
are likely to be cynical in contradiction of such attacks.
DMZ networks have been an important part of enterprise network security for almost as long as
firewalls have been in use and, in large part, for similar reasons firewalls are positioned to
protect sensitive organizational systems and resources.
Where is DMZ useful
In a home network, computers and other devices typically are configured into a local area
network connected to the internet using a broadband router. The router serves as a firewall,
selectively filtering traffic from the outside to help ensure only legitimate messages pass through.
A DMZ divides such a network into two parts by taking one or more devices inside the firewall
and moving them to the outside. This configuration better protects the inside devices from
possible attacks by the outside (and vice versa).
A DMZ is useful in homes when the network is running a server. The server could be set up in a
DMZ so that internet users could reach it through its public IP address, and the rest of the home
network was protected from attacks in cases where the server was compromised. Years ago,
before cloud services became widely available and popular, people more commonly ran
Web, VoIP, or file servers from their homes and DMZs made more sense.
Sandun Blazon Lanka Poulier
Unit - 05
011362
Figure 3: Example of a DMZ zone
Purpose of a DMZ
The DMZ Network exists to protect the hosts most vulnerable to attack. These hosts usually
involve services that extend to users outside of the local area network, the most common
examples being email, web servers, and DNS servers. Because of the increased potential for
attack, they are placed into the monitored sub network to help protect the rest of the network if
they become compromised.
Hosts in the DMZ have tightly controlled access permissions to other services within the internal
network, because the data passed through the DMZ is not as secure. On top of that,
communications between hosts in the DMZ and the external network are also restricted to help
increase the protected border zone. This allows hosts in the protected network to interact with the
internal and external network, while the firewall separates and manages all traffic shared
between the DMZ and the internal network. Typically, an additional firewall will be responsible
for protecting the DMZ from exposure to everything on the external network.
All services accessible to users on communicating from an external network can and should be
placed in the DMZ, if one is used. The most common services are:
•
Web servers: Web servers responsible for maintaining communication with an internal
database server may need to be placed into a DMZ. This helps ensure the safety of the
internal database, which is often storing sensitive information. The web servers can then
Sandun Blazon Lanka Poulier
Unit - 05
011362
•
•
interact with internal database server through an application firewall or directly, while
still falling under the umbrella of the DMZ protections.
Mail servers: individual email messages, as well as the user database built to store login
credentials and personal messages, are usually stored on servers without direct access to
the internet. Therefore, an email server will be built or placed inside the DMZ in order to
interact with and access the email database without directly exposing it to potentially
harmful traffic.
FTP servers: These can host critical content on an organization's site, and allow direct
interaction with files. Therefore, an FTP server should always be partially isolated from
critical internal systems.
2.2.2 Trusted Networks
A trusted network is the one which is under the control of the network manager or the network
administrator.
Basically, this is the network that a network admin tries to protect and defines the security
parameters for the same. So, it can also be said that the trusted networks are within the security
perimeter.
2.2.3 Static IP
A static IP address is a number (in the form of a dotted quad) that is assigned to a computer by
an Internet service provider (ISP) to be its permanent address on the Internet. Computers use IP
addresses to locate and talk to each other on the Internet, much the same way people use phone
numbers to locate and talk to one another on the telephone. When you want to visit whatis.com,
your computer asks a domain name system (DNS) server (think telephone information operator)
for the correct dotted quad number (think phone number) for whatis.com and your computer uses
the answer it receives to connect to the whatis.com server (Rouse, 2019).
Figure 4: setting up Static IP
Sandun Blazon Lanka Poulier
Unit - 05
011362
Advantages of static IP
•
•
•
Stability – In case of claims such as authenticated services on web servers and file
downloads the connection should be stable. Accordingly, in static IP a small disturbance
in the connection usually does not terminate the packet exchange with the service.
Hosting- Meanwhile there is no change of IP address, this is suitable for applications
which use voice over Internet protocol (VOIP), gaming applications, and virtual private
network (VPN).
Proffered address for servers – Static IP addresses id ideal if the computer acts as a
server. The reason is it gives file server relatively faster file uploads and downloads.
Disadvantages of static IP
•
•
Security – Static IP address could be a security risk as the IP address is constant. There is
a greater chance of hackling the website. Also you cannot easily change the Static IP
once it has been hacked.
Transfer protocol sites. So the servers have to be on all the time to host these functions.
The cost of constantly running a server is exorbitant.
Configuration – The process to set a static IP is manual and relatively complex infrequently,
external software is required for this purpose. Also several consumer level ISPs lack support for
static IPs.
2.2.4 NAT
NAT is short for Network Address Translation. NAT is an Internet standard that enables a localarea network (LAN) to use one set of IP addresses for internal traffic and a second set of
addresses for external traffic. A NAT box located where the LAN meets the Internet makes all
necessary IP address translations ( Beal, 2019).
The Purpose of NAT
NAT serves three main purposes:
•
•
•
provides a type of firewall by hiding internal IP addresses
Enables a company to use more internal IP addresses. Since they're used internally only,
there's no possibility of conflict with IP addresses used by other companies and
organizations.
Allows a company to combine multiple ISDN connections into a single Internet
connection.
Sandun Blazon Lanka Poulier
Unit - 05
011362
However, NAT have some advantages as well as disadvantages. Nat could be used with routable
which means public IP addresses, as well as with private IP addresses. Moreover, the chance
you’ll use a public IP addresses in your NAT application is small.
In most cases, NAT is used when you don’t have enough public IPs allotted for a network and to
protect some hosts on network for requests originating from the internet which is called NAT
overloaded.
Using NAT has some benefits like,
Increasing the flexibility and the reliability of connections to the public network by
implementing compound pools, backup pools, as well as load-balancing pools. Getting an extra
layer of network security. Hosts inside a Nat network which aren’t reliable by hosts on other
networks unless the user wants to.
NAT has some drawbacks too,
End to end IP traceability can be lost. It there is in need of troubleshooting a network from a
remote site, it would be more difficult and sometimes even impossible. Services that requires
TCP or UDP connection initiation from the outside can also be affected and sometimes not
usable at all. Using tunneling protocols, such as IPsec, can also be a more complicated since
NAT modifies values in the headers that interfere with integrity checks done by IPsec and other
tunneling protocols.
Sandun Blazon Lanka Poulier
Unit - 05
011362
Figure 5: network Address Translation (NAT)
Disadvantages of NAT
•
•
•
NAT is a processor and memory resource consuming technology.
NAT may cause delay in IPV4 communication.
It causes loss of end device IP traceability.
Advantages of NAT
•
•
•
It can prevent the depletion of IPV4 addresses.
It can provide an additional layer of security by making the original source and
destination addresses hidden.
It provides flexibility when connecting to the public internet which I had explained
briefly above.
2.2.4.1 PAT
Port Address Translation (PAT), is an extension to network address translation (NAT) that
permits multiple devices on a local area network (LAN) to be mapped to a single public IP
address. The goal of PAT is to conserve IP addresses. In other words, PAT is a feature of
network device that translates communications made between hosts on a private network and
hosts on public network. It allows a single public IP address to be used by many hosts on the
Sandun Blazon Lanka Poulier
Unit - 05
011362
private network, which is usually a LAN. PAT is informally called router; gateway is more
appropriate. It also device sits at the network perimeter where one side connects the external
network, usually the public internet, and on the other side an internet network using private IP
addressing. Moreover, PAT operation is typically transparent to both the internal and external
hosts.
Figure 6: What is PAT - Port Address Translation (NAT Overload)
The joint relationship between NAT and PAT within the network
As we all know there are three types of NAT namely, Static, dynamic, and overloading which is
PAT. Static NAT is defined as one to one address mapping. Dynamic NAT addresses are picked
or chosen from a pool. NAT overloading which is the PAT allows to map many addresses which
is inside to one outside address. IP NAT translates to command and display the translation table
and verifies the translation which is occurred. To determine the current translation entry is used,
IP Nat is used.
Advantages
•
•
Numerous internal hosts can share a single IP address for communication, thus
conserving precious IP addresses.
Hosts on the private network which don’t have to expose their private IP addresses to the
public network, making attacks from the public network less likely.
Disadvantage
•
An organization using PAT and a Single IP address cannot easily run more than one of
the same type of public service behind PAT.
Sandun Blazon Lanka Poulier
Unit - 05
011362
•
If many hosts on the private network make many connections to the public network, the
PAT device may not have sufficient room in its internal table to keep track of the
connections or it may simple run out of un-used ports.
2.3 Discuss the benefits of implementing network monitoring systems.
Network monitoring
Network monitoring is the practice of consistently overseeing a computer network for any
failures or deficiencies to ensure continued network performance. For example, network
monitoring will monitor the conditions of network components such
as routers, servers and firewalls. If a slowing or failing component is detected, the network
monitoring software in use will notify network administrators of the issue; avoiding a network
outage. Likewise, if a performance bottleneck is detected, the network monitoring software will
notify administrators (Rouse, 2019).
Benefits of implementing network monitoring system
Network monitoring is completely necessary for a solution like EMC cloud. The whole purpose
of network monitoring is to monitor the computer networks usage and performance, and check
for slow of falling systems. Then the system will notify the network administrator of any
performance issues or outages with some kind of an alarm or an email. This can save a lot of
money and may also reduce many problems. Moreover, it is the best possible way to ensure the
solution is operating properly. One of the most important parts of a network monitoring is
keeping information secured. It will keep track of almost everything and alerts the network
administrator of any issues before it turns to a big problem. Accordingly, troubleshooting
abilities is another great advantage. Can save a lot of time trying to analyze what is wrong.
Below are some examples or tools which ensures the network continuously tracked and
monitored all times.
1. Zabbix
2. PRTG
3. IPS/IDS
•
Protecting the network against attackers. Network monitoring systems are able to
identify suspicious traffic, thereby empowering owners to act fast. A network monitoring
service is able to provide a broad overview of an SMB's entire IT infrastructure, so that
nothing is missed. Today, exploits are more sophisticated and advanced, and are able to
target a system in a variety of ways. Monitoring antivirus and firewall solutions
separately may leave security gaps.
Sandun Blazon Lanka Poulier
Unit - 05
011362
•
Keeping informed without in-house staff. A network monitoring service will send
alerts and information to an SMB owner as issues arise. Otherwise, an SMB may need to
either attempt to monitor their network security themselves or hire a full-time IT
employee -- which could be very costly. Data breaches can be more damaging and more
expensive the longer they go without being detected.
•
Keeping informed without in-house staff. A network monitoring service will send
alerts and information to an SMB owner as issues arise. Otherwise, an SMB may need to
either attempt to monitor their network security themselves or hire a full-time IT
employee -- which could be very costly. Data breaches can be more damaging and more
expensive the longer they go without being detected.
Optimizing and monitoring your network. Many small business owners are aimed
towards rapid growth. This growth cannot be possible if parts of their IT infrastructure
are over-burdened or slowed. Network monitoring services will map out the
infrastructure of a small business, showing an SMB owner areas of improvement and any
issues that currently need to be addressed.
•
•
Remotely connecting to your infrastructure. Network monitoring services are able to
be accessed from anywhere in the world, allowing an SMB owner to still conduct
business whether they are at home, at the office, or traveling abroad. This can be
absolutely essential when you are working with a small amount of staff members or when
you simply need to complete tasks on your own.
Advantages of network monitoring include:
•
•
•
•
•
•
The ability to tell if a network component, such a server, fails as soon as it happens
through notifications.
Network administrators can more quickly address network issues.
Makes identifying security threats easier.
Easy to tell when a network component needs replacing or tuning.
Automatic configuration of network devices.
Allows users to visualize the performance of their IT infrastructure.
Disadvantages of network monitoring include:
•
•
•
•
Purchasing the network wiring and file servers can be high-priced.
Handling a substantial network is complicated, requires a network supervisor and
training generally needs to be employed.
When the file server reduces the files to the file server become inaccessible. Electronic
Mail might still function if it's on a separate server.
Viruses can spread to other computers throughout a pc network.
Sandun Blazon Lanka Poulier
Unit - 05
011362
•
There's a danger of hacking, especially with wide-area networks. Security methods are
necessary to prevent such exploitation, e.g. a firewall.
Why are networking monitoring used
•
Stay ahead of outages
What causes IT outages? Human error, configuration issues, and environmental factors
can all contribute. Implementing network monitoring is one of the most basic and simple
ways to prevent these outages from happening in the first place.
Network monitoring gives you the visibility you need to stay one step ahead of potential
issues. By showing live network performance data in an easy-to-read interface, network
monitoring software helps you identify outages that could cause bottlenecks.
•
Fix issues faster
In a down situation, time is money. Network monitoring makes problem-solving easier
and faster for time-strapped network professionals.
Whether you're dealing with a configuration error or an abnormal traffic fluctuation,
network monitoring software helps you get to the bottom of issues once and for all. Live
network maps lead you to the origin of problems, and status windows give you
performance metrics over time.
Also, network automation tools help you go one step further. Not only can you identify
problems via network monitoring, but you can fix them automatically, without having to
get a person involved.
•
Gain immediate ROI
IT teams face heavy workloads and increasingly complex projects, often without the
ideal time, staff, or budget needed to complete them. The right network monitoring tool
can deliver immediate ROI. Without the need to manually dig into network
performance, staff have time back in their day to work on more critical projects. Seeing
the source of issues cuts down on tedious troubleshooting time. And getting ahead of IT
outages reduces the costs of outages to your organization.
• Manage growing, changing networks
With technology innovation and the rise in connected devices, today's IT environments
are growing in size. The number of Internet-connected things is expected to reach 20.4
billion by 2020, according to one Gartner report—and while most of those devices are
consumer-focused, 3.1 billion of those total connected things will be business-related in
2017. Whether that's internet-enabled sensors, wireless devices, or cloud technologies,
all this equipment needs to be monitored continuously for major fluctuations and
suspicious activity.
Sandun Blazon Lanka Poulier
Unit - 05
011362
Networks are also growing in complexity. Whether you're dealing with cloud
migrations or IPv6 transitions, you need flexible, reliable tools to help you monitor all
your IP assets and ensure smooth performance—even in the midst of change.
•
Identify security threats
When you don't have budget for intrusion detection software, but still want a tier 1
method to help protect against data breaches, network monitoring can help secure your
business-critical data.
A network monitoring tool can provide that first level of security. The biggest benefit you
get is a picture of what "normal" performance looks like for your organization, making it
easy to spot anything out of the ordinary—whether that's a spike in traffic levels or an
unfamiliar device that's connected to your network. By drilling in to figure out when and
on what device an event occurred, you're able to take a proactive approach to network
security.
Task 3
3.1 Formulate a suitable risk assessment procedure for EMC Cloud solutions
to safeguard itself and its clients.
A security risk assessment classifies, evaluates, and implements key security controls in
applications. It also emphases on preventing application security defects and vulnerabilities. And
also it supports managers in making informed source allocation, tooling and security control
implementation decisions.
EMC cloud solution generalize assessments when experiencing budget or time limitations.
However, generalized assessments don’t necessarily provide the detailed mappings between
assets, associated threats, identified risks, impact, and moderating controls.
According to the EMC cloud solution it is a must to have an exceptionally solid firewall which is
extremely ensured by important data which is given to the clients and administrations. On the off
chance the firewall is unimportant, it also can cause numerous issues that could prompt the
server farm closing down. Moreover, unapproved clients can get to the EMC cloud solution and
cannot change or include undesirable information. The database can be meritoriously hacked.
Due to that the data center will be under the control of anonymous network researchers or
hackers.
Sandun Blazon Lanka Poulier
Unit - 05
011362
There are 6 steps of a successful security assessment model.
•
•
•
•
•
•
Identification governs all critical assets of the technology arrangement. It is the ability to
identify uniquely a user of a specific system or an application that is running the system. In
other words, detecting and solving sensitive data that is created, stored, or eve transmitted
by the assets which creates a risk profile for each.
Establishing a risk management framework, that is the rules which are governing the risks
to identify which a risk ownership is assigned. The risks which affect the confidentiality,
integrity and availability of the information and also the method of calculating the estimated
damage of each scenario and the likelihood of it occurring.
Identifying the risks that can affect the confidentiality, integrity and availability of
information is the most time-consuming part of the risk assessment process.
Analyze the risk, threats and vulnerabilities that apply to each asset must be identified.
Evaluate risks, each risk against predetermined levels of acceptable risk must be weighed,
and determine which risks needed to address and which ones are ignored.
Selecting risk treatment opinions, accordingly there are four ways to treat risk:
= Avoid the risk by eliminating it entirely.
= Modify the risk by applying security controls.
= Share the risk with a third party.
= Retain the risk.
Observation of Audit log
The user which has a run user activity across the Audit logs cluster. It’s designed to control and
monitor access information in the company as a security or compliance program of any
company. The need of a enterprise buyer for an audit plan for the entire activity account.
Auditing is used to start account activity during a suspicious activity or even review. Most
probably the target content isn’t logged in but the state is used.
Honeypots
The eventual computer system that grounds hackers or monitors unfamiliar or even new hacker
modes is the honeypots. Honeypots will work, it helps to identify the hacker targets. They aren’t
necessarily the identification of hackers. Honeypot developers are often interested in penetrating
the minds of the hackers and designs a safer system and teaches their experiences.
Sandun Blazon Lanka Poulier
Unit - 05
011362
3.2 Explain the mandatory data protection laws and procedures which will be
applied to data storage solutions provided by EMC Cloud. You may also
highlight on ISO 3100 risk management methodology.
Risk which affects organizations has consequences in terms of economic performance and
professional reputation, as well as environmental safety and societal outcomes. Therefore,
managing risk effectively helps organizations to perform well in an environment full of
uncertainty. Using ISO 31000 can help organizations increase the likelihood of achieving aims,
improve the identification of opportunities and threats and effectively allocate and use resources
for risk treatment.
However, ISO 31000 cannot be used for certification purposes, but it does provide guidance for
internal or external audit programs. Organization use it could compare their risk management
practices with an internationally recognized benchmark, which provides principles for effective
management and corporate governance.
ISO 31000
ISO 31000 is an international standard published in 2009 that provides principles and
guidelines for effective risk management. It outlines a generic approach to risk management,
which can be applied to different types of risks (financial, safety, project risks) and used by any
type of organization. The standard provides a uniform vocabulary and concepts for discussing
risk management. It provides guidelines and principles that can help to undertake a critical
review of your organization’s risk management process.
The standard does not provide detailed instructions or requirements on how to manage specific
risks, nor any advice related to a specific application domain; it remains at a generic level.
Relative to older standards on risk management, the 31000 standard innovates in several areas:
•
•
•
•
it provides a new definition of risk as the effect of uncertainty on the possibility of
achieving the organization’s objectives, highlighting the importance of defining
objectives before attempting to control risks, and emphasizing the role of uncertainty
it introduces the (sometimes controversial) notion of risk appetite, or the level of risk
which the organization accepts to take on in return for expected value
it defines a risk management framework with different organizational procedures, roles
and responsibilities in the management of risks
it outlines a management philosophy where risk management is seen as an integral part of
strategic decision-making and the management of change
Sandun Blazon Lanka Poulier
Unit - 05
011362
ISO 31000 risk management mythology
Since the international organization for standardization has developed a voluntary standard to
assist organizations in risk management it is the engineering that is developed and managed the
risks related to the way in which they are applied. This structure consists of inaugurating clear
principles and a solid framework which could build foundations and process for effective risk
management. The construction of a detailed framework within any of the four main committees
consist of a design, implementation, monitoring, review and continuous improvements.
Identification of risks.
This highlights all the source of risk or threats and their capacity for EMC cloud solution.
Validating the information is much important to determine the credibility of the threat and the
risks it may generate. Only when a complete list of threats and their risks can be begun to
understand the impact and the likelihood of the event.
Risks evaluation
Considering the risk which is identifies and the implications of the occurrences leads the more in
a risk evaluation. It is important to apply a solid and objective risk analysis at this stage which
takes into the account the provision of expert advice and variations. If a demanding analysis isn’t
applied more underestimated or less impact of risks on objectives of the organization would
occur.
Treatment of risks
This should target to disregard or even reduce the risk to a less practical level of lenience or
compassion for the organization. If this isn’t done, it is a must to reevaluate to avoid or even
accept. Bearing in mind which implies a balance in costs and efforts. Addressing risks as part of
any mitigation plan can lead to new risks and those should have also been evaluated.
3.3 Comment on the topic, ‘IT Security & Organizational Policy’
3.3.1 IT security policy
An Information Technology (IT) Security Policy identifies the rules and procedures for all
individuals accessing and using an organization's IT assets and resources. Effective IT Security
Policy is a model of the organization’s culture, in which rules and procedures are driven from its
employees' approach to their information and work. Thus, an effective IT security policy is a
unique document for each organization, cultivated from its people’s perspectives on risk
tolerance, how they see and value their information, and the resulting availability that they
maintain of that information. For this reason, many companies will find a boilerplate IT security
policy inappropriate due to its lack of consideration for how the organization’s people actually
use and share information among themselves and to the public.
Sandun Blazon Lanka Poulier
Unit - 05
011362
The objectives of an IT security policy is the preservation of confidentiality, integrity, and
availability of systems and information used by an organization’s members. These three
principles compose the CIA triad:
•
•
•
Confidentiality involves the protection of assets from unauthorized entities
Integrity ensures the modification of assets is handled in a specified and authorized
manner
Availability is a state of the system in which authorized users have continuous access to
said assets
3.3.2 Organizational Policy
An organizational policy will undertake a spacious part in its choices and direction, yet it
ought not to modify its mission. Therefore, it is important to write a policy that is drawn from the
organization’s current social and structural system to help the continuity of good efficiency and
development, and not as a generic policy that hinders the organization and its clients from
meeting its goal and objectives.
A security policy is expected to do many things. Primarily it should protect people and
information, as well as set the rules for expected behavior by users, system administrators,
management and security personnel. It should also authorize relevant personnel to monitor,
probe, investigate, define and authorize the consequences of violations, in addition to defining
the company’s baseline stance on security. This can help minimize risk and help track
compliance with appropriate regulations. Accordingly, and organizational use policy is to outline
rules of actions which is to conduct transaction with security issues. Organizational policies
make staff understand the organizations views on a specific issue. Policies reveals common
reports of how an organization must be performed. In other words, policy can be security related
which can be used to recognize threats and migrate threats. If an organization never follows the
organizations policy, it might lead to security issues.
Before a specific policy document is composed, the general goal of the policies must be
resolved. The initial step is to figure out what is being ensured and find out why it’s being
secured. Moreover, policies can be composed to affect hardware, software, connections,
networks, telecommunications, enforcements and more. Before the writing process is started
figuring out in which system and processes are essential to the organizations goal is a must. That
would help to figure out what and how many policies are important to finish the main goal. All
things are considered as, the goal which is guaranteed, considered all the conceivable areas in
which a policy is required.
Sandun Blazon Lanka Poulier
Unit - 05
011362
Task 4
4.1 Develop a security policy for EMC Cloud to minimize exploitations and
misuses while evaluating the suitability of the tools used in an organizational
policy.
In order to make sure the EMC cloud solution is kept secured, the following policies which is
given below should or must be applied or implemented to all employees requiring access;
Entering to the EMC cloud
•
•
•
•
Employee must check in with the fingerprint.
Each Employee should have an employee ID and they must wear the EMC ID at all
times.
Employee card must be swiped at the gate and the even at the porch.
Any personal entering should sign in when visiting and the purpose of the visit should be
stated appropriately.
Stay in visiting
•
•
•
Customers to the EMC must adhere to the customer’s guidelines.
Invitees who comes to visit the solution must definitely enter in with an employee of the
EMC cloud.
The purpose of the visit should be documented or recorded.
Usage
•
•
•
•
•
•
•
Unless permission granted by the solution employees can’t install, remove, delete or
change the data’s which is stored or destroy any of the equipment’s.
Equipment stored within the EMC must come across assured system conditions.
Passwords should contain at least 8 characters and in active for more than a minute and
must be automatically logged out.
Employees must use the provided laptops given by the solution.
Equipment’s brought from outside shouldn’t be used within the solution.
An exact form must be filled for all equipment installations, changes and removals.
Equipment stored within the EMC must come across assured system conditions.
Sandun Blazon Lanka Poulier
Unit - 05
011362
4.2 Develop and present a disaster recovery plan for EMC Cloud for its all
venues to ensure maximum uptime for its customers (Student should produce
a PowerPoint-based presentation which illustrates the recovery plan within 15
minutes of time including justifications and reasons for decisions and options
used).
•
Refer appendix (A, B, C, D, and E) below.
4.3 ‘Creditors, directors, employees, government and its agencies, owners /
shareholders, suppliers, unions, and the other parties the business draws its
resources’ are the main branches of any organization. Discuss the role of these
groups to implement security audit recommendations for the organization.
A security Audit is a systematic evaluation of the security of a company’s information system by
measuring how well it adapts to a set of recognized criteria.
Audits could happen in every corporation; it could even happen in EMC cloud too. If it is so
there are few things to be considered. The recommendations of the stakeholders the people who
are interested in business should be granted.
The roles of each stakeholder who implements the recommendations fluctuate from person to
person. Accordingly, this is connected to the business hierarchy.
For an example:
•
Creditors: As for audits it requires high amount of money, the company alone cannot
invest the finance. As in this case creditors play a major role. Loans from state banks can
be taken.
•
Employees: They are considered as the backbone of an organization. The effort is
priceless; therefore, recommendations should be asked by them too. They introduce
policies and procedures about home the data center works. There the auditors can get a
clear idea how the organization runs
•
Directors: The decisions are totally taken by them. The management is divided into three
main categories as Top level management, Middle level management and lower level
management. The top level holds the higher standard I the firm. Audit permissions are
totally depending on them.
Sandun Blazon Lanka Poulier
Unit - 05
011362
•
Investors: we should keep in mind that investors hold a very higher percent in audits of
the organization. If the organization needs more invests and shares it is them who does
that job.
4.3.1 Implement security audit recommendations for the organization.
A critical element of any good EMC cloud solution is the ability to identify and understand risks
that may damage the organization, then take proper precautions to prevent them from happening
and to reduce the impact of the results should precautions fail. To avoid damaging events, build
customer trust, and meet compliance requirements, it is important for organizations to ensure
they have the right processes and controls in place.
Data Ownership issues
This is another issue that have to deal with when working for an ISP/hosting provider. Being
physically separate from the data means that have need to make even more risk based decisions
in a cloud computing environment. If the data hosting off site is public in any way, then there is
less to be concerned about. However, if the data is sensitive or too much confidential, you may
want to take extra care to safeguard it at remote sites (encryption, physical security, etc.). For
example, the recommendation from the Cloud Computing Security Alliance is that "Customers
should perform onsite inspections of cloud provider facilities whenever possible."
What so struggling with how this is different than using a remote storage facility for the backup
tapes. Encryption of the sensitive data is an important safeguard, whether the data lives on a
backup tape or "somewhere in the cloud". Almost equally as important as data encryption is
ensuring that access to manage the cloud services is protected. While the data may be public,
might would not want an attacker to have the ability to change the web site or use it to collect
credentials or sensitive data’s.
Data Loss Due To Technical Failure
This has less to do with security and more to do with backups and disaster recovery planning. If
so keeping backups, or even running "hot sites", have to make sure they are part of the regular
patching and vulnerability assessment schedule. Since they take an exact copy of the data and
systems, they need the same level of protection and vulnerability management as the production
systems.
Test the system continuity plan regularly without any malware or any third party attacks
Continuity plan testing is performed to ensure the process will work and the organization can
continue to operate after a business interruption. The organization should consider the
availability of critical staff, the equipment needed to resume operations, the methods needed to
restore data, and the time it takes to restore services. The test should be performed annually.
Sandun Blazon Lanka Poulier
Unit - 05
011362
Both the business continuity and disaster recovery plan should be updated to reflect lessons
learned from the testing event.
Use strong data encryption to transmit restricted data or restricted information over public
networks
Most organizations assume that transmitting data over a public telephone line is safe. Encryption
of all data leaving the physical safety of the organization is the best defense against
vulnerabilities due to misconfiguration or unprincipled individuals.
Sandun Blazon Lanka Poulier
Unit - 05
011362
Appendix
Appendix A (Disaster recovery plan presentation slide-1)
Appendix B (what is a disaster slide - 2)
Sandun Blazon Lanka Poulier
Unit - 05
011362
Appendix C (disaster that affects EMC cloud slide - 3)
Appendix D (Approaches for EMC cloud disaster recovery plan slide - 4)
Sandun Blazon Lanka Poulier
Unit - 05
011362
Appendix E (Objectives of EMC cloud disaster recovery plan slide - 5)
Sandun Blazon Lanka Poulier
Unit - 05
011362
Gantt chart
January 2020
1st
2nd
February 2020
3rd
4th
2nd
3rd
4th
March 2020
4th
1st
2nd
3rd
4th
Task 01
Task 02
Task 03
Task 04
Sandun Blazon Lanka Poulier
Unit - 05
011362
References
Beal, V., 2019. NAT - Network Address Translation. [Online]
Available at: https://www.webopedia.com/TERM/N/NAT.html
[Accessed 13 9 2019].
Beal, V., 2019. firewall. [Online]
Available at: https://www.webopedia.com/TERM/F/firewall.html
[Accessed 9 6 2019].
chrisbhoffman, 2019. How to greek. [Online]
Available at: https://www.howtogeek.com/133680/htg-explains-what-is-a-vpn/
[Accessed 9 6 2019].
Rouse, M., 2019. confidentiality, integrity, and availability (CIA triad). [Online]
Available at: https://whatis.techtarget.com/definition/Confidentiality-integrity-and-availabilityCIA
[Accessed 9 6 2019].
Rouse, M., 2019. network monitoring. [Online]
Available at: https://searchnetworking.techtarget.com/definition/network-monitoring
[Accessed 14 9 2019].
Rouse, M., 2019. static IP address/dynamic IP address. [Online]
Available at: https://searchwindevelopment.techtarget.com/definition/static-IP-address-dynamicIP-address
[Accessed 13 9 2019].
Webopedia Staff, 2019. DMZ - demilitarized zone. [Online]
Available at: https://www.webopedia.com/TERM/D/DMZ.html
[Accessed 13 9 2019].
Sandun Blazon Lanka Poulier
Unit - 05
011362