LO1 Assess risks to IT security P1 Identify types of security risks to organizations. Definition of IT Risk The risk of information technology, critical systems and corporate techniques, is basically any threat. It is the danger associated with the use, ownership, operation and involvement of an organization and has an effect on and adoption of IT. IT risks are capable of damaging business value and often result from poor methods and events management. There are various types of IT risks, here are some of the risks that will face in the organizations: Physical Threats Resulting from physical access or damage to IT resources such as the servers. These could include theft, damage from fire or flood, or unauthorized access to confidential data by an employee or outsider. Infrastructure Failures Such as the loss of internet connection can interrupt business. E.g.:-Could miss an important purchase order. Technical Failures Software bugs, a computer crash or the whole failure of a computer element. E.g.: Virus Attack, Malware, Software Failure, Device Failure. Natural Risk This risk happens by natural factors, which includes flood, fire accident, lightening, Tsunami. Electronic Threats There will be sudden power outage issues due to high wind, lightening etc. Human Error Is a major threat - E.g.: Someone might accidentally delete important data, or fail to follow security procedures properly. P2 Describe organizational security procedures. Definition of security procedures A security procedure is a series of steps that must be followed in order to complete a particular security task. Procedures are typically structured as a sequence of steps to be followed in a consistent and repetitive manner to achieve a specific goal. Security protocols, once enforced, include a collection of existing actions for performing the organization's security affairs, making preparation, process auditing, and process enhancement easier. Procedures serve as a starting point for establishing the continuity required to reduce variation in security procedures, thus improving security control within the organization. Within the security department, reducing variance is a good way to reduce duplication, enhance efficiency, and boost results. These are certain safety procedures that must be followed in organizations: Application security Application protection is a collection of procedures, tools, and practices aimed at safeguarding applications from threats over their entire lifecycle. To steal data, intellectual property, and confidential information, cyber criminals are organized, specialized, and empowered to identify and exploit vulnerabilities in enterprise applications. Application protection can assist organizations in protecting all types of applications (such as legacy, desktop, web, mobile, and micro services) used by internal and external stakeholders such as consumers, partners, and employees. Cloud security Cloud security is a form of cyber security that focuses on keeping cloud storage systems secure. This involves ensuring the privacy and security of data through web infrastructure, applications, and platforms. The efforts of cloud providers and the clients who use them, whether an entity, a small to medium company, or an organization, go into securing these systems. Endpoint security Endpoint security refers to the protection of endpoints, or end-user devices such as computers, laptops, and smart phones. Endpoints provide access to an enterprise network and establish points of entry that malicious actors can manipulate. Internet security For securing data sent over the Internet, Internet protection depends on basic tools and standards. Various types of encryption, such as Pretty Good Privacy, are included (PGP). Firewalls, which block unauthorized traffic, and anti-malware, anti-spyware, and anti-virus programs, which scan Internet traffic for dangerous attachments from particular networks or computers, are all part of a stable Web setup. Mobile security Smart phones, tablets, laptops, and other portable computing devices, as well as the networks through which they link, are protected from threats and vulnerabilities associated with wireless computing by mobile security. Network security The practice of preventing and guarding against unauthorized intrusion into corporate networks is known as network protection. Endpoint security, which focuses on individual devices, is supplemented by network security, which focuses on how those devices communicate and the connective tissue that connects them. Physical security Defense of individuals, property, and physical objects from acts and events that could cause harm or loss is known as physical security. Physical protection refers to safeguards in place to prevent unauthorized access to facilities, equipment, and services, as well as to protect staff and property from damage (such as espionage, theft, or terrorist attacks). Multiple layers of interdependent devices, such as CCTV monitoring, security guards, protective barriers, locks, access control, perimeter intrusion detection, deterrent systems, fire safety, and other systems designed to protect people and property, are used to provide physical security. M1 Propose a method to assess and treat IT security risks. A Quick Overview Risk assessments are used to define, calculate, and prioritize risks to organizational activities and assets as a result of information system activity and use. Risk assessment is primarily a business concept that revolves around the concept of capital. First consider how company makes money, how staff and assets impact performance, and what risks could result in significant financial losses for the company. After that, consider how can improve IT infrastructure to reduce the risks that could result in the most significant financial losses for business. The value of the assets at risk, the criticality of the threat, and the vulnerability of the system to that threat are the only three considerations that go into a basic risk assessment. Calculate the risk—the probability of company losing money—using those factors. Despite the fact that risk evaluation is based on abstract constructs instead of numbers, it is helpful to represent it as a formula: Risk = Asset X Threat X Vulnerability However, keep in mind that something multiplied by zero equals zero — if the risk factor is high and the vulnerability level is high, but the asset importance is zero (in other words, it is worthless ), the chance of losing money is zero. Gather the details need to determine risk in a variety of ways. for example: Staff, data owners, and other employees were interviewed. Examine the facilities and systems. Examine the paperwork. Figure 1Risk management chart LO2 Describe IT security solution P3 Identify the potential impact to IT security of incorrect configuration of firewall policies and third-party VPNs. Misconfiguration of Security is Defined as Security Misconfiguration is only characterized as failure to update or run security checks in order to update all security checks of a worker or web application, while making errors. What an organization believes to be a safe situation really has risk-free, dangerous gaps or mistakes. Impact of Misconfiguration of Security These flaws also offer attackers unauthorized access to device data or features. Occasionally, a mistake like this results in a complete system compromise. The business effect is determined by the application's and data's security requirements. Firewall Definition A firewall is a hardware- or software-based network security system that monitors all sending and receiving traffic and Figure 2Firewall accepts, rejects, or drops specific traffic based on a set of security rules. A firewall separates secure internal networks from untrustworthy external networks like the Internet. Figure 3Firewall Action Types of firewall Packet filtering firewalls Circuit-level gateways Stateful examination firewalls Application-level gateways (a.k.a. proxy firewalls) Next gen firewalls Software firewalls Hardware firewalls Cloud firewalls Advantages of firewall Monitors Traffic: a firewall controls the entire traffic that reaches the computer network. Block Trojans: A firewall is helping to protect horses from Trojan. Such forms of intruder’s lock onto computer files, and then they go along for the ride to do more harm to the destination when it sends out a file. Stop Hackers: it prevents hackers out of the network b getting a firewall. Stop Key loggers: Protection of the firewall will reduce the risk of tracking by key loggers. Ways of firewall is misconfigured 1. Firewall policy that is either missing or incorrect: Based on information security policies, this defines how a firewall processes inbound and Figure 4Firewall outbound network traffic. It's possible that a policy was poorly written or simply did not exist. As a result, the firewall fails. 2. Failure to comply: Firewall can become incompatible with new technologies if it is not continuously updated and maintained. Do not overlook upgrades and ensure that firewall is up-to-date and functional. After all, mitigating risk is much easier than recovering from a catastrophe. 3. Hardware stumbling blocks: Heavy congestion or bottlenecking may occur if hardware isn't powerful enough to handle the network load. The network speed could be significantly lowered, and in the worst-case scenario, the firewall could break. 4. Vulnerabilities in Software: It is critical to keep firewall software up to date. Firewall software can sometimes have hard-to-find flaws, such as encryption keys and passwords hard-coded into the software. Ensure that firewall, as well as any integrated software, is patched and updated. 5. Failure of an External Asset: Most firewalls work in tandem with a larger IT infrastructure and rely on every cog in the wheel spinning properly. For example, if a malicious party gained access to the ISP, they could most likely breach the entire firewall. We recommend scheduling an IT audit, which involves a full and holistic examination to identify areas where a hack could have a domino effect. The potential impact of IT security of incorrect configuration of firewall 1. The desired traffic does not arrive at its location It was blocked. It was routed to the wrong destination. It could not be routed at all. 2. Unwanted traffic makes its way to a location where it shouldn't be. When processes don't perform as planned, it will most likely be discovered fast. While it's possible that this could have unintended consequences, it's also a potential attack vector for those with malevolent intent. Definition of VPN A virtual private network (VPN) is software that establishes a secure, encrypted link between two computers. It's usually used on a less protected network, like the public internet. It encrypts data at the transmitting end and decrypts it at the receiving end using tunneling protocols. To provide better security for online operations, the originating and receiving network addresses are also encrypted. Figure 5How VPN Works Types of VPN 1. Remote Access VPN: A remote access VPN allows a user to connect to a private network and gain remote access to all of its services and resources. The user's access to the private network is established over the Internet, and the connection is secure and private. 2. Site to Site VPN: A Site-to-Site VPN, also known as a Router-to-Router VPN, is widely used in large organizations. Site-to-site VPN connects the network of one office location to the network of another office location for companies or organizations with branch offices in various locations. Advantages of VPN Protect Network: An application or website can monitor online activity without knowledge. They will then evaluate the information they've gathered and try to target with advertisements. If don't use a VPN, could get a lot of pop-up advertisements, which can be annoying and interrupt browsing experience Protect Personal Information: Hackers can intercept confidential information enter on websites using a variety of methods. They will use the information to impersonate and gain access to bank accounts, credit card information, and other personal information. High-level authentication, such as 256-bit encryption, is available with a VPN. Prevent Data Throttling: When used up all of available data and internet service provider (ISP) tries to slow down service, this is known as data throttling. VPN can bypass data limit, and no one can't see how much data have been use Get Access to Geo-blocked Services: Can get a different Internet Protocol (IP) address by using a VPN. When a computer browses the internet, streams video, or engages in other online activities, its IP address indicates where it is located. A VPN will make it easier to have complete access to all information and resources provided by websites. Scalability of the Network: Although a private network can help company get started, the cost of extending it can be prohibitive. Can have access to multiple staff and remote workers at the same time if use a VPN. Can also run critical applications in the cloud and grant them access through the VPN's safe tunnel. Figure 6VPN Disadvantage of VPN when misconfigured Less Internet connectivity VPN services specific blockades (for example by Netflix) Illegal application of the VPNs The recording of internet habits and the possibility of reselling them to third parties The connection is broken. An unjustified sense of impunity online Free VPNs: Worse than none in some cases Misconfiguration of Security is Defined as Security Misconfiguration is only characterized as failure to update or run security checks in order to update all security checks of a worker or web application, while making errors. What an organization believes to be a safe situation really has risk-free, dangerous gaps or mistakes. Impact of Misconfiguration of Security These flaws also offer attackers unauthorized access to device data or features. Occasionally, a mistake like this results in a complete system compromise. The business effect is determined by the application's and data's security requirements. Firewall Definition A firewall is a hardware- or software-based network security Figure 7Firewall system that monitors all sending and receiving traffic and accepts, rejects, or drops specific traffic based on a set of security rules. A firewall separates secure internal networks from untrustworthy external networks like the Internet. Figure 8Firewall Action Types of firewall Packet filtering firewalls Circuit-level gateways Stateful examination firewalls Application-level gateways (a.k.a. proxy firewalls) Next gen firewalls Software firewalls Hardware firewalls Cloud firewalls Advantages of firewall Monitors Traffic: a firewall controls the entire traffic that reaches the computer network. Block Trojans: A firewall is helping to protect horses from Trojan. Such forms of intruder’s lock onto computer files, and then they go along for the ride to do more harm to the destination when it sends out a file. Stop Hackers: it prevents hackers out of the network b getting a firewall. Stop Key loggers: Protection of the firewall will reduce the risk of tracking by key loggers. Ways of firewall is misconfigured 6. Firewall policy that is either missing or incorrect: Based on information security policies, this defines how a firewall processes inbound and outbound network traffic. It's possible that a policy was poorly written or simply did not exist. Figure 9Firewall As a result, the firewall fails. 7. Failure to comply: Firewall can become incompatible with new technologies if it is not continuously updated and maintained. Do not overlook upgrades and ensure that firewall is up-to-date and functional. After all, mitigating risk is much easier than recovering from a catastrophe. 8. Hardware stumbling blocks: Heavy congestion or bottlenecking may occur if hardware isn't powerful enough to handle the network load. The network speed could be significantly lowered, and in the worst-case scenario, the firewall could break. 9. Vulnerabilities in Software: It is critical to keep firewall software up to date. Firewall software can sometimes have hard-to-find flaws, such as encryption keys and passwords hard-coded into the software. Ensure that firewall, as well as any integrated software, is patched and updated. 10. Failure of an External Asset: Most firewalls work in tandem with a larger IT infrastructure and rely on every cog in the wheel spinning properly. For example, if a malicious party gained access to the ISP, they could most likely breach the entire firewall. We recommend scheduling an IT audit, which involves a full and holistic examination to identify areas where a hack could have a domino effect. The potential impact of IT security of incorrect configuration of firewall 3. The desired traffic does not arrive at its location It was blocked. It was routed to the wrong destination. It could not be routed at all. 4. Unwanted traffic makes its way to a location where it shouldn't be. When processes don't perform as planned, it will most likely be discovered fast. While it's possible that this could have unintended consequences, it's also a potential attack vector for those with malevolent intent. Definition of VPN A virtual private network (VPN) is software that establishes a secure, encrypted link between two computers. It's usually used on a less protected network, like the public internet. It encrypts data at the transmitting end and decrypts it at the receiving end using tunneling protocols. To provide better security for online operations, the originating and receiving network addresses are also encrypted. Figure 10How VPN Works Types of VPN 3. Remote Access VPN: A remote access VPN allows a user to connect to a private network and gain remote access to all of its services and resources. The user's access to the private network is established over the Internet, and the connection is secure and private. 4. Site to Site VPN: A Site-to-Site VPN, also known as a Router-to-Router VPN, is widely used in large organizations. Site-to-site VPN connects the network of one office location to the network of another office location for companies or organizations with branch offices in various locations. Advantages of VPN Protect Network: An application or website can monitor online activity without knowledge. They will then evaluate the information they've gathered and try to target with advertisements. If don't use a VPN, could get a lot of pop-up advertisements, which can be annoying and interrupt browsing experience Protect Personal Information: Hackers can intercept confidential information enter on websites using a variety of methods. They will use the information to impersonate and gain access to bank accounts, credit card information, and other personal information. High-level authentication, such as 256-bit encryption, is available with a VPN. Prevent Data Throttling: When used up all of available data and internet service provider (ISP) tries to slow down service, this is known as data throttling. VPN can bypass data limit, and no one can't see how much data have been use Get Access to Geo-blocked Services: Can get a different Internet Protocol (IP) address by using a VPN. When a computer browses the internet, streams video, or engages in other online activities, its IP address indicates where it is located. A VPN will make it easier to have complete access to all information and resources provided by websites. Scalability of the Network: Although a private network can help company get started, the cost of extending it can be prohibitive. Can have access to multiple staff and remote workers at the same time if use a VPN. Can also run critical applications in the cloud and grant them access through the VPN's safe tunnel. Figure 11VPN Disadvantage of VPN when misconfigured Less Internet connectivity VPN services specific blockades (for example by Netflix) Illegal application of the VPNs The recording of internet habits and the possibility of reselling them to third parties The connection is broken. An unjustified sense of impunity online Free VPNs: Worse than none in some cases P4 Show, using an example for each, how implementing a DMZ, static IP and NAT in a network can improve Network Security. WHAT IS NETWORK SECURITY The term "network security" refers to a wide range of technology, computers, and processes. In its most basic form, it is a collection of rules and configurations that are used to protect the integrity, confidentiality, and accessibility of computer networks and data using various software and hardware technologies. Any business, regardless of scale, sector, or infrastructure, needs network security solutions in place to protect itself from today's evergrowing landscape of cyber threats. Figure 12Network Security Definition of DMZ (DeMilitarized Zone) An intermediary network between a company's secure internal network and an untrusted external network like the Internet. The DMZ, also known as a "perimeter network," is a sub network (subnet) that can be found between firewalls or off one of their legs. Web, mail, and authentication servers are commonly located in the DMZ. The word DMZ refers to the region between two adversaries in military terms. For more details, see bastion host, firewall, and port opening. Figure 13Structure of DMZ The DMZ contains all servers that are open to the Internet (the bastion hosts), which are separated from the public Internet and the private LAN by screening routers. Advantages of DMZ Enabling access control: Businesses may use the public internet to provide customers with access to resources outside of their network's boundaries. The DMZ allows access to these networks while also enforcing network segmentation, making it more difficult for an unauthorized user to gain access to the private network. A proxy server, which centralizes internal traffic flow and simplifies monitoring and recording of that traffic, may be included in a DMZ. Network recognizing prevention: A DMZ prevents attackers from conducting surveillance work in sourcing possible targets by creating a barrier between the internet and a private network. Servers in the DMZ are open to the public, but a firewall prevents an intruder from seeing inside the internal network, adding another layer of protection. Even if a DMZ device is breached, the internal firewall protects the private network by separating it from the DMZ, preventing external reconnaissance. Blocking Internet Protocol (IP) spoofing: Spoofing an IP address and impersonating an authorized user signed in to a network may be used by attackers to gain access to networks. While another service verifies the validity of the IP address, a DMZ can detect and halt such spoofing attempts. The DMZ also serves as a network segmentation zone, allowing traffic to be organized and public services to be reached outside of the private network. Figure 14Architecture Of DMZ DMZ Security Features 1. Used to link hosts to a possibly dangerous external network interface. 2. The DMZ is separated from the private network by a security gateway, which filters traffic between the two. 3. The DMZ also has a security gateway in front of it to filter incoming traffic from the outside network. 4. The primary purpose of a DMZ is to enable untrusted access to resources while maintaining a secure private network. 5. Web servers, mail servers, FTP servers, and VoIP servers are all popular DMZ services. Static IP is defined as A static IP address is one that does not change over time. When assign a static IP address to a device, that number usually stays the same until the tool is decommissioned or network architecture changes. Servers and other critical devices usually use static IP addresses. Figure 15Static IP Advantages of Static IP Improved DNS compatibility: DNS servers make it easier to set up and manage static IP addresses. Remote access is simple and convenient: Working remotely with a digital Virtual Private Network (VPN) or other remote access applications is easier with a static IP address. Communication that is more effective: Voice over internet protocol (VoIP) for teleconferencing or other voice and video messaging is made easier with static IP addresses. Static IP's security features The authentication of wireless security, which establishes the encrypted connection between the device and the base station, is the first stage of the link. Static IP addresses are more costly than dynamic IP addresses since they can be used in a pool of dynamic IP addresses without requiring a list of addresses to remove them from the ISP table. NAT is defined as(Network Address Translation) Nat combines the IP addresses of all the computers on a local network into a single address. This address is frequently used by the router, which connects the computers to the internet. A DSL modem, cable modem, t1 line, or dial-up modem can all be connected to the router. As various computer systems on the internet try to connect to computers on the local network, they just see the router's IP address. This adds another layer of protection since the router can be set up as a firewall, allowing only approved structures access to the computers on the network. Figure 16NAT Advantages of NAT The key benefit of NAT is that it can avoid IPv4 address exhaustion. By masking the original source and destination addresses, NAT may add an extra layer of protection. When connecting to the public Internet, NAT gives more options. When use NAT, can use own private IPv4 addressing scheme and avoid internal address changes if service provider changes. NAT's Security Features Dynamic NAT builds a firewall between internal and external networks, or the internet, automatically. NAT only enables connections to come from the stub domain. The source and destination computers will see the NAT. M2 Discuss three benefits to implement network monitoring systems with supporting reasons. Networking Monitoring System Figure 17Network Monitoring Network monitoring is the process of continuously monitoring a computer network for any errors or deficiencies in order to ensure that the network's overall output is maintained. Network monitoring, for example, can show the status of network components such as routers, servers, and firewalls. If a slowing or failing part is detected, the community monitoring software program will warn the community directors, preventing a network failure. Similarly, if the network monitoring program detects a performance bottleneck, it will alert administrators. The benefits of using a network monitoring system Network monitoring is essential for network management, troubleshooting, and time and money savings. It will assist in keeping records safe by monitoring the network for any issues. Network management software can provide troubleshooting features. It saves money and resources that would otherwise be spent on testing in the event of a crisis. This technology will provide visibility, allowing to prepare for the changes ahead of time. Functions of a basic network monitoring system Discover- This is a first-generation feature of network monitoring. It aids in the discovery of network equipment. We can't show something if we don't understand what's on the network and how it's all linked. As a result, it provides clear information about the units. Map-It's a term used to describe how we can imagine our jobs. We will record the time and cleanly describe the troubleshooting network issue when visualizing the work. Devices and current fame are shown on network maps. Screen- It means to keep an eye on the job process. Network monitoring software can view the temperature in a wiring closet as well as control various hardware components such as fans and electricity elements in a switch. They can also keep track of network protocols such as HTTP, TCP/IP, and FTP. SSH and SNMP protocols were used in this case. Alert- When something goes wrong in a network. The notification will be sent as a text message or an email. It also aids in the early correction of errors. These alerts are saved in the database as well. This functionality is available on every desktop in an organization. As a result, everybody is aware of the problems that have arisen as a result of the news. Report - We'll build the file after we've resolved the errors. It aids future implementation or justification. It can be used as proof for resolving errors within the company in the record. The advantages of implementing network monitoring systems Effective Change Management: Change management is made easier with network management tools. This ensures that employees can set performance goals. It's important to keep track of previous network configurations in case something has to be corrected. Network Compliant with Regulations: Previously, network providers used to be concerned only with consumers and service level agreements. They must now be mindful of regulatory requirements as well. Network monitoring systems assist businesses in maintaining compliance by providing key features that analyze the network. Companies can stay on track by using real-time topology maps, continuous monitoring, and post-association for VLANs and secure channels. Optimizing Performance and Network Availability: Network availability can be described as the ease with which one point of the IP infrastructure can communicate with another. With multiple data centers and multiple operations, achieving optimum availability (while meeting SLA requirements) necessitates a dependable solution. Network management software collects network data automatically, allowing administrators to resolve problems before employees report them via email or phone. Functionalities that look at packet drops and other delays can be used to analyze Internet output in real time. Saving Money: The number of devices connected to IP-enabled endpoints continues to increase. Wired and wireless devices are continually changing, and managers must be aware of what is connected to their networks and whether their infrastructure is capable of handling the growing number of devices – if only to keep costs under control as circumstances change. Network management tools will provide a comprehensive list of all network equipment. Additionally, members of staff in charge of budgeting may examine planning management functionality to justify potential improvements if they are required. Network monitoring software Solarwinds networks Performance monitor. PRTG network monitor from Paessler. Figure 18• ManageEngine OpManager. WhatsUp Gold 2017. Nagios XI. Zabbix. Incinga. Data dog. Logic Monitor. ConnectWise automate. Networks Performance monitor. Figure 19OpManager Figure 20 Whats Up Gold 2017 Figure 21 Nagios XI Figure 22Paessler LO3 Review mechanisms to control organizational IT security LO4 Manage organizational security P7 Design and implement a security policy for an organization. A security policy's definition Security policy is a type of paper that includes all security characteristics as well as regulations, laws, activities, and other factors related to the security of an organization. This document establishes the structure for an organization's computer network-oriented security and defines how it will control, safeguard, and share sensitive information. The significance of a security policy Safeguard the data of the company Implement in the future. To prevent data loss and leakage, use this method It is simple to comprehend security-related factors such as norms and regulations. Finding a solution is simple and quick. Steps of security policy 1. Identify the issue 2. Conduct analyses 3. Flow language 4. Legal review 5. Policy utilization Security policy implementation First, determine the danger. Others can teach a lot. That implies obtaining information from other sources, such as social media or a book. Ensure that the policy complies with all legal requirements. Maintain a constant security level that is proportional to the danger. Within the policy formulation process, include the personnel. Workers were educated. Staff should be updated. Install the required tools. Introduction We create a variety of services that help millions of people with data protection and securitized data cloud service. We value the privacy of our customers. The personal data that digital Lanka handles, and how it processes it. Account privacy When you register for a digital Lanka Account, you agree to provide us with true and full information You acknowledge that it is your responsibility to protect the confidentiality of your password and other Account information to prevent unauthorized access to your Account. Registration Information / Privacy You agree to immediately notify us of any changes to the details you gave us when registering for the Services including any change in your mailing address, telephone number, or email address. The registration data you provided. What data we collect from you Due to the nature of our Services, we are required to gather some personal data from users during the registration process, including first and last names, a valid credit card to process payment for service, home or business mailing addresses, an email address, and a password. We may conduct surveys and request demographic information from users in addition to the mandatory member information. Files; - We collect and store the files and data you transmit between your Devices and the Digital Lanka warehouse. device: - We may also collect data on connection information, including the timing and size of all packets sent over the Internet during a session, session dates and times, Device Internet Protocol (IP) address, browser type, Device name and/or identification number, and other interactions with the Service to maintain our quality of service and help in the analysis of product performance What Do We Do with your Information using we collect to: (i) provide and improve our Service (ii) to administer your use of the Service (iii) better understand your requirements and interests (iv) customize and improve your experience (v) offer or provide software upgrades; and (vi) deliver product announcements. For example, we could send you periodic updates about our Services and connected items using the email addresses you submitted. Who Do We Share Information With Unless required by applicable state and federal regulations, we never intentionally share any personally identifiable information with a third party without the user's express consent. Users - Your personal information will be made visible on your profile page. With your permission, we may also share or reveal your information, for example, if you access your account using a third-party application. Non-Private or Non-Personal Information - We reserve the right to share your non-private, aggregated, or otherwise non-personal information, such as our Service use data. Security We take reasonable steps to protect against the loss, misuse, and unauthorized access, disclosure, modification, and destruction of the personal data we have in our control. User information is password-protected; thus, you should never share your password with anybody. We use industry-standard SSL, Encryption to transfer users to the secure area of our site when we receive certain sorts of sensitive information, such as financial information. Changes to our Privacy Policy There may be time changes to this privacy statement. We will notify you if we make any changes to this privacy policy that, in our opinion, materially reduce your rights (for example, by email). P8 List the main components of an organizational disaster recovery plan, justifying the reasons for inclusion. Organizational disaster recovery plan A disaster recovery plan (DRP) is a documented policy and/or procedure that is intended to help an organization carry out recovery procedures in the event of a disaster, thereby protecting business IT infrastructure and, fostering recovery. Business Continuity Plan (BCP) A mechanism for protecting against and recovering from possible risks to an organization is called a business continuity plan (BCP). In the case of a disaster, the plan makes sure that people and property are protected and can operate quickly. Steps of Disaster Recovery plan 01. Major goals 02. Personnel 03. Application profile 04. Inventory profile 05. Information services backup procedures 06. Disaster recovery procedures 07. DR plan for mobile site 08. DR plan for hot site 09. Restoring the entire system 10. Rebuilding process 11. Testing the disaster recovery and cyber recovery plan 12. Disaster site rebuilding 13. Record of plan changes Figure 23 IT DRP Some main components of a disaster recovery plan Form a disaster recovery team It is essential to create a specialized disaster recovery team made up of workers and managers from all areas of the business since creating a disaster recovery plan, as well as updating and testing it over time, must be given top priority. This team will be in charge of creating, putting into action, revising, and testing the plan to ensure that the organization can quickly recover from a disaster. Identify disaster risks Organizations must identify and evaluate their risk as cybercrime and security breaches are becoming more advanced. Additionally, being able to react quickly to accidents can minimize downtime as well as financial and reputational harm, which is essential for an organization to succeed. Specify backup and off-site recovery As part of the DRP, it is a good idea to think about joining up with an IT DRaaS (Disaster Recovery-as-a-Service) provider. An IT DRaaS solution, which includes components like offsite backups and recovery activities, focuses on how to quickly and efficiently restore IT systems and operations. Collect data and create the written document Use pre-formatted forms as necessary to gather data for the strategy. Data to be gathered might include: Lists: - important contact information list, backup employee position listing, master vendor list, master call list, notification checklist critical contact information list, backup employee position listing Inventory: - communications equipment, data center computer hardware, documentation, forms, insurance policies, microcomputer hardware and software, office equipment, off-site storage location equipment, workgroup hardware, etc Data/recovery: - schedules for software and data files backup/retention and procedures for system restoration/recovery Test and update the plan The DRP must be updated as the organization expands to stay up with the evolving risks. For instance, disaster recovery must update the DRP to account for changes if the business adds a new warehouse, office, or factory. Reasons for using a disaster recovery plan at an IT organization Prevent human error Whether they result from software, technology, or user error, mistakes happen at work. In actuality, human error is responsible for 88% of security breaches. When these errors occur, having a disaster recovery plan in place with data backups will be helpful. To reduce downtime Companies don't like downtime. It does nothing helpful for the company in any way however, there will be downtime in the event of a man-made or natural disaster. A thorough Disaster Recovery Plan is the only way to prevent this downtime from becoming too long. Prevent Reputation Damage Customers who are not satisfied will quickly inform others of their issues. A damaged reputation might not only make it more difficult to attract new clients, A disaster recovery plan will lower the possibility of a damaged brand reputation. Benefits of a disaster recovery plan Cost-efficiency Increased productivity Improved customer retention Compliance Scalability M5 Discuss the roles of stakeholders in the organization to implement security audit recommendations. A stakeholder is a person who has an interest in the company, IT service or its projects. They can be the employees of the company, suppliers, vendors or any partner. They all have an interest in the organization. Stakeholders can also be an investor in the company and their actions determine the outcome of the company. Such stakeholder plays an important role in defining the future of the company as well as its day-to-day workings. Types of Stakeholders Internal Stakeholders: They are a part of the management of the company and have voting powers. They are the major investors in the company and a part of the board of directors. Therefore, they have all the powers that other higher-level management have and can change the direction of the company. External Stakeholders: Unlike internal stakeholders, their major role is to invest or disinvest in the company. They hardly can bring any change in the company’s direction. They do not take part in any internal operations or decision making of the company. Roles of Stakeholders Direct the Management: The stakeholders can be a part of the board of directors and therefore help in taking actions. They can take over certain departments like service, human resources or research and development and manage them for ensuring success. They Bring in Money: Stakeholders are the large investors of the company and they can anytime bring in or take out money from the company. Their decision shall depend upon the company’s financial performance. Therefore, they can pressurize the management for financial reports and change tactics if necessary. Some stakeholders can even increase or decrease the investment to change the share price in the market and thus make the conditions favorable for them. Help in Decision Making: Major stakeholders are part of the board of directors. Therefore, they also take decisions along with other board members. They have the power to disrupt the decisions as well. They and bring n more ideas a threaten the management to obey them. The stakeholders also have all the powers to appoint senior-level management. Therefore, they are there in all the major decision-making areas. They also take decisions regarding liquidations and also acquisitions. Corporate Conscience: Large stakeholders are the major stakeholders of the company and have monitored over all the major activities of the company. They can make the company abide by human rights and environmental laws. They also monitor the outsourcing activities and may vote against any business decision if it harms the long-term goals of the company. Other Responsibilities: Apart from the above four major roles they also have some other roles to play in the company. They can identify new areas for market penetration and increased sales. They can bring in more marketing ideas. They also attract other investors like honeybees in the company. They can be a part of a selection board or a representative for the company. Moreover, they can take all the major social and environmental decisions. Conclusion Internal stakeholders are key management of the company and therefore must be considered seriously. They have their own rights and duties, therefore, they are of utmost importance for the better future of the company. They must also take their roles seriously and work towards its betterment. To understand more about the key role of stakeholders, you can join our webinar for successful onboarding process. In this webinar, you can learn about the roles and responsibilities of Executive management, human resources, the new hire’s manager.
0
advertisement
Download
advertisement
Add this document to collection(s)
You can add this document to your study collection(s)
Sign in Available only to authorized usersAdd this document to saved
You can add this document to your saved list
Sign in Available only to authorized users