Web Security

3.pdf

Home >Computer Science homework help >Web Security

A C M / S I G S A C (A CM's Special Interest Group on Security, Audit, and Control)

C H E C K L I S T F O R S E C U R I T Y A N D C O N T I N G E N C Y P L A N N I N G

"If you can keep your head when all about you are losing theirs, then you obviously don't appreciate the seriousness of the situation."

That parody of Kipling has become a cliche, but it can be an apt characterization of the manager confronting a data processing (DP) emergency. Well-prepared DP managers, however, may keep their heads, and their jobs, for a much more laudable reason: because they know that their contingency plans are adequate to deal with the situations they encounter. With organizational dependence on DP growing at unprecedented rates, little could be more important today.

1 H I S T O R Y

This document was originally developed by the Ombudsman Committee of the Los Angeles Chapter of the Association for Computing Machinery (ACM), chaired at the time by Dahl Gerberick, as part of their 1976 report "Privacy, Security, and the Information Processing Industry" (published by the ACM). This checklist was then republished, with permission from the ACM, by Auerbach Publishers, Inc. in 1977. In 1984, this article was updated by DaM Gerberick and republished by Auerbach.

In 1991, this document was updated by Dahl Gerberick, Stan Kurzban, Daniel Faigin, and the ACM/SIGSAC Computer Security Day Advisory Board. It was then distributed by ACM/SIGSAC as part of their 1991 Computer Security Seminar Series. It was updated again in 1992 and made available as a publication of ACM/SIGSAC.

2 P R O B L E M S A D D R E S S E D

Security and contingency planning are familiar concepts. Everything done to prevent harm is a security measure; and all the things done to limit the damage done by harmful events that cannot be avoided is contingency planning. For example, you drive carefully to avoid accidents, but use your seat belt and buy automobile insurance to limit the physical and financial damages, respectively, that can result from accidents.

You try to prevent harm by preventing people, whether careless or malicious or greedy, from doing things that hurt the organization and by limiting exposure to natural events, such as fires, floods, and earthquakes. Nonetheless, you recognize that (in the phrasing of the title of a recent book) bad things can happen to good DP facilities, so you plan for contingencies by taking steps that do the following in the event of a DP mischance:

• Minimize interruptions to normal business.

• Limit the extent of disruption and damage and prevent its escalation.

• Provide smooth degradation.

• Establish alternate means of operation in advance.

• Train personnel and familiarize them with emergency procedures.

(~) 1976, 1991 (revised), 1992 (revised) by the Association for Computing Machinery.

A CM/SIGSA C Sec urity/Con tingen cy Planning Checklist 4

• Provide for rapid and s m o o t h restoration of service.

• Miniimize economic impact.

3 T H E D I S R U P T I V E I M P A C T O F F A I L U R E

Contingency planning requires t h a t managers consciously recognize the disruptive i m p a c t of n a t u r a l and h u m a n haz- ards as an operational problem, rather t h a n a reason to purchase insurance. This is especially i m p o r t a n t because the development, implementation, and m a i n t e n a n c e of a security and contingency plan can require s u b s t a n t i a l manpower and expenditures of funds, all of which d e m a n d m a n a g e m e n t c o m m i t m e n t . The persuasive a r g u m e n t s are as follows:

• The cost of p o t e n t i a l l y lost business.

• The effects of degrading customer service.

• The potential cessation of business operations.

These :issues m u s t be clearly brought to the a t t e n t i o n of senior managers who can establish and periodically reinforce a policy s t a t e m e n t t h a t sets up the framework for development of the formal security and contingency plan.

The total corporate i m p a c t of system failure m a y not be clear if systems planning and development is done on a per-project bases (i.e., each application is evaluated on specific criteria for satisfactory operation, such as m e a n time between failure, m e a n t i m e to repair, system reliability estimates, parameters for restart and recovery, and the level of system and hardware fallback). As new applications are introduced, the incremental additions frequently destroy the integrity of prior procedures. C o n t e n t i o n for resources a m o n g applications m a y not be a p p a r e n t until a catastrophic failure causes a total collapse of operations.

Locating or identifying a backup d a t a processing facility m a y seem like an impossible task. No other d a t a center is likely to be able to spare the machine time necessary to replace the capabilities t h a t have been lost. But it m a y not be necessary to replace all the processing power t h a t has been lost. Normally, 85-90% can be p u t off w i t h o u t causing a catastrophe. Identifying the critical 10-15% is an i m p o r t a n t task. Contingency plans should provide for the availability of all the things t h a t will be needed to process elsewhere. This includes such things as forms, programs, communications facilities, d a t a files and personnel.

Equally critical is the i m p o r t a n c e of stressing the h u m a n element along with the purely technical or h a r d w a r e considerations. Personnel m u s t be trained to handle emergencies. Fire regulations usually require periodic fire drills. Fire wardens m u s t be assigned specific areas of responsibility, receive training, and become familiar with their obligations. T h e staff is responsible for using fire extinguishers properly, p u t t i n g w a t e r p r o o f covers on the equipment, and taking all necessary security measures during evacuation. If the staff is to perform as expected, then "as expected" m u s t be defined, documented, m a i n t a i n e d and tested.

Depending upon the size and structure of the organization, certain emergency situations, such as a fire or b o m b t h r e a t which requires general evacuation, come under the responsibility of some other d e p a r t m e n t or functional area. The critical issue is t h a t the DP contingency plan, including the portions t h a t involve user d e p a r t m e n t s , be consistent and integrated with other plans being developed or administered by the firm's personnel d e p a r t m e n t or building service. Again, the fact t h a t the plan is f o r m a l - - n a m e l y , a written and well-maintained d o c u m e n t - - g r e a t l y eases integration and coordination. As a precaution, in cases where a high degree of coordination is necessary, specific identification of personnel rather t h a n function is suggested. This should be extended to include identification of backup personnel.

4 S E C U R I T Y / C O N T I N G E N C Y C H E C K L I S T

In considering the m a n y factors t h a t m a y cause system degradation, the systems m a n a g e r should evaluate the items on the following checklists. These are designed to guide security and contingency planning and to bring to m i n d m a n y of the questions t h a t ought to be considered.

A CM/SIGSA C Security/Con tingency Planning Checklist

P R E L I M I N A R Y " R E D F L A G " E V A L U A T I O N

1. Is y o u r installation classified as a showcase d a t a center?

2. Has top m a n a g e m e n t shown an awareness o f security needs in the d a t a center?

3. Does the d a t a center do work for only one o rg an i zat i o n ?

4. Do the internal auditors m a k e periodic checks o f facilities, operations, an d ap p l i cat i o n systems?

5. Do you have a d e q u a t e backup for files, software and facilities?

6. Have you ever tested y o u r security and backup procedures?

7. Are you kept informed of decreased moral e or possible disgruntled employees?

8. Have you calculated the dollar value and the p r o b a b i l i t y o f occurrence o f a p a r t i c u l a r ev en t involving the loss of d a t a and p r o g r a m s ?

9. Has operations m a n a g e m e n t been assigned responsibility for a security p r o g r a m ?

10. Do you have a d e q u a t e physical and e n v i r o n m e n t a l p r o t e c t i o n with m o n i t o r i n g ?

P H Y S I C A L F A C I L I T I E S

W a t e r D a m a g e E x p o s u r e

1. Have all overhead and under-floor s t e a m or w at er pipes been e l i m i n a t e d except for fire sprinklers or machine r o o m r e q u i r e m e n t s ?

2. Are all electrical outlets under a raised floor w a t e r t i g h t ?

3. Are all exterior doors and windows w a t e r p r o o f ?

4. Do adjacent areas, restrooms, j a n i t o r r o o m , etc. have a d e q u a t e drainage to p r e v e n t overflow to c o m p u t e r r o o m ?

5. Is p a p e r stock stored in a water-resistant area?

6. If c o m p u t e r facilities are located below ground, is a w at er detection s y s t e m installed?

7. Are large plastic sheets available to cover e q u i p m e n t for quick em erg en cy w at er p r o t e c t i o n ?

8. Are openings sealed f r o m u p p e r floors or r o o f ?

9. Is c o m p u t e r located u n d e r rooftop cooling towers?

10. Is there a d e q u a t e drainage in c o m p u t e r r o o m ?

11. Is there a flood control p u m p for areas below g r o u n d ?

A CM/SIGSAC Security~Con tingency Planning Checklist

F i r e

1. Is the building housing the computer constructed of fire-resistant and noncombustible m a t e r i a l ?

2. Are combustible materials such as paper and other supplies stored outside of the c o m p u t e r area?

3. Are tapes and disks stored outside of computer r o o m area?

4. Do you have a rated fireproof safe outside the computer r o o m area for critical file storage?

5. Are fire drills practiced periodically and are individuals assigned responsibilities in case of fire?

6. Are emergency phone numbers posted for fire, police, doctors and hospitals?

7. Are computer and t a p e libraries protected from fire by use of overhead sprinklers, s t a n d p i p e hose, carbon dioxide or halogenated agent?

8. Are smoke detectors installed under floor, in ceiling, and in air ducts?

9. Are smoke detectors serviced and tested on a scheduled basis?

10. Do you have enunciator panels to assist in quickly locating fire or smoke in unexposed areas?

11. Are floor tile removers readily available to expose fire or smoke under raised flooring?

12. Are h a n d extinguishers strategically located around the area with location markers visible over high computer equipment?

13. Have employees been instructed on how to use h a n d extinguishers?

14. Are employees allowed to smoke in the computer r o o m or the t a p e library?

15. Do employees know the location of sprinkler shutoff valves a n d / o r halon system overrides?

16. Are f u r n i t u r e and fixtures m a d e of noncombustible m a t e r i a l ?

17. Does emergency power-off also shut down the air conditioning (heating)?

18. Do you have emergency lighting in the computer e n v i r o n m e n t ?

19. Does fire alarm sound locally, at guard station, at police and fire d e p a r t m e n t s ?

20. Are security personnel schooled as to w h a t to do in case of a fire outside of n o r m a l working hours?

21. Would access to computer area, in case of fire, be restricted because of electrical controls?

22. Do you have fire d a m p e r s in ducts?

23. Are ceiling tiles m a d e of non-combustible materials?

A CM/SIGSA C Sec urity/Con tingency Planning Checklist

A i r C o n d i t i o n i n g

1. Is the air conditioning s y s t e m dedicated to the c o m p u t e r r o o m ?

2. Is backup air conditioning e q u i p m e n t secured?

3. Are air intakes located above street or p r o t e c t e d f r o m air c o n t a m i n a t i o n ?

4. Is compressor and related air conditioning e q u i p m e n t serviced on a regular schedule?

5. Is air conditioning complete with h u m i d i t y control?

6. Are building engineers sensitive to the quick response required o f c o m p u t e r o p e r a t i o n s ?

7. Does an a l a r m sound if air conditioning fails?

8. Is air conditioning e q u i p m e n t powered by its own dedicated electrical s y s t e m ?

A c c e s s C o n t r o l

1. Is c o m p u t e r r o o m visible f r o m street?

2. Is y o u r installation located in a high-crime-rat ed area?

3. Would you consider y o u r c o m p a n y vulnerable to vandalism or a t a r g e t because o f the n a t u r e o f y o u r business?

4. Have you e v a l u a t e d y o u r c o m p a n y as to whet h er it's a high-, m e d i u m - , or low-risk center for a t t a c k ?

5. Do y o u have 24-hour guard service?

• For all entrances?

• For c o m p u t e r area only?

6. Do you use T V cameras in c o m p u t e r area?

7. Do you display the location of y o u r c o m p u t e r services area?

8. Do you use a m a n t r a p for access to the c o m p u t e r area?

9. Is the n u m b e r of doors leading into the c o m p u t e r area k ep t to a m i n i m u m ?

10. Do you m o n i t o r the s t a t u s of emergency exits?

11. Are doors to c o m p u t e r area locked at all times?

12. Is access to c o m p u t e r area controlled by use of key-, m a g n e t i c - c a r d , or cipher-lock?

13. Are all accesses to the c o m p u t e r r o o m m o n i t o r e d an d recorded?

14. Are access codes changed at regular intervals or after t e r m i n a t i o n o f an employee?

15. Are dismissed employees of c o m p u t e r e n v i r o n m e n t rem o v ed i m m e d i a t e l y and necessary g u a r d personnel noti- fied?

16. Does an a l a r m notify a guard if an i n t r u d e r enters the d a t a center?

17. Do you have s t a n d b y for p o w e r - o p e r a t e d doors if power is off?

18. Are security personnel notified of employees p e r m i t t e d access during non-working hours?

19. Are all visiting personnel identified by badge when visiting the c o m p u t e r i n st al l at i o n ?

20. Are o p e r a t i n g personnel t r a i n e d to challenge strangers who do n o t h av e p r o p e r identification badges?

A CM/SIGSA C Security/Con tingency Planning Checklist

Electrici~Ly

1. Do you require u n i n t e r r u p t e d power because o f the n a t u r e o f y o u r business?

2. If y o u r system requires m o t o r generators, do y o u have backups?

3. Do you m a k e use of power conditioners an d surge p r o t e c t o r s ?

4. Does y o u r c o m p u t e r r o o m have a backup power source t h a t originates f r o m a unique power c o m p a n y facility?

5. Haw~ y o u checked y o u r local power supply as t o reliability?

6. Do you m o n i t o r y o u r power source with recorders to assure y o u rsel f t h a t it has no electrical t r a n s i e n t s ?

7. In the event of power failure, do you have e m e r g e n c y lighting for rem o v al o f personnel?

8. Are cipher doors and fire-alarm systems backed up with b a t t e r y in t h e ev en t o f power failure?

9. Is backup power tested at regular intervals?

10. Do you have lightning arrestor?

11. Do you have e m e r g e n c y power-off at all exits an d within c o m p u t e r center?

12. Are emergency power-offs p r o t e c t e d f r o m accidental a c t i v a t i o n ?

13. Is under-floor cabling channeled t h r o u g h conduits?

14. Are all electrical connections p r o p e r l y g r o u n d e d ?

H o u s e k e e p i n g

1. Is the under-floor kept clean of dust a n d d i rt ?

2. Are wastebaskets d u m p e d often enough to p r e v e n t overflow in c o m p u t e r r o o m ?

3. Are wastebaskets of m e t a l m a t e r i a l with closing tops?

4. Is smoking allowed in c o m p u t e r r o o m ?

5. Is eating allowed in c o m p u t e r r o o m ?

6. Is e q u i p m e n t kept free of dust and dirt inside an d o u t ?

7. Is c o m p u t e r r o o m used to store s t a t i o n e r y or stock?

8. Is area cleaned on a regular schedule?

9. Are employees held responsible for clean working e n v i r o n m e n t ?

10. Does m a n a g e m e n t or supervision inspect areas for adherence to g o o d housekeeping s t a n d a r d s ?

11. Would you consider y o u r shop clean?

A CM/SIGSA C Security/Contingency Planning Checklist

P E R S O N N E L

1. Are all employees given regular p e r f o r m a n c e appraisals an d encouraged to discuss their feelings?

2. At the t i m e of hire are b a c k g r o u n d checks m a d e on all employees?

3. Are follow-up checks p e r f o r m e d on all employees after e m p l o y m e n t ?

4. Are supervisors and managers close enough to personnel to detect changes in living or personal habits?

5. Do supervisors keep m a n a g e m e n t informed a b o u t a possible disgruntled employee or g ro u p o f employees?

6. Does policy allow y o u to remove a dismissed employee i m m e d i a t e l y ?

7. Do you have a generalized, established and p ract i ced p r o c e d u r e for c o o r d i n a t i n g the m o v e m e n t of i n f o r m a t i o n and personnel in an emergency s i t u a t i o n ?

8. Are personnel e d u c a t e d as to security practices an d encouraged to be alert at all times?

9. Do you agree t h a t the greatest t h r e a t to security is f r o m within?

10. Are security personnel employees of the c o m p a n y ?

l l . If a breach of security were e n c o u n t e r e d at y o u r installation, is professional assistance available?

12. Are office keys and admission badges picked up f r o m t e r m i n a t i n g employees?

13. Are all c o m p u t e r access codes r e m o v e d f r o m the s y s t e m at the same t i m e as the employee is t e r m i n a t e d ?

H A R D W A R E

1. Are all operations m o n i t o r e d for compliance with schedules?

2. Is all scheduled m a i n t e n a n c e m o n i t o r e d to assure p e r f o r m a n c e ?

3. Do you check and clean y o u r disk packs on a regular basis?

4. Are tapes cleaned on a scheduled basis?

5. Do you record t a p e errors to d e t e r m i n e general condition of l i b rary ?

6. Are all tapes recorded and accounted for when t h ey are removed f r o m t a p e l i b r a r y ?

7. Do y o u m a k e a physical inventory periodically to assure t h a t all tapes are a c c o u n t e d for?

8. Is access to t a p e library restricted to auth o ri zed personnel only?

9. Do you use on-site storage vaults for t a p e and disk files?

10. Does y o u r off-site storage provide a d e q u a t e security an d e n v i r o n m e n t a l consideration?

11. Have you ever tested y o u r backup procedures?

12. Is there an o u t p u t distribution p r o c e d u r e in place an d verified?

A CM/SIGSA C Security/Con tingen cy Planning Checklist 10

PCs

I. Are all data on diskettes backed up?

2. Are diskettes stored in safe places?

3. Do you control access to data on hard files by some mechanism (e.g., access control software, cryptography) commensurate with the risks they face.

4. Do you have adequate physical access control to your PCs?

5. Are :your safeguards against theft of PCs and related equipment adequate?

6. Is your forms control adequate to deter use of PCs to simulate official documents?

7. Haw~ you taken appropriate measures to protect yourself from the damage that computer viruses can do?

8. Haw; you taken appropriate protective measures against tampering with PCs?

Networks

I. Are controls on your LAN adequate to prevent tampering with messages or unauthorized interception?

2. I-lave you adequate protection (e.g., cryptography, dial-back) against intrusion by outsiders?

3. Have you taken adequate measures to ensure the authenticity, integrity, and confidentiality of messages?

4. Do you have adequate assurance of path availability?

5. Are your gateways controlled well enough to prevent damage from worms and "letter bombs"?

SOFTWARE SECURITY

I. Are all computer programs and associated documentation located in a secure environment?

2. Do you provide secondary backup files for computer programs and documentation?

3. Do you control updating of files by remote users to prevent more than one user from updating files at any given time?

4. Do you control different types of access to data files?

5. Do you use identity-based protection of data?

6. Must users change passwords with reasonable frequency?

7. Do you record violations or attempted violations of protected files?

8. Is access to protected files controlled by access control software?

9. Are restart and recovery procedures incorporated and utilized?

10. Are program changes and maintenance controlled and documented?

11. Is protection periodically tested by responsible personnel to assure that procedures are adequate?

12. Do you encrypt read-sensitive data for transmission?

13. Do you test routines and check diagnostics to validate outputs from critical reporting systems?

A CM/SIGSAC Security~Contingency Planning Checklist 11

14. Do your operating systems have built-in protection to prevent unauthorized access to d a t a bases by program- mers familiar with the system?

15. Do you use an operating system whose vendors vouches for its i n t e g r i t y ?

16. If so, do your internal E D P auditors verify t h a t no one has compromised the integrity of your operating system?

S E R V I C E P E R S O N N E L O R O T H E R S

1. Are custodial personnel controlled when servicing the secure area?

2. Do you require unauthorized personnel to wear identification to assure t h a t proper clearance has been obtained?

3. Are unauthorized personnel escorted when working in the secure area?

4. Are secure area personnel instructed to challenge unidentified personnel in the secure area?

5. Do you m a i n t a i n a list of authorized personnel exclusive of operations people?

6. If computer center is closed, do guards make regular inspections inside the center?

7. Is there a rigid control on t e m p o r a r y passes to the secure areas?

8. Have computer room door locks been changed to prevent normal custodial m a s t e r keys from gaining entrance?

9. Is there a log of unauthorized personnel a d m i t t e d with n o t a t i o n for reason, t i m e in, time out, and signature of person authorizing e n t r y ?

10. Would your security procedures require officers of your company to sign in and wear appropriate identification?

11. Do you require identification of service personnel?

12. Are vendor service personnel required to have background checks?

13. Are custodial and m a i n t e n a n c e personnel briefed on your security measures?

14. Do the guards make regular inspections of the computer room facilities?

F I L E S A N D D O C U M E N T A T I O N

1. Do you provide duplicate file storage in a separate building from where the original files are stored?

2. Is there a current inventory of all such files?

3. Are updates to files reflected in duplicate files?

4. When changes are m a d e to files is a record m a i n t a i n e d to assure the back-up has also been u p d a t e d ?

5. Do you periodically review back-up to files to assure they are up to s t a n d a r d s ?

6. Do you classify your files as to level of importance?

7. Do you a t t e m p t to place a dollar value on files?

8. Are regular system backups performed on all tapes and disks?

9. Do you provide special storage (underground) for vital records?

10. Do you m a i n t a i n backup and separate storage for d o c u m e n t a t i o n ?

A CM/SIGSA C Security~Con tingen cy Planning Checklist 12

11. Is file retention reviewed to assure compliance with legal requirements?

12. Does computer operations rather than the user control file maintenance?

13. Are operating run book procedures backed up and given separate storage?

14. Does the user participate in file back-up and protection requirements?

15. Is access to files controlled by computer operations?

16. Are internal auditors made aware of changes to programs or documentations of vital applications?

17. Is off-site storage reviewed for fire protection?

18. Is access to storage area limited to authorized personnel?

19. Are records maintained on removal and return of stored files?

I N T E R N A L A U D I T C O N T R O L S

1. Do you have backup for programs?

2. Do you have backup for files?

3. Do you have backup for hardware?

4. Do you have adequate protection against intrusion?

5. Do tlhe auditors get involved during the systems design phase?

6. Do tlhe auditors have sufficient knowledge about programming to assure that coding is ethical?

7. Are duties adequately separated to prevent data manipulation?

8. Are program changes controlled?

9. Do controls exist to verify proper distribution of reports?

10. Are computer outputs monitored for adherence to standards?

11. Is hard copy of computer activity available for audit trail review?

12. Do you have adequate insurance protection?

13. Do you rotate duties to eliminate having "indispensable" personnel?

14. Are sensitive forms (paychecks) given adequate storage security?

15. Is the physical handling of sensitive forms adequate to prevent pilferage?

16. Are operators allowed to make program or processing modifications from the console?

17. Do you have computer usage controls?

18. Do auditors participate in the development of security plans?

19. Are magnetically encoded ID cards and/or combination numbers for entry to secure area changed frequently?

20. Do you control access to remote terminals?

21. Are safe, user-friendly password mechanisms in use?

22. Do software controls limit ability to add, delete, or modify files?

A C M / S I G S A C Sec uri t y / C o n tingen cy Planning Ch ecklis t 13

C O N T I N G E N C Y P L A N N I N G

1. Has top management, in conjunction with D a t a Processing management, set the contingency planning objec- tives?

2. Does the contingency planning t e a m consist of two or more p e r m a n e n t members such as:

(a) C o m p u t e r Operations staff?

(b) Facilities m a n a g e m e n t ?

3. Does the plan include participation on an "as required" basis from the following departments:

(a) Data processing operations?

(b) Systems programming?

(d) Internal auditors?

(e) Legal d e p a r t m e n t ?

(f) Security/Fire/Safety staff?

(g) Purchasing?

(h) Insurance?

(i) Real estate?

(j) Communications?

(k) Others as required?

4. Does the plan address a detailed notification procedure clearly specifying the people to be notified and by whom they are to be notified:

(a) Management?

(b) Emergency crews?

(d) Back-up sites?

(e) Service personnel?

(f) Facilities personnel?

5. Has the responsibility for each member of the contingency team been defined?

(a) Primary action responsibility assigned?

(b) Coordination responsibility assigned?

6. Does the plan categorize disasters and provide specific plans for each level of potential disaster?

(a) Catastrophic

(b) Major

(d) Limited

7. Has an estimate of the potential revenue loss due to processing delays been established for critical reports in the event of:

A CM/SIGSAC Security/Contingency Planning Checklist 14

(a) C a t a s t r o p h i c delay?

(b) Major delay?

(d) Limited delay?

8. Has a resource i n v e n t o r y been m a d e to e s t i m a t e t h e p o t e n t i a l physical a n d / o r processing delay loss in each of the following areas?

(a) E q u i p m e n t

• D a t a processing h a r d w a r e

• M a i n t e n a n c e e q u i p m e n t

(b) D o c u m e n t a t i o n

• O p e r a t i o n s r u n b o o k ( s )

• Systems software

• Applications p r o g r a m s

• Applications systems

• A c c o u n t i n g procedures

• COM d o c u m e n t a t i o n

• C u r r e n t i n v e n t o r y

• O u t s t a n d i n g orders

9. Have the following backup considerations been addressed?

(a) A l t e r n a t e site selection

• Buildings

• F l o o r c a p a c i t y - space and load

• Raised flooring

• Electric c i r c u i t s / c a p a c i t y

• Air conditioning and h u m i d i t y control

• Chilled water

• Fire p r o t e c t i o n and suppression

• Security - personnel

• S e c u r i t y - physical

• S e c u r i t y - d a t a

• C o m m u n i c a t i o n s

(b) A l t e r n a t e site h a r d w a r e

• C o m p u t e r and c o m p o n e n t s

• T e r m i n a l e q u i p m e n t

• Off-line e q u i p m e n t

• F u r n i t u r e

• Office machines

• P r e v e n t a t i v e m a i n t e n a n c e schedule

A CM/SIGSAC S e c u r i t y / C o n tingency Planning Checklist

• Maintained to meet site configuration modifications

• Reviewed and tested • Stored in a secure environment

(d) Supplies

• Paper • Forms

• T a p e s / d i s k s

• Cards

(e) Alternate site storage for:

• Tapes

• Disks • Paper and forms

• Cards

10. Emergency site(s) processing considerations at:

(a) Other company facilities

(b) Other companies in the i m m e d i a t e geographical area

(d) Service bureaus in the i m m e d i a t e area

11. Considerations of backup facility should include:

(a) C.P.U. model

(b) Memory - main and extended

(d) Options

(e) Peripherals

12. Have backup agreements been obtained?

(a) W r i t t e n guarantee with other companies

(b) Reciprocal agreements

(d) Vendor c o m m i t m e n t s

13. Do plans for off-site move include:

(a) T r a n s p o r t a t i o n of personnel

(b)

(c)

14. I f a

(a) (b) (c)

T r a n s p o r t a t i o n of d a t a and supplies

Personnel phone list

computer service bureau is to be used for recovery, have the following items been considered?

Location?

Is access to computer and files controlled?

Is customer work area secure?

A CM/SIGSAC Security/Contingency Planning Checklist 16

(d) Is fire protection adequate?

(e) Is data secure?

(f) Are the personnel competent and concerned?

(g) Are the couriers efficient and trustworthy?

(h) Are the employees screened?

(i) Are operating and control procedures adequate?

(j) Will the service bureau be able to cover any loss due to error resulting in loss of vital data?

15. Is the recovery plan periodically tested to assure backup processing compatibility?

5 R E C O M M E N D E D C O U R S E O F A C T I O N

The preceding questions should be translated into your own personal security and contingency plan. Any plan that is not in writing and maintained current is not a plan. In addition, specific individuals should be aware of their functions during various kinds of emergencies. It is the response of individuals should be aware of their functions during various kinds of emergencies. It is the response of individuals that often determines a plan's success.

I About ACM/SIGSAC... I ACM/SIGSAC is a special interest group of the Association for Computing Machinery (ACM). The scope of

ACM/SIGSAC is the control of access to computing resources, user and resource authentication, risk analysis, testing and certification of computer systems, transaction logging, data reduction, data encryption, control over program development and operation, multilevel security systems, and architectural foundations for secure systems. We have over 1400 :members distributed all over the world, with our highest member concentration in the United States. These members are drawn from all facets of the field: academia, commercial industry, research, and government. We are involved with a number of major conferences in the field, including the Computers, Freedom and Privacy conference, the ACM Conference on Computer and Communications Security, the Annual Computer Security Applications conference, the USENIX Security Symposium, and the International Computer Security and Virus Conference. We also sponsor workshops in various technical areas, and coordinate the activities of International Computer Security Day (the first working day in December). Lastly, we publish a quarterly newsletter, SIGSAC Review, to keep professionals abreast of the latest developments in the field..

The ACM is a tax-exempt [US IRC 501(c)(3)] member organization dedicated to the development of information processing as a discipline, and to the responsible use of computers in an increasing diversity of applications. Its purposes are to advance of the sciences and arts of information processing, to promote the free interchange of information among specialists and the public, and to develop and maintain the integrity and competence of individuals in the field. ACM and its subunits sponsor conferences all over the world, and its publications range from informal newsletters to formal refereed journals. ACM has over 80,000 members internationally, with more than 600 chapters and student chapters. ACM has chartered over 30 Special Interest Groups (SIGs), specializing in specific computing disciplines; ACM/SIGSAC (Special Interest Group on Security Audit and Control) is one of them.

For infbrmation on how to join ACM a n d / o r ACM/SIGSAC, or to apply to become an institutional sponsor, complete the forms elsewhere in this document and return them to ACM. For more information on ACM/SIGSAC Computer Security Day, contact the ACM/SIGSAC Computer Security Day Committee, P. O. Box 39110, Washing- ton DC 20016, USA.