Assignment paper
Running head: RISK ASSESSMENT PAPER 1
RISK ASSESSMENT PAPER 19
Table of Contents
Preface……………………………………………………………………………………………..3
Asset Inventory & Mission Criticality…………………………………………………………….4
Enterprise Topology Evaluation…………..……………………….……………………...………6
Perimeter Protection Evaluation…...…………………...………….……………………………...7
Remote Access Infrastructure Evaluation…………………………………………………………8
Mobile Security & Design………………………………………………………………………...9
Wireless Vulnerabilities……………………………………………………………………..…...10
Authentication Protocols and Methodologies……………………………………………............11
Web System Protocols and Vulnerabilities………………………………………………………12
Cloud Computing Design………………………………………………………………………..13
Vulnerability Assessment……………………………..…………………………………………14
Quantitative and Qualitative Risk Assessment…………………………….…………………….15
Risk Mitigation Procedures………………………………………………………………………16
Executive Summary……………………………………………………………………….……..17
References…………………………………………………………………………………....19-20
Preface
This risk assessment is to aid GFI’s IT competency in network management and security function. The very core of GFIs corporate network is to allow and enhance the employee and user experience within the organization thus developing and producing services that will garner a larger income. This will aid in improving security in certain key areas without too much of a large increase to the IT budget which will allow to be efficient in nature. These points are to include the value of assets being protected and allowing for security control to mitigate risk, but not costing more than the equipment. Another are the vulnerabilities that may be across the network infrastructure. There are also some objectives put in place by the COO to better define what is needed in their organization. These are to first assess an inventory and mission critical priority level place on all assets. The next is to improving perimeter security by making a list of access points internally and externally and identifying vulnerabilities and make suggestion for to allow for a better network security and perimeter. Another is having methods to identify the source of intrusions within the network allowing for a better identification on weaker security practices. Also, it is having a plan to improve latency issues at ten of their geographically remote sites. Fifth, it is detailing a best practice for mobile computing due to an emerging need within the company. Securing additionally the corporate Wi-Fi better so that probing individuals with no requirement are not allowed in. Therefore, the assessment will also ensure there will be a a cloud computing security plan due to the soon to be cloud computing plan that will offer products and services online from the company via the new Cloud Computing technology. Lastly, the risk assessment is not just something that will assess what this corporation requires in terms of security features, but it will also cover what needs to be implemented in order to have a stable functioning system that allows the business to conduct operations at its best ability.
Asset Inventory & Mission Criticality
|
Device/System |
Monetary Value (quantitative) |
Priority Value (qualitative) |
|
Border Router 1 |
50,000 |
1 |
|
Border Router 2 |
50,000 |
2 |
|
Distribution Router 1 |
25,000 |
2 |
|
Distribution Router 2 |
25,000 |
1 |
|
Multilayer Switch 1 |
5,000 |
3 |
|
Multilayer Switch 2 |
5,000 |
3 |
|
Multilayer Switch 3 (TCB) |
5,000 |
2 |
|
VPN Gateway |
5,000 |
5 |
|
RAS |
5,000 |
5 |
|
PBX |
5,000 |
5 |
|
SUS Server |
5,000 |
3 |
|
Oracle DB Server |
5,000 |
3 |
|
Internal DNS |
5,000 |
3 |
|
Exchange E-mail |
5,000 |
3 |
|
File and Print Server |
5,000 |
3 |
|
Intranet Web Server |
5,000 |
3 |
|
Wireless Router |
10,000 |
4 |
|
Access Layer VLAN Switch 1 |
1,000 |
4 |
|
Access Layer VLAN Switch 2 |
1,000 |
4 |
|
Access Layer VLAN Switch 3 |
1,000 |
4 |
|
Access Layer VLAN Switch 4 |
1,000 |
4 |
|
Access Layer VLAN Switch 5 |
1,000 |
4 |
|
Access Layer VLAN Switch 6 |
1,000 |
4 |
The mission objective is to prioritize critical assets that affect the largest users and employees first. This can be seen when the highest values are assets that involved not just a few employees, but the organization as a whole. There are also redundant assets in place and those are always put at a priority value lower than the primary route. The next asset priorities are for services that only affect single departments, services, or buildings. This is why services such as VPN and dial-in are 5 and at the bottom. The servers are each 3 because if one is down operations are still on going. The next are access layer switches that are only serving specific departments. They are more important than wireless service and telecommuting employees, but do not cover as many employees thus not requiring a high priority value. This can be seen clearly throughout the priority values that they do not coincide with monetary value. It does relate in a way because the highest cost value assets are usually your largest user utilizing equipment, but at times this can vary depending on the technology that is being used and its importance to the company’s objectives. Another variable is how important that service maybe be that is provided by the specific network device as well. This can make the qualitative risk on the item quite large even if the quantitative might not be at the same price that is seen at face value. Lastly, the different risk factors can change at any time depending on implementation that occurs after this risk assessment is received and then conducted. Some devices could be moved around which would allow for others to have a larger or smaller risk thus creating a different qualitative risk. This also includes the quantitative risk that occurs when items depreciate in value as their technology becomes older and perhaps not as secure as newer ones might be (“Security Architecture and Design/Security Product Evaluation Methods and Criteria”, 2009).
Enterprise Topology Evaluation
The enterprise consists of at least 23 network infrastructure and data systems. These items are designed in a standard basic configuration with enough redundancy to allow for maintenance and outages to occur without operations being affected. There is a basic router redundancy with connections from the core router to both distribution routers. These then are connected to the multi access layer switches which then intern connect down to the lower access layers. They have multiple waypoints which is necessary in any business because it allows for less error to occur. The wireless router also work as an access layer switch, but changes the signal to a wireless medium allowing for more users to stay connected. It is connected to only three of the access layer switches that are connected to half of the departments within the corporation. It also has a single connection to the antenna. The two remote options that are VPN and dial-up RAS/PBX are connected through the distribution and core layers allowing for telecommuting employees to connect into the corporate network allowing for more versatility in operations. The VPN gateway is connected straight through to the core router and multi-layer access switch that services the Trusted Computing Base, or TCB, internal network. The RAS resides on the other side and is connected straight to one of the Distribution Routers. Another interesting note is that the TCB internal network is connected through a single connection to a multi access layer switch which is then connected through the core layer. This can cause issues because of how the TCP interfaces with too much of the network without properly segregate as it usually should be done. The different department area also connected solely to one access layer. This can help to identify what component is down depending on the department that calls in because the device is having an attack occurring or perhaps because regular maintenance is required based on the age of the device (“Security Architecture and Design/Security Product Evaluation Methods and Criteria”, 2009).
Perimeter Protection Evaluation
The perimeter protection evaluation will include the evaluation of the current perimeter topology, protection measures and mission objectives to address this. The perimeter topology is not as well designed as would be typically required. There are no firewalls or separation of internal, external, and DMZ zones. The core routers could provide firewall capabilities, but they would have to be configured as so and maintained to remain that way (Wack, 1995). There is also an issue of some of these remote capabilities that are used in the corporate network not going through the DMZ for authentication and connecting straight to the distribution layer or past the core layer. This will require a rethinking of the perimeter protection measures that will be needed to enhance the integrity of the network. The optimal way to go about this would be to set up a redesign on how the outside interfaces with the inside immediately. This would require constructing a DMZ for the corporate network that would house all the public servers and services required outside and inside the network. An example of this would be to place the VPN gateway, RAS, PBX, and some TCB servers inside a DMZ (Rouse, 2008). The DMZ would be connected to either both border routers with integrated firewalls or a firewall device that interfaces between the border router and public Internet. This would allow for a more efficient way of analyzing traffic going through the network at a bottleneck rather than having to examining the whole network due to everything being spread out. Another reason to consider this network implementation is that it segregates outside traffic from entering directly into the internal network where as in the current configuration anyone with access to the remote sites have possibly direct access into sensitive sectors of the network. The mission objective is to allow for segregation, but to continue operations within the company without latency being hampered due to the new implementation (O’Reilly, 2002).
Remote Access Infrastructure Evaluation
This evaluation will include the remote access protocols, security safeguards, and mission objectives. The remote access protocols that are currently being utilized are an old dial-up service for those who have access through the public telephone network and the VPN gateway that utilizes PPTP. These are somewhat old protocols and interfaces that users are using with their vulnerabilities and connectivity issues. Dial-up really has no way of protecting against certain attackers because it utilizes the oldest technology out of any remote access implementation. The same goes for PPTP because it uses the public Internet to gain access, but almost everything goes in clear text. It require an encryption protocol to cover its data and that only happens when it is utilized in conjunction with PPTP. The recommendation would be to scrap the dial-up service and go strictly to VPN gateway. This may require having telecommuter laptops being upgrade, but you completely reduce all high risks associated with PBX remote services. The VPN gateway should be upgrade to an L2TP with IPSEC service at the least to ensure encryption is being utilized between remote users and the internal network. This allows for sensitive company information to be handled in the correct security standard. This will also require having the VPN gateway and servers to be moved into the DMZ that was discussed in the previous evaluation. This mission objective ensures that information that is going over untrusted networks is completely unreadable to potential malicious attackers that may want to have access to this sensitive information. It should be the only object concerning this specific task because VPNs and other remote services are sometimes the most vulnerable or easiest way for most malicious users to breach into a trusted network. Once they have found the keys to the castle, they then lay waste to any of the material that they are perhaps either searching for or would like to destroy because they have no goals (ibVPN, 2012).
Mobile Security & Design
This evaluation will include the mobile security and design to include authentication and data protection as well as mission objectives. Mobile devices are an emerging market and resource within any company and that include GFI. Some devices have been already configured and utilized within the company, but there has been no standardization. This leaves holes open because proper security and maintenance cannot be done due to all the changes that occur from the vast variety of mobile devices that each employee owns. This requires an implementation that will create a standard to be pushed out throughout the whole organization. The company will need to survey the need for mobile devices and select a secure mobile device that is within means to be used. This means a single smart phone, tablet, and laptop model. It will ensure that a proper standard security and maintenance practice is feasible as well as allow for multiple user use that could potentially require less devices than are currently in use today. Authentication will be handled by an approved gatekeeper that can work with all approved devices. This will handle each and every mobile devices request to gain access and ensure that no spoofing will be possible. The data protection that will be included will be whatever the top encryption protocol is available for the mobile device such as SHA1 AES 256 (Cryptography, 2016).. These will allow for a secure connection to be established while blocking any attempts to possibly read sensitive data. The mission objective will be to implement this system as smoothly and quickly as possible. Survey will be conducted and quotes will be taken by leading vendors in mobile communications. A security team will then evaluate the plan and stamp it approved. If that is not the case, it could be disapproved and be sent back to the drawing board. After those processes, they will then implement and evaluate again to ensure a proper implementation and execution has been conducted in accordance to the risks determined by the assessment (“Security Architecture and Design/Computer Systems Architecture”, 2013).
Wireless Vulnerabilities
This evaluation will include wireless vulnerabilities and what is recommended for safeguards, authentication technologies, and network security. There will be mission objectives to these specific points in order to protect that data. The easiest ones I can think of are having an open wireless network or using an encryption that is easily bypassed like WEP. These are some of the items that are less thought about when implementing a wireless solution into a corporate network, but can have the largest consequences if done incorrectly. Some safeguards will be to password protect it with WPA2 encryption since it is the highest rated and to have a server that authenticates devices allowed onto the wireless network. Some of these authentication technologies can be MAC or certificate based. This will allow only authorized devices that have been added into the system to properly access the system and unauthorized devices to be either rejected or put into a public access area. Some other network security features that could help would be to not have the signal broadcast past a certain extent of the CFI corporate buildings and to not broadcast the name of the SSID, or Wi-Fi name. This helps with deterring would be attackers from finding or messing with malicious users that WAR drive around cities looking at ways to break into different wireless networks. The mission objective is to successful encrypt information from users and employees into the wireless network with WPA2, develop an authentication server like RADIUS to properly authorize users into the network, and develop best wireless security practices so that availability for malicious intent is denied as much as possible. The proper use of these two go hand in hand and allow for a near impossible way into the wireless network unless another entry point such as social engineering is found. A last point to be made is that devices can utilize passwords to maintain authentication through the wireless access points, but a server that houses certificates or another means is always more efficient in dealing with vetting users (Singhal, 2002).
Authentication Protocols and Methodologies
This evaluation will include authentication protocols and methodologies used within the wired, wireless, mobile, and remote access areas of the network. It will also include improvements to secure these authentications for the company. Authentication protocols and methodologies are extremely important within a network because it adds another layer of security when someone has gained access into your corporate network. This access may have been gained rightfully or wrongfully and thus must be validated. This is when you must look into the most effective and efficient protocols. Some of them are RADIUS and TACACS+. RADIUS can be used for most devices because it is non-proprietary in conjunction with a database server of certificates or physical addresses. TACACS+ can be used for network devices requiring authentication so that rogue devices cannot be connected by employees or users. This methodology can be used with any physical medium. The only factor that would bring the various protocols into play would be based on what devices are the standard around the organization. If they are of one particular brand, it can then be assumed that perhaps a particular proprietary might be more useful than perhaps for a non-proprietary that is for a diverse group. Some improvements to this could be perhaps a dedicated server to house all the authentication processes within the corporate network. Another could be instead of having everything physically address based, but having a certificate authority aids in prevent spoofing from occurring by having only one certificate issued for each device or member. Another way to secure these authentication processes is to have the highest available encryption utilized to protect the process of authentication that occurs between devices or users and the authentication authority. This helps with malicious users that might be able to receive the data that has been distributed by jumbling the text so that any chances would be thwarted (Cryptanalysis, 2016).
Web System Protocols and Vulnerabilities
This evaluation will include the web system protocol and vulnerabilities that can impact an intranet server. It will include suggestion on secure protocol improvements to better security for the web authentication application. Some web system protocols that are used very often are SSL and TLS. These utilize the web protocol HTTP with a secure encryption connection using the TCP protocol. This is often abbreviated to HTTPS and can be seen in your URL bar when typing out your more common websites today. It shows if you are connected to a secure website, but recently can even be spoofed to deceive users from thinking that the sensitive data that they are transmitting it going to the power destination. Some vulnerabilities have occurred with these protocols, but since it is a publicly shared one they are often updated regularly allowing for less bugs and vulnerabilities to occur. This is where it becomes important for intranet servers to regular update their system with the most up to date software on hosted sites. Once a vulnerability has been discovered, malicious users play trial and error on any system they can contact because of the window that is available. They know that if they do not act quickly that most admins will have updated their systems to prevent the bugs being utilized. Some ways to improve on these security protocol is to ensure that updates are being done daily or instantaneously depending on the situation. This can help to assure sensitive data does not become available thus granting access to those who may bring harm to the network. Another point is to have a better authentication application utilized for the web service that might add another lay of defense to the web system. This continues to enhance how web applications interact with customers and employees and further solidifies potential sensitive information from being leaked through weak web applications (“Security Architecture and Design/Systems Security Architecture”, 2009).
Cloud Computing Design
This evaluation will include the cloud computing environment design for the GFI Company. This is to include the secure means of data protection no matter where the origin is located and at what step in the process. The cloud computing design should have an effective encryption and authentication process between the cloud and user that requests the data. This is an important step in outsourcing work and saving costs for the company as well as providing a redundancy plan that would allow operations to continue if a natural disaster were to occur where the corporate buildings are located. Some of the security suggestions for this could be to have confidential information pass only through the highest encryption between the corporate network and cloud service provider. Another is the authentication services that would be interacting between the two could also be based off of RADIUS or Diameter depending on the ability for the devices to use the protocols. This would be easier though since the protocols are non-proprietary and would allow for a larger acceptability in terms of cloud service providers. The mission objective for this is to allow the plan for a cloud computing design to be implemented properly within the corporation network. This is not to say that it is a bad idea, but that there should be proper security standards in place to ensure that a successful and secure application system is developed and stood up. It is extremely easy to see the cost benefits in putting in place cloud computing, but if these are done without basic encryption and authentication configure it could spell disaster by leaving a hole wide open for malicious intent to intrude into the corporate network. This would leave the company in a tricky situation as potential rivals could possibly find leaked information if sensitive data was released after the implementation occurred (Gsoedl, 2009).
Vulnerability Assessment
The vulnerability assessment will be used to assess each asset in the environment and the impact if any were to be compromised. Based on the network and the use of all the various protocols and security practices, I would base that the GFI corporate network has a vulnerable network. It has some features that do allow it to be secure to some degree, but for the most part there are a lot of openings in some areas. One of concern is the remote access infrastructure because of its ability to go into the internal network without much credentials. This could be easily spoofed by any individual if he were to have the appropriate tools or had stolen a corporate employees’ devices. Another one that seems to be not as secure even by basic security practices are the wireless network utilized by the company. There is little to no security and the signal is set beyond the reach that is required allowing for multiple intrusion attacks to occur leaving the network vulnerable and weak to hostile forces. The mission objectives for this vulnerability assessment is to pinpoint the several large issues within the corporate network that must be addressed in order to more effectively and efficiently execute its mission in supporting the corporation’s needs. Currently these are being met, but at a high risk of either industrial espionage or perhaps daily attacks that are currently being noticed throughout the organization. The best way at dealing with the vulnerabilities assessed is to validate all the possible current issue that are pointed out and then correct them to the document best security practices. Once this is finally accomplished, a team can then monitor the network to verify if the unknown activity has ceased or at least been degraded significantly. Ultimately, this will validate the vulnerability assessment and allow for better assessment to continue to occur in the near future allowing for consistent improvements in the organization cybersecurity awareness (“Fundamentals of Information Systems Security/Access Control Systems”, 2016).
Quantitative and Qualitative Risk Assessment
This assessment is to determine a quantitative and qualitative risk analysis on the GFI network. It will be determined by the combination of monetary and priority that was given previously when evaluation the network. The quantitative risk on the corporate network devices is intricate to the market price on them. This coincides with how your vendors are selling the prices and the depreciation of those devices according to availability and demand. Next is the qualitative risk and that is based on the priority to keep those devices up and running no matter what the cost may be. A mix of price comparison on warranty/repair costs over the quantitative cost is what must be determined to find an essential solution on the potential risk of a network device either breaking or becoming corrupt. This is why quantitative and qualitative risk are so closely associated. They determine if the corporation are to take a fix action on the device or perhaps a full replacement is possible due to have other redundant systems picking up the slack for the issue at hand. The risk assessment based off of this are that each router has a backup and is thus less of an issue from breaking. Another point is that this assessment has a new segregation of duties and redundancy recommendations which would allow for devices to have an even better qualitative priority value than should be. It is important to point that with the proper redundancy points are applied then there are easier qualitative risks to apply because you allow the corporate network to have room for failure. This might seem like a bad thing, but it allows for maintenance as well. It is because if one router or server is down those services can be provided by another function device. As you always see within a risk assessment, the ultimate goal is to ensure that operations continue for the organization as a whole. If this means that some areas who have been affected by an outage must wait, then each department must understand it’s importance within the hierarchy. This is so that when events like natural disasters or cyber-attacks occur they understand the timeline at which they will be able to continue operations and perhaps have a plan to continue while offline (Nguyen, 2010).
Risk Mitigation Procedures
This evaluation will recommend some risk mitigation procedures that should go hand in hand with the asset value from the inventory previously mentioned. This will include an array of technologies that will harden the authentication and network security processes. Some risk mitigation procedures that are plausible are to have specific security practices enabled across the network that can stop weak points from allowing breaches. Some procedures are to reassemble the various encryption and authentication protocols. These are adding encryption to the wireless implementation, remote services, and TCB internal network services. Some of the protocols would be WPA2 for the wireless services, L2TP with IPsec for the remote services, and SSH/TLS for the TCB internal network services. These are industry standards that would help integrate the company into a better standing in regards to security. On top of this, we need to think of how to better authenticate users that have been able to access the internal network whether from externally or internally. This can be through various protocols as we have discussed. Primarily RADIUS and Diameter have been at the forefront of this thought, but other company proprietary protocols such as TACACS+ can be easily used to integrate authentication throughout the network. It effectively enables operations to continue and keep unwanted access from possibly disrupting any functions within the internal network. Finally, the combined force of encryption and authentication must be studied well to prove that it is properly executing the function that it was intended for. It will better help the security specialists understand the current cyber threats that are affecting the corporate network as well as allow for effective and current protocols into the inner and outer perimeter of the network (“Fundamentals of Information Systems Security/Information Security and Risk Management”, 2016).
Executive Summary
This executive summary will encompass everything covered previously. It will allow for a concise overview of what GFI’s company should do to allow for the most efficient, effective and secure network. The purpose of this risk assessment was to deliver the knowledge of security best practices to the GFI IT corporation. This allowed for them to gain a better competency in these various categories that are currently being applied and some that are in the planning stages of the organization. In summary, the corporation should ensure that there are three separate parts to their network that allow for a proper segregation of internal, external, and DMZ networks. Authentication and encryption standards must be increased to be to a sufficient level that will allow for easier deterrence than what is currently happening. More connections must be made to allow for better redundancy between all of the various network devices being utilized within the internal network. The wireless network must be revamped so that the signal is only discoverable within the bounds of the organization as well as closing it off from the public through authentication and some configurations. As well as having the remote services be moved to an only VPN solution that includes the most current encryption and authentication methods available. Lastly, the TCB network must be place within the DMZ and have proper protection and authentication measures put in place so that the internal network is protected from possible attacks that could occur within that new zone. This concludes the executive summary and describes to the bet knowledge as to what GFI’s goals should be when considering the threats that are posed in today’s current atmosphere.
References
Cryptanalysis. (2016, May 5). Retrieved January 29, 2017, from https://www.owasp.org/index.php/Cryptanalysis
Cryptography/Introduction. (2016, February 2). Retrieved January 29, 2017, from https://en.wikibooks.org/wiki/Cryptography/Introduction
Fundamentals of Information Systems Security/Access Control Systems. (2016, December 7). Retrieved February 12, 2017, from https://en.wikibooks.org/wiki/Fundamentals_of_Information_Systems_Security/Access_Control_Systems#Authentication_Factors
Fundamentals of Information Systems Security/Information Security and Risk Management. (2016, October 4). Retrieved January 15, 2017, from https://en.wikibooks.org/wiki/Fundamentals_of_Information_Systems_Security/Information_Security_and_Risk_Management#A_Quantitative_Approach_to_Risk_Analysis
Gsoedl, J. (2009, October 19). Disaster recovery site options: Hot, warm and cold sites. Retrieved February 19, 2017, from http://searchdisasterrecovery.techtarget.com/news/1370733/Disaster-recovery-site-options-Hot-warm-and-cold-sites
ibVPN. (2012). Types of VPN Protocols. Retrieved February 5, 2017, from https://www.ibvpn.com/2010/02/types-of-vpn-protocols/
Nguyen, H. (2010, September 23). Redundant Facility Facts - PCcare. Retrieved February 19, 2017, from https://sites.google.com/a/pccare.vn/it/security-pages/redundant-facility-facts
O'Reilly. (2002). Screened Host Architectures (Building Internet Firewalls, 2nd Edition). Retrieved February 05, 2017, from http://docstore.mik.ua/orelly/networking_2ndEd/fire/ch06_02.htm
Rouse, M. (2008, February). What is screened subnet (triple-homed firewall)? - Definition from WhatIs.com. Retrieved February 05, 2017, from http://searchsecurity.techtarget.com/definition/screened-subnet
Security Architecture and Design/Computer Systems Architecture. (2013, November 22). Retrieved January 23, 2017, from https://en.wikibooks.org/wiki/Security_Architecture_and_Design/Computer_Systems_Architecture
Security Architecture and Design/Security Product Evaluation Methods and Criteria. (2009, December 26). Retrieved January 23, 2017, from https://en.wikibooks.org/wiki/Security_Architecture_and_Design/Security_Product_Evaluation_Methods_and_Criteria
Security Architecture and Design/Systems Security Architecture. (2009, December 26). Retrieved January 23, 2017, from https://en.wikibooks.org/wiki/Security_Architecture_and_Design/Systems_Security_Architecture
Singhal, S. (2002, July 15). Top 10 Vulnerabilities in Today's Wi-Fi Networks. Retrieved February 28, 2017, from http://www.computerworld.com/article/2577244/security0/top-10-vulnerabilities-in-today-s-wi-fi-networks.html
Wack, J. (1995). Dual-homed Gateway Firewall. Retrieved February 05, 2017, from http://ftp.uni-mainz.de/pub/software/CERT/nist/nistpubs/800-10/node56.html