01_ListOfTableControls

Team Project

Firewall Management Intrusion Detection, Intrusion Prevention and Security Information Management

Katherine Jackowski Elizabeth Kearney-Lang Daureen Lingley-Chor

**__ Control Identification Form __**
** Control Objective: **
 * To ensure updated security techniques (i.e. firewall, intrusion detection) are in place and functioning as intended to protect the Information System. ||

** Category ** || ** Type of ** ** Control ** || ** Control Benefit ** || ** Adverse Impact ** ** Of Control Not ** ** In Place/Effect ** || Primary Preventative Detective || To prevent the consequences of undetected intrusions. || Intrusion i.e. malware or spyware – loss of confidentiality and integrity. Compromised Information System. Disclosure of proprietary information. || Secondary Preventative || Preservation of the IPDS components. || Useless IPDS System. || Secondary Preventative || Limited access to authorized users only in order to safeguard assets. || Unauthorized access and disable the IPDS system. || Primary Preventative || Most up-to-date intrusion detection available to fight newly recognized intrusions. || Vulnerable to new intrusion techniques. || Secondary Preventative || Preservation of the IPDS components. || ﻿Useless IPDS System. || Secondary Preventative || Protection from unauthorized changes || Manipulation of communication log. || Primary Detective || Keep a log of intrusions to determine patterns || Altered or missing log file; no history available. || Secondary <span style="font-family: 'Times New Roman',Times,serif;">Preventative || <span style="font-family: 'Times New Roman',Times,serif;">To keep a record for future reference || <span style="font-family: 'Times New Roman',Times,serif;">Altered or missing log file; no history available. || <span style="font-family: 'Times New Roman',Times,serif;">Primary <span style="font-family: 'Times New Roman',Times,serif;">Detective || <span style="font-family: 'Times New Roman',Times,serif;">To confirm the system is functioning as it should || <span style="font-family: 'Times New Roman',Times,serif;">Do not know if the current system is functioning as it should. || <span style="font-family: 'Times New Roman',Times,serif;">Primary <span style="font-family: 'Times New Roman',Times,serif;">Detective || <span style="font-family: 'Times New Roman',Times,serif;">To confirm the system is functioning as it should || <span style="font-family: 'Times New Roman',Times,serif;">Do not know if the current system is functioning as it should || <span style="font-family: 'Times New Roman',Times,serif;">Primary <span style="font-family: 'Times New Roman',Times,serif;">Preventative || <span style="font-family: 'Times New Roman',Times,serif;">To complement the IPDS System; filter network traffic || <span style="font-family: 'Times New Roman',Times,serif;">Unauthorized access to Information System. || <span style="font-family: 'Times New Roman',Times,serif;">Primary <span style="font-family: 'Times New Roman',Times,serif;">Detective || <span style="font-family: 'Times New Roman',Times,serif;">To complement the IPDS System; detect many threats the IPDS cannot || <span style="font-family: 'Times New Roman',Times,serif;">Infected with malware i.e. virus, worms, Trojan horse, malicious mobile code, blended threats, keystroke loggers, backdoors || <span style="font-family: 'Times New Roman',Times,serif;">Primary <span style="font-family: 'Times New Roman',Times,serif;">Detective || <span style="font-family: 'Times New Roman',Times,serif;">To complement the IPDS System || <span style="font-family: 'Times New Roman',Times,serif;">Infection with malware and non-malware forms of spyware ||
 * ** Control ** || ** Control **
 * Install IPDS System (Intrusion Prevention and Detection System) || Mechanism || General
 * Restrict network access to IPDS components || Mechanism || General
 * Create unique passwords for IPDS users and administrator || Mechanism || General
 * Update Intrusion Detection System (IPDS) when new threat is detected and quarterly || Mechanism || General
 * Limit direct access to IPDS components || Mechanism || General
 * Protect IPDS management communication through physical or logical separation or encryption || Mechanism || General
 * <span style="font-family: 'Times New Roman',Times,serif;">Log System to record log-ins and intrusions || <span style="font-family: 'Times New Roman',Times,serif;">Mechanism || <span style="font-family: 'Times New Roman',Times,serif;">Application
 * <span style="font-family: 'Times New Roman',Times,serif;">Maintain log files in secure location || <span style="font-family: 'Times New Roman',Times,serif;">Policy || <span style="font-family: 'Times New Roman',Times,serif;">General
 * <span style="font-family: 'Times New Roman',Times,serif;">Perform vulnerability assessments/tests quarterly || <span style="font-family: 'Times New Roman',Times,serif;">Mechanism || <span style="font-family: 'Times New Roman',Times,serif;">General
 * <span style="font-family: 'Times New Roman',Times,serif;">Conduct penetration tests bi-annually || <span style="font-family: 'Times New Roman',Times,serif;">Mechanism || <span style="font-family: 'Times New Roman',Times,serif;">General
 * <span style="font-family: 'Times New Roman',Times,serif;">Install network firewall || <span style="font-family: 'Times New Roman',Times,serif;">Mechanism || <span style="font-family: 'Times New Roman',Times,serif;">General
 * <span style="font-family: 'Times New Roman',Times,serif;">Install Antivirus Software || <span style="font-family: 'Times New Roman',Times,serif;">Mechanism || <span style="font-family: 'Times New Roman',Times,serif;">General
 * <span style="font-family: 'Times New Roman',Times,serif;">Install Spyware || <span style="font-family: 'Times New Roman',Times,serif;">Mechanism || <span style="font-family: 'Times New Roman',Times,serif;">General

**__ Control Identification Form __**
** Control Objective: **
 * To control access to the Information Systems to prevent unauthorized use and restrict authorized use which, if not properly controlled, could compromise the Information System and the data stored within the system. ||

** Category ** || ** Type of ** ** Control ** || ** Control Benefit ** || ** Adverse Impact ** ** Of Control Not ** ** In Place/Effect ** || Secondary Preventative || To communicate the Policies authorized by Management. || Information System compromise due to lack of awareness of Security Policy. || Secondary Preventative || Controls access to the system and fosters system security. || Unauthorized access to information which could affect the security of information. || Secondary Preventative || Frequent password changes limit the likelihood of unauthorized access. || Possible password theft and unauthorized access to the system. || Procedure || General Secondary Preventative || Controls, limits and restricts outside access to the system ensuring system integrity. || System could be compromised due to no controls as to how the system could be accessed by outside parties (example: guest password would ensure employees do not share their passwords with guest users) || Procedure || General Secondary Preventative || Ensures only active employees have access to the system, limiting the possibility of retaliation or sabotage of system. || Disgruntled employees may access the system and compromise the data and security of the system or obtain proprietary information. || Secondary Preventative || Ensures employee knowledge of and responsibility to properly safeguard the system. || System could be vulnerable to unauthorized access due to password sharing or weak password selection || Primary Preventative Detective || Prevent unauthorized access || Unauthorized access gained || Secondary Preventative || Limit access based on job descriptions and appropriate access || Too many people with unlimited access, which can lead to unauthorized access and affect the reliability of the data. || Secondary Preventative || <span style="font-family: 'Times New Roman',Times,serif;">Prevent unauthorized access when a system is left idle for a period of time || <span style="font-family: 'Times New Roman',Times,serif;"> Gain unauthorized access. ||
 * ** Control ** || ** Control **
 * Security Policy || Policy || General
 * Unique user ID and password for each individual network user (long in length - mix of letters, numbers, & symbols) || Mechanism || General
 * Automated enforcement to changing passwords || Mechanism || General
 * Policy & Procedures regarding Third Party Access || Policy
 * Policy & Procedure to deactivate access prior to employee termination || Policy
 * Written Policy re: proper use of Information System with required Signature of employee || Legal || General
 * Implement and annually evaluate physical security (i.e. locks, alarms systems, etc.) || Mechanism || General
 * Properly segregate duties regarding the Information System to limit access || Organizational || General
 * Inactive sessions shut-down after a defined period of inactivity || Mechanism || General