Half a million members creating, sharing and exploring great visual content. Join us!

Header

Transcript

The 8 Levels of IT Security in The Data Center

8 Levels of IT Security
in the Data Center

In a world of viruses, malware. hackers.. and other scary things that can compromise the top-secretness of top-secret data, security and privacy are big deals. None of the many and diverse methods of security can ensure data protection 100%, but layering these organizational tactics.
technologies, and processes can help close all of the gaps. A look at a data center provides us with the 8 levels of IT security which work together to form a tight-knit and (hopefully) impenetrable web of safeness.

1 - RISK MANAGEMENT FRAMEWORK

2 - A SECURITY POLICY is
a written document stating
how a company plans to
protect its physical and
information technology (IT)
assets. A security policy is
often considered a “living
document", meaning that
the document is never
finished but Is
continuously updated as
technology and employee
requirements change.

A COMPANY'S SECURITY
POLICY MAY INCLUDE:

>An acceptable use
policy ( policy that a
user must agree to
follow in order to be
provided with access
to a network)

> an explanation
of how security
measurements
will be carried
out and enforced

> . a procedure for
evaluating the
effectiveness of the
security policy to
ensure that necessary
corrections will be made.


3 - LOGGING MONITORING.
AND REPORTING


LOGGING

LOGGING

>Establishing and documenting
performance metrics

>Management
regularly monitors
performance results

LOGGING


4 - VIRTUAL
PERIMETERS

>As the systems grew and
became more powerful,
authentication was reintroduced
Into the personal computers as
the PCs themselves could be
remotely accessed.

>This development is
used by companies
and employees alike to
promote home working
environments and
past-office-hours work
via connections into
the corporate
network.

5
ENVIRONMENTAL
AND PHYSICAL
INFORMATION

> Processing resources like mainframes
and minicomputers must be housed In a
secure area that reasonably protects the
devices from unauthorized physical access,
fire, flooding, explosions, and other forms
of natural or man-made disaster.


6 - PLATFORM SECURITY

> A security mechanism sometimes
referred to as “hardening”, model used to
protect an entre platform and secures the
entire span of software or devices on that
platform, removing as many security risks
as possible and providing an increased
level of integrity to the need to
Incorporate Individual or multiple security
measures for application different
programs on the system.


7 - INFORMATION
ASSURANCE (IA) OR
DATA ASSURANCE

>Managing risks related to the use,
processing, storage and transmission of
information or data.

8 - IDENTITY AND
ACCESS PRIVILEGE
MANAGEMENT

>Authentication

> This principle requires that each subject
in a system be uniquely identified and
granted the most restrictive set of
privileges (or lowest clearance) needed
for the performance of authorized tasks.
The application of this principle limits the
damage that can result from accident,
error, or unauthorized use.

Systems may securely
identity their users.
Authentication systems
provide answers to the
questions:

>Who is the user?

>Is the user really
who he/she represents
himself to be?

. An authentication
system may be as
simple (and insecure) as
a plain-text password
challenging system

. or some physical property of
the individual like a fingerprint

. or derived data
like a smartcard

. In all cases, however,
Authentication systems depend on
some unique bit of information
known or available only to the
individual being authenticated and
the authentication system -- a
shared secret.

>Authorization

. the mechanism by which a
system determines what level of
access a particular authenticated
user should have to secured
resources controlled by the
system. A database management
system might be designed so as to
provide certain specified
Individuals with the ability to
retrieve information from a
database but not the ability to
change data stored in the database,
while giving other individuals the
ability to change data.
Authorization systems provide
answers to the questions:



Is user X
authorized to
access resource R?

Is user X authorized
to perform
operation P?

Is user X authorized
to perform
operation P on
resource R?


. Authorization systems depend on
secure authentication systems to
ensure that users are who they
claim to be and thus prevent
unauthorized users from gaining
access to secured resources.

Wikibon

The 8 Levels of IT Security in The Data Center

shared by kevin on Mar 21, 2011 in Technology

The 8 Levels of IT Security in The Data Center

shared by kevin on Mar 21, 2011 in Technology

4K views

4 faves

0 comments

Describes the best ways to layer security measures in order to have the most effective barrier between your data and the scary world of viruses, malware, and hackers.
Source: Unknown. Add a source
Rank: 200 of 7877 in Technology

Published by

Designed By

infographicworld

Embed Code

Switch to Wordpress Code
Click below to copy
Customize size

Tell your story visually before December 31st and get a free iPad Air!*

The holidays are a great time to tell your brand story. From Black Friday trends and Mobile Shopping guides to the Best and Worst Times to Book Travel and Thanksgiving etiquette, the Visually team will help you craft your brand's unique stories and raise your social profile during the noisy holiday season.


*Requires $10k minimum purchase
s