Previous | Table of Contents | Next |
Avoidance is a strategy that prevents unauthorized access, misuse, and damage. The strengths and weaknesses of avoidance methods are discussed in the following sections.
Exhibit 1. Security Functions by Type of Breach | ||
---|---|---|
Security Function | Avoidance | Deterrence |
Unauthorized Access | Screen employees before hiring and assignment to computer and network functions. | Install highly visible access controls (e.g., guards and cameras). |
Locate computer and network facilities in remote or nondescript buildings. | Implement search procedures for mail, especially packages. | |
Do not advertise locations or means of access to computer and network facilities. | Implement well-monitored sign-in and sign-out procedures for facilities. | |
Limit the number of systems accessible to users. | Take strong action in the event of attempted unauthorized access. | |
Do not disclose known weaknesses in access control. | ||
Misuse | Restrict availability or data, programs, and documentation. | Install very apparent measures for monitoring use of systems and networks (e.g., security software to report each use by person and type of use). |
Limit the number of copies of data programs, and documentation. | Question even small deviations from expected use patterns. | |
Limit the number of staff members with access to systems, networks and facilities. | Take strong, well-publicized action for even minor infringements. | |
Limit physical access to essential areas only. Limit knowledge on a need-to-know basis. | ||
Limit use of systems to essential use only. | ||
Reduce overlap of applications. | ||
Damage | Disperse computer and network facilities, both long-range and short-range, so that damage to one component cannot affect others. | Use the same measures as for misuse with even stronger actions and sanctions for attempted or successful destructive activities, be they willful or negligent. |
Design software architecture and network topology with independent modules so that damage to one does not affect others. | Accidental damage with no evidence of negligence should be dealt with sternly. | |
Minimize procedural linkages to reduce the domino effect. | ||
Expand knowledge of critical systems and networks beyond one individual. | ||
The top row of Exhibit 1 illustrates how abusive access to a system or facility can be avoided by keeping potential abusers and target systems as far apart as possible. An organization should be particularly careful in its screening of individuals, such as those under consideration for employment, who might be given access to the system. Potential employees should be subject to intensive background investigations to ensure that all statements with regard to previous experience and education are accurate and complete. Several specialized firms perform independent checks and can verify statements regarding education, employment history, and criminal records. Character references should be obtained and verified. Personal impressions are valuable also; it is advisable to have several staff members meet with job candidates to obtain their impressions.
In addition, the screening process should extend to all nonemployees who are granted access (e.g., consultants, vendor staff, service personnel and, increasingly, customers), though not to the same degree as potential employees.
In cases of personnel working for other firms, it is more reasonable to perform a check on the organization providing the service staff and to ensure, through contractual language, that the service organization takes full responsibility for its own staff. Checks on a service organization should include an investigation of that companys employee screening procedures and a review of references from companies with which the service organization has recently conducted business. It is also important to ensure that suitable confidentiality and vendor liability clauses are included in consulting and service agreements.
Previous | Table of Contents | Next |