Previous Table of Contents Next


Frequently, damage to programs or data is detected only by chance, e.g., when a previously stable process does not complete successfully or when users discover that some information produced by the system is incorrect or inconsistent. In such cases, it is necessary to determine quickly whether the aberration is due to error, misinterpretation, or damage.

For the physical protection of facilities, a range of detection devices is available for smoke, fire, flooding, and other physical threats. Such devices, however, only signal the presence of an active, readily detectable, damaging agent. In general, they do not detect preliminary damage that might lead to fires or flooding (e.g., the slow deterioration of materials or structural decay). Such damage can be detected early only through a program of regular inspections and tests by experts.

RECOVERY

Should the worst happen and damage occur, a data center’s ability to recover is of critical importance.

Recovering from Unauthorized Access

If the access security controls are damaged during an attempted breach — whether or not the attempt succeeds — it is vital to reinstitute security control quickly. For example, if a door lock is destroyed during a break-in, it must be quickly replaced to eliminate the vulnerability resulting from an unlockable door. At the very least, the previous access controls should be restored. If the break-in indicates deficiencies in the previous mechanisms, however, they should be modified, as described in the section on correcting access control deficiencies.

Recovery from Misuse and Damage

A recovery process should bring the misused or damaged system back to its condition before the event that caused the damage. If the misuse or damage continues, measures must be instituted immediately to halt the abuse, even if they are only interim measures. A contingency plan should be written, tested, and periodically reviewed before any damaging event ever takes place so that the organization is fully equipped to enact effective recovery procedures.

CORRECTION

There are several issues concerning corrections measures.

Correcting Access Control Deficiencies

If unauthorized access occurs, the controls in place are either inadequate or inadequately enforced. In such cases, changes must be made to the access controls or procedures to ensure that the same type of unauthorized access can be prevented in the future.

To some extent this is “closing the barnyard door after the horse has fled.” However, it may also be construed as recognition of the fact that the competition between security methods and those motivated to break them is ongoing. No sooner is a more sophisticated security method created than someone is working on a method to break it. This results in a continuous escalation of security measures. Often an organization does not realize that its security measures have been outwitted until an actual break-in occurs.

RECOMMENDED COURSE OF ACTION

Among the options available to data center and network managers, preventive security measures are the most effective. They may prevent access by unauthorized users or prevent authorized users from causing damage through negligence. An effective overall security program should include controls and procedures for handling all phases of a potential security breach.

When initiating a security program for a particular system or network, data center and network managers should define the system security according to the estimated value of resources to be protected, the most vulnerable routes for access or damage to resources, and the feasibility of protecting those routes without severely compromising the primary functions of the system. This chapter defines all possible areas in which security can be implemented to prevent damage. The guidelines defined here should be modified and implemented according to the requirements of a particular system.


Previous Table of Contents Next

Copyright © CRC Press LLC